Initiating Authentication

To initiate the authentication process, your application needs to redirect the user to the FuturePass authorization endpoint.

Steps:

  1. Generate Code Verifier and Challenge: Use PKCE (Proof Key for Code Exchange) to enhance security.

  2. Generate State and Nonce: These are used to prevent CSRF attacks and replay attacks, respectively.

  3. Build Authorization URL: Include required parameters such as response_type, client_id, redirect_uri, scope, code_challenge, code_challenge_method, state, and nonce.

Example Authorization URL:

const params = {
  response_type: 'code',
  client_id: clientId,
  redirect_uri: redirectUri,
  scope: 'openid profile email',
  code_challenge: codeChallenge,
  code_challenge_method: 'S256',
  state: state,
  nonce: nonce,
}

const queryString = new URLSearchParams(params).toString()
const url = `${authorizationEndpoint}?${queryString}`
window.location.href = url

Authorization Request Parameters

Parameter
Description

response_type

Specifies the type of response. For authorization code flow, use code.

client_id

The client ID you obtained during client registration.

redirect_uri

The URI to which the response will be sent. It must match the redirect URI registered with the client.

scope

A space-separated list of scopes. Use openid.

code_challenge

The PKCE code challenge.

code_challenge_method

The method used to generate the code challenge. Use S256.

state

A random string to maintain state between the request and callback. Helps prevent CSRF attacks.

nonce

A random string to associate with the ID token. Helps prevent replay attacks.

response_mode

Specifies how the result should be returned. For this example, use query.

prompt

Specifies whether the user should be prompted for reauthentication.

login_hint

email:, social:google, social:facebook

Example Authorization Request URL

https://login.futureverse.dev/auth?
response_type=code&
client_id=YOUR_CLIENT_ID&
redirect_uri=http://localhost:3000/callback&
scope=openid&
code_challenge=CODE_CHALLENGE&
code_challenge_method=S256&
state=STATE&
nonce=NONCE&
response_mode=query&
prompt=login&
login_hint=email:

Last updated

© 2023 -> ♾️