GitHub

oAuth1

Grants

Password grant

The Password Grant accepts your username and password, then returns an Access Token and a Refresh token. As mentioned before the Access Token can be used to authenticate API requests.

await exh.auth.authenticate({
    email:'john.doe@example.com',
    password:'myPassword1234'
});

Note that in case this user has MFA enabled this function will throw a MfaRequiredError. With the information in the error you can follow the Mfa Grant to complete the authentication.

Mfa Grant

When MFA is enabled for a user and you try to authenticate using the password grant you will receive a MfaRequiredError . You can catch the error and use the Mfa Grant to complete the authentication.

try {
  await exh.auth.authenticate({
    password: '',
    email: '',
  });
} catch (error) {
  if (error instanceof MfaRequiredError) {
    const { mfa } = error.response;

    // Your logic to request which method the user want to use in case of multiple methods
    const methodId = mfa.methods[0].id;

    await exh.auth.confirmMfa({
      token: mfa.token,
      methodId,
      code: '', // code from ie. Google Authenticator
    });
  }
  // handle other possible authentication errors
}

SSO Token Grant

You can exchange an SSO token generated by application for access tokens that can be used by another application. This way you can implement a single sign one flow between e.g. mobile and web.

This functional is currently not supported by Javascript SDK. You can use the raw method of the SDK to access this functionality.

await exh.raw.post('/auth/v2/oauth1/ssoTokens/consume',{
    ssoToken: "{ssoTokenHere}"
});

Tokens

Retrieve a list of active tokens

This functional is currently not supported by Javascript SDK. You can use the raw method of the SDK to access this functionality.

await exh.raw.get('/auth/v2/oauth1/tokens');

Revoking tokens

This functional is currently not supported by Javascript SDK. You can use the raw method of the SDK to access this functionality.

await exh.raw.delete('/auth/v2/oauth1/tokens/{tokenId}');

SSO

Generate SSO Tokens

You can create a single use SSO token. Another client can consume such a token and exchange it for an authorization.

This functional is currently not supported by Javascript SDK. You can use the raw method of the SDK to access this functionality.

await exh.raw.post('/auth/v2/oauth1/ssoTokens/generate');
PreviousoAuth2NextMFA

Last updated