API Reference

OAuth

OAuth 2.0 / PKCE flow endpoints for third-party provider authentication. The SDK handles this automatically — these endpoints are documented for custom implementations.

Supported Providers

google
github
apple
kakao
naver
facebook
discord
x
slack
twitch
line
microsoft

OAuth Flow

1
Initiate OAuth
Call the authorize endpoint to get the OAuth URL with PKCE challenge.
2
Redirect User
Redirect the user to the OAuth provider's authorization page.
3
Handle Callback
The provider redirects back to your callback URL with a code.
4
Exchange Code
Exchange the authorization code for Authon access and refresh tokens.
GET/v1/oauth/:provider/authorize

Get Authorization URL

Get the OAuth provider authorization URL with PKCE challenge. Returns a URL to redirect the user to.

Query Params
text
?projectId=proj_abc123&redirectUrl=https://yourapp.com/callback
Response
json
{
  "url": "https:0
  2: "random_state_value",
  "codeVerifier": "pkce_verifier"
}
POST/v1/oauth/:provider/callback

Handle OAuth Callback

Exchange the OAuth authorization code for Authon tokens.

Request Body
json
{
  "code": "auth_code_from_provider",
  "state": "random_state_value",
  "codeVerifier": "pkce_verifier",
  "projectId": "proj_abc123"
}
Response
json
{
  "accessToken": "eyJhbGci...",
  "refreshToken": "rt_abc123...",
  "expiresIn": 3600,
  "user": {
    "id": "usr_abc123",
    "email": "user@example.com",
    "displayName": "John Doe"
  },
  "isNewUser": false
}
Authon — Universal Authentication Platform