Hosted App: OAuth

In order to gain access to your App, you need to ask your users to approve it.

There is a sample project on Github that demonstrates the sequence of events.
https://github.com/obniz/obniz-webapp-example-oauth

Approval flow

  1. Have the user open the authorization URL Ask the user to open the following authorization URL.
    https://obniz.com/login/oauth/authorize?webapp\_id=wa\_NDI=&redirect\_uri=install webapp_id: Your App id
    redirect_uri: URL to redirect upon approval completion If the redirect_uri is set to 'install', the user will be redirected to the screen to install your App after approval.
  2. Getting a Token from code
    If you set the URL of your service in the redirect_uri, you will receive a request with a query called code. You can get the OAuthToken for this user by using this code.Send a POST request to the following URL. https://obniz.com/login/oauth/token?code=${code} The token included in the response is this user's token.

Using the API

The API can be used by using the OAuthToken obtained. Please refer to the obniz cloud API for more information.

Change of Authority

If your app's permissions change after the user approves your app (the repository goes from read to full), the user's permissions will remain the same (read). In this case, the user will have to remove the authorization once and re-approve it.

Deletion of approval

The user can remove the authorization at any time. If the user approves again, the token will be a different value. If it is deleted, the token will be invalid, and if the user approves again, the token will be a different value.