Server API
[print_date]
Requests that are made from your server side. All require an app secret to call.
Headers Header Description x-app-secret Your app secret (user's app_secrets can be found at https://app.breadbuter.io/app/#/app-secrets).
GetAuthentication
GET /apps/{app_id}/authentications/{authentication_token}
Returns the details of a login action. Requires your app secret.
Request
app_id string
Unique identifier for your application. Provided by Bread & Butter.
authentication_token string
The unique identifier to retrieve the response data package. Found in the query string of the redirection url.
Example Java
- PHP
- .Net
- Java
- Python
- Node JS
{
"app_id": "6ba4da69b3394e78927758597dc4482b",
"authentication_token": "5fea650bb109764ea3dc56fc"
}
Response
app_id
string
Unique identifier for your application.
user_id
string
Unique identifier for the authenticated user.
auth_success
boolean
This confirms that authentication succeeded.
auth_error
boolean
The reason the authentication failed.
auth_data
object
This object contains the details of the user that authenticated.
[-] Show Child Properties
AuthData
email_address
string
The email address of the user.
first_name
string
The first name of the user.
last_name
string
The last name of the user.
profile_image_url
string
Url to the profile image for the user.
uid
string
This is a unique identifier created by the Identity Provider
for the user.
data
object
This is the raw data returned by the Identity Provider.
oauth_tokens
AuthorizationDataTokens
Authorization Data Tokens are used to make API requests on
behalf of the user by the OAuth protocol. In order to enable
this feature Return Authorization Data must be enabled for
your Provider.
provider
object
This object contains the data that was returned from the Identity
Provider authentication.
[-] Show Child Properties
Provider
idp
string
Description here…
id
string
Description here…
protocol
string
Description here…
name
string
Description here…
type
string
Description here…
options
object
This object contains the options configured when the authentication
request was initiated.
[-] Show Child Properties
AuthOptions
client_data
string (optional)
Used to carry state information in your application. This
string value (can be JSON) will be passed to the callback at
the end of the authentication workflow.
callback_url
string (optional)
Url that the BreadButter server should redirect back to after
authentication. Must be whitelisted in App configuration.
destination_url
string (optional)
Url that the user should be redirected to after the login has
been validated. This is used primarily for mobile workflows.
force_reauthentication
string (optional)
Indicates whether to force re-authentication for the user. By
default this is set to `off`. Pass `attempt` to ask the
Provider to prompt for re-authentication but continue if not
possible. Pass `force` to have the login action fail if the
Provider does not prompt. Supported providers include
Microsoft, Okta, Dropbox, OneLogin, Fitbit, and Twitter.
Example Java
- PHP
- .Net
- Java
- Python
- Node JS
{
"app_id": "6ba4da69b3394e78927758597dc4482b",
"user_id": "5fea650bb109764ea3dc56fe",
"auth_success": true,
"auth_error": true,
"auth_data": {
"email_address": "",
"first_name": "",
"last_name": "",
"profile_image_url": ""
},
"provider": {
"idp": "google",
"id": null,
"name": "",
"type": "social",
"protocol": "oauth",
},
"auth_data": {
"data": {},
"uid": "{UID}",
"oauth_tokens": {
"access_token": "{access-token}",
"access_token_expires_in": 3600,
"refresh_token": "{refresh-token}",
"can_refresh_token": true,
"can_revoke_token": false
}
},
"options": {
"client_data": "{}",
"callback_url": null,
"destination_url": null,
"force_reauthentication": null
}
}