Authentication

This page describes how to authenticate a user session.

Users authenticate your service to access their data. That is the usual flow of things. When a user grants a service access to their data, a token is generated. This token represents the bond between the user and the service and can only be changed by the user. You can get this service-user token via a simple SSO request. Open Cider offers a way to complete the authentication in classic SSO pattern. The request redirects the user to our SSO service which provides a token on successful user authentication. This token is returned in a JSON object with field token. Here is a JavaScript example: Note: it is important to confirm the origin of the events to prevent a bad actor from intercepting the process. This implementation is relatively easy and straightforward.

const service_key = "cidsvc:sampleservicekey...";
window.open("https://app.opencider.com/sso/" + service_key, "popup", "width=440,height=800,scrollbars=yes");
window.addEventListener("message", function (event) {
  if (event.origin == "https://app.opencider.com") {
    const token = event.data.token;
    //write logic here...
  }
});

OTP Authentication

You can also complete the authentication process using OTP if you are unable to use the SSO flow. Here' you

We typically recommend using SSO authentication where applicable as that means you don't have to worry about the authentication process entirely.

OTP Request

You can initialize a request for an OTP code for a registered user by calling the following function. Once this function is called, Open Cider will send an OTP (valid for 2 minutes only) to the registered user and you will be required to include it in the next step.

fetch('https://api.opencider.com/user/auth/request', {
  method: 'POST',
  headers: {'Content-Type': 'application/json'},
  body: JSON.stringify({
    'serviceKey': 'cidsvc:sample-service-user-token',
    'emailAddress': 'johndoe@email.com'
  })
});

OTP Validation

Here, you will send the following request to validate your initial request. If successful, you will receive a service user token as described in the beginning of the authentication section. This token will be useful to access all the backend features available.

fetch('https://api.opencider.com/user/auth/validate', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({
    'serviceKey': 'cidsvc:sample-service-user-token',
    'emailAddress': 'johndoe@email.com',
    'otp': '00000'
  })
});