Auth Button
To preview an auth button in your application, click
to open the context menu and choose Auth button.
In the opened window, copy HTML, CSS, and JavaScript code blocks and use them to embed a button into your website.
Copy the Authorize link and assign it to the authorization button. This link contains the following parameters:
The type of the server response after authenticating the user and redirecting them to redirect_uri. Currently, the code value is supported.
Example: code
The ID of the client that will be used for authorization.
Example: 695d37b7-18aa-4033-91b4-09690178e99a
The URL where the user will be redirected after successful or unsuccessful authentication.
All the possibilities of the current application to work with the DocSpace portal.
To get the required value, use the following code:
const scopesString = client.scopes.join(" ")
const encodingScopes = encodeURI(scopesString || "")
Example: files:write%20accounts:write%20files:read%20openid%20rooms:read%20accounts.self:read%20accounts:read%20accounts.self:write%20rooms:write
The random string to solve the CSRF vulnerability problem. This parameter with the code value will be added to redirect_uri. This parameter is optional, but we recommend to specify it for security purposes.
Example: OENBaHXhZStQ9eDVIq1NlHu6luruKqJtCp6RhgOFXAeAp4YWoUHtOkGYCPtW7l8T-qtZaoUnmvtHZuJbb3d-wgYtHOKhd-nqisoeiO91u-Z9fsnhtiO318JmihPflIpV
The method to encode the code verifier. Two parameters are supported: plain and S256 (preferred). This parameter is used only when the authentication method is not specified (none) and the public client (PKCE) is allowed.
Example: S256
The encoded code verifier. To get it, use the crypto-js npm package and the following code:
// Total of 44 characters (1 Bytes = 2 char) (standard states that: 43 chars <= //verifier <= 128 chars)
const NUM_OF_BYTES = 36
const codeVerifier = crypto.lib.WordArray.random(NUM_OF_BYTES).toString()
const codeVerifierHash = sha256(randomVerifier).toString(crypto.enc.Base64)
This parameter is used only when the authentication method is not specified (none) and the public client (PKCE) is allowed.
Example: kNDpYrWzia4n6BoUewMVbnb5kQRIFgVdiaKwNGZ-_Wc
Please note that the code verifier will be generated anew each time the preview dialog is reopened.
You can click the example button to go through the entire authorization flow.