Web SDK Integration Guide
Last updated
Was this helpful?
Last updated
Was this helpful?
humanID Server Credentials, Server Credentials consist of:
Server Client ID
Server Client Secret
App Back-end, to receive authentication Callback from humanID
Note: Feature to obtain Server Credentials and to configure Callback URL is not yet available at humanID Developer Console. Please contact developers@human-id.org and ask for Web Login Integration Set-up
The authentication process can be illustrated in the following diagram:
Create a Log-in page that contains this button.
Get the Log in button image and put this script below into your Web App:
When user clicks the log-in with button, the Web App will make a request to the App Backend and then the page will be redirected to web-login.human-id.org.
Once App Backend received a response that contains Log-in URL, redirect the page to the given URL to open humanID Web Log-in Page
After the user successfully Log-in with humanID, the page will be redirected to a registered Log-in Callback URL (registered on Developer Console). Callback URL contains Exchange Token, which is a URL Encoded token that will be used to obtain User ID.
A Log-in callback URL is formatted:
For Example:
Once App Backend receives response from API call, use given User ID to authorize User so User could access the Web App contents.
Handle Error Response
If log-in failed, humanID will redirect to configured Log-in Callback URL that is formatted:
To check whether log-in failed or not, simply check if parameter et
appended in callback URL
Endpoint URL
Request
Headers:
Key
Value
client-id
<SERVER_CLIENT_ID>
client-secret
<SERVER_CLIENT_SECRET>
Content-Type
application/json
Query Parameters:
Key
Value
Description
lang
Language to Show
priority_country
Response Example
Success:
Error: Invalid Server Credentials
Endpoint URL
Request
Headers:
Key
Value
client-id
<SERVER_CLIENT_ID>
client-secret
<SERVER_CLIENT_SECRET>
Content-Type
application/json
Body:
Response Example
Success:
To obtain Log-in URL, App Back-end will call API Request Web Log-in Session (). The API call must be done between Host-to-Host in order to protect Server Credentials.
URL Decode Exchange Token and use it as a parameter to call API Exchange Token () to obtain User ID.
See a full list of on our Github.