Direct API integration
Integrating OpenID Connect in Your Application
This documentation provides a step-by-step guide on how to integrate OpenID Connect (OIDC) in your application using the provided endpoints and methods.
Before starting, make sure you find the client_id and client_secret at the settings page for your miQey Application.
All endpoints must be set with our authentication endpoint, being:
https://app.miqey.comStep 1: Authorization Request
To initiate the OpenID Connect flow, redirect the user to the authorization endpoint with the required parameters.
Endpoint:
GET /oauth/authorizeParameters:
response_type: Must be code.
client_id: The client ID you received when you registered your application.
redirect_uri: The URI to which the user will be redirected after authorization.
scope: Must include openid.
state: A random string to maintain state between the request and callback.
Example:
GET /oauth/authorize?response_type=code&client_id=YOUR_CLIENT_ID&redirect_uri=YOUR_REDIRECT_URI&scope=openid&state=YOUR_STATEStep 2: Handling the Authorization Response
After the user authorizes your application, they will be redirected to the specified redirect_uri with an authorization code and state.
Example:
GET YOUR_REDIRECT_URI?code=AUTHORIZATION_CODE&state=YOUR_STATEStep 3: Token Request
Exchange the authorization code for an ID token and access token by making a POST request to the token endpoint.
Endpoint:
POST /oauth/tokenParameters:
grant_type: Must be authorization_code.
client_id: Your client ID.
client_secret: Your client secret.
redirect_uri: The same redirect URI used in the authorization request.
code: The authorization code received from the authorization response.
Example:
POST /oauth/token
Content-Type: application/x-www-form-urlencoded
grant_type=authorization_code&client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET&redirect_uri=YOUR_REDIRECT_URI&code=AUTHORIZATION_CODEResponse:
{
"access_token": "ACCESS_TOKEN",
"id_token": "ID_TOKEN",
"token_type": "Bearer",
"expires_in": 3600
}