Used by the client to track the endpoint configuration used in authentication.
Used by the server to track the user resource class. This is necessary to enable auth via multiple user classes.
The base url of the site that initiated the popup.
https://devise-token-auth.dev/omniauth/github?auth_origin_url=http%3A%2F%2Flocalhost%3A8000%2F&config_name=default&resource_class=User
The following steps will be taken after successful OAuth authentication.
- After the user successfully authenticates on the external provider's site (github, facebook, etc.), the provider will redirect back to the API.
- The API will find or create the user matching the provider user's UID, and then issue a new token.
- The API will then redirect to the original URL that the popup was initiated from, including the auth credentials as URI params.
- The popup initiator will detect these credentials and make a new request to the API to validate the auth token and pull the user's data.
The access token acts as a password for each request.
The unique identifier for the current user.
The client token is used to identify device (browser client, phone, tablet, etc) of the current session. This allows us to maintain multiple concurrent sessions across devices / browsers.
The time at which the given access-token will expire.
https://redux-auth.herokuapp.com?token=bgINB4atOxd8SMNvtOTDxg&uid=test%40test.com&client=abc&expiry=1450988710
The only possible errors are for the user to close the window without authenticating, or for the subsequent token validation to fail. In both cases an error is shown to the client. See the token validation request docs for more info on the latter case.