We’ve developed some resources to help you work effectively from home during COVID-19 Click to learn more

How to authenticate an application user

In this article

    Let's look at how you can authenticate an application user with OAuth 2.0.

    This procedure uses an Implicit Flow request. The client ID is necessary to link the user to an application definition where the redirect URL is specified.

    Pre-requisites:

    • You have received a unique client ID and secret 
    • You have whitelisted your redirect URL with SuperOffice
    • You have set up a web page at your redirect URL
    • The application user has a valid username and password

    Remember that the sub-domain is different for development, stage, and production. It is very likely that the client ID differs too.

    To authenticate users:

    1. Forward the user to the SuperOffice CRM Online sign-in page to authenticate.

      https://{env}.superoffice.com/login/common/oauth/authorize?response_type=id_token token
      &client_id=YOUR-APP-ID&redirect_uri=YOUR-REDIRECT-URL&scope=openid&state=12345
      &nonce=7362CAEA-9CA5-4B43-9BA3-34D7C303EBA7
    2. Receive the authentication token when the sign-in page redirects the user back to your application.

    3. Validate the authentication token.

    No application is allowed to ask users for their credentials, ever! Next step: implement your application-specific logic.