Login and authorization
You can let users log in to your service with the user's DOSI account, using the User Account Connect API.
Connection info
| Development environment | API base URI |
|---|---|
| Production | https://api.dosi.world |
Instructions for use
Partner services must follow the next steps to allow DOSI users to log into the services or to get users' profile data.
You need a Gmail account to log into DOSI with your Google account. You can't use a Google Workspace account.
1. Request DOSI user authorization
Send an authorization request to the authorization endpoint (https://members.dosi.world). You must provide the following service information as query parameters.
| Parameter | Description |
|---|---|
client_id | DOSI channel ID received after applying for DOSI SDK |
state | Random string for OAuth Flow verification |
mode | OAuth Flow mode. Don't change the value from "oauth". |
redirect_uri | Landing URI after user login |
scope | Scope for the user profile group. Don't change the value from "basic". |
code_challenge | Code challenge value in PKCE. Required if the client is a mobile app. |
code_challenge_method | Method to generate code_challenge in PKCE. Required if the client is a mobile app. Don't change the value from "S256". |
The following is an example of sending an authorization request.
https://members.dosi.world?client_id=17XEvciBbskwvvddn0m_&state=hiubweiriuqukjdsfsdrwe&mode=oauth&redirect_uri=https%3A%2F%2Fprofile.dosi.world%2F
When DOSI receives such a request, it moves to the service integration approval page (login page if the user isn't logged in). When the user approves the request, DOSI issues an authorization code to redirect_uri.
2. Issue access tokens
After Step 1, issue an access token using the authorization code. Use the Issue or refresh an access token endpoint.
3. Get user profiles
After Step 2, get user profiles using the access token. Use the Get extended user profile endpoint.
Issue or refresh an access token
Issues an access token with the authorization code or refreshes an access token with the refresh token.
Path
None
Query
None
Body
Name | Type | Description | Required |
|---|---|---|---|
grant_type | string | Request type. Either one of the two:
| |
code | string | An authorization code for the user who issued the access token. Provide this value only when | |
client_id | string | DOSI channel ID received after applying for DOSI SDK | |
client_secret | string | DOSI channel secret received after applying for DOSI SDK | |
refresh_token | string | A refresh token to refresh the access token. Provide this value only when
| |
code_verifier | string | A random string generated for self-authorization by the client in PKCE. It must be a random value with high entropy. Refer to the reference.
|
- Content-Type: application/x-www-form-urlencoded
Request examples
curl -v -X POST "https://api.dosi.world/api/v1/oauth2/token" \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'grant_type=authorization_code' \
-d 'code=b5fd32eacc791df' \
-d 'client_id=12345' \
-d 'client_secret=d6524edacc8742aeedf98f'
Revoke the access token
Revokes the access token and refresh token.
Path
None
Query
None
Body
None
- Authorization: Bearer <access token>
- Content-Type: application/json
Request examples
curl -v -X POST "https://api.dosi.world/api/v1/oauth2/revoke" \
--header 'Authorization: Bearer <access token>' \
--header 'Content-Type: application/json'
Get extended user profile
Gets the user's extended profile with the access token.
Path
None
Query
None
Body
None
- Authorization: Bearer <access token>
- Content-Type: application/json
Request examples
curl -v -X GET "https://api.dosi.world/api/v2/profile/extended" \
--header 'Authorization: Bearer <access token>' \
--header 'Content-Type: application/json'