Using these endpoints you can authenticate with external tools.
The workflow should look like this:
Access the endpoint providing a redirect_uri that would perform the
POST action later.
The request would return a JSON containing one key authorization_url.
Redirect the user to that URL.
When the user authenticates with the external tool, that tool would redirect
them to the redirect_uri you provided with a GET querystring
containing two arguments: code and state
From the view that your user got redirected to, issue a POST request
to the endpoint with the code and state arguments. You should use
application/x-www-form-urlencoded not JSON. The user should be now
authenticated in your application.
The list of providers is available at
social backend docs.
please follow the instructions provided there to configure your backend.
Social Endpoints¶
Warning
This API is in beta quality - backward compatibility is not guaranteed in future versions and you may come across bugs.
Provider Auth¶
Using these endpoints you can authenticate with external tools.
The workflow should look like this:
Access the endpoint providing a
redirect_uri
that would perform thePOST
action later.The request would return a JSON containing one key
authorization_url
. Redirect the user to that URL.When the user authenticates with the external tool, that tool would redirect them to the
redirect_uri
you provided with aGET
querystring containing two arguments:code
andstate
From the view that your user got redirected to, issue a
POST
request to the endpoint with thecode
andstate
arguments. You should useapplication/x-www-form-urlencoded
not JSON. The user should be now authenticated in your application.The list of providers is available at social backend docs. please follow the instructions provided there to configure your backend.
Configure
urls.py
:Default URL:
/o/{{ provider }}/
Note
redirect_uri
is provided via GET parameters - not JSONstate
parameter isn’t always required e.g. in case of OpenID backendsMethod
Request
Response
GET
redirect_uri
HTTP_200_OK
authorization_url
HTTP_400_BAD_REQUEST
POST
code
state
HTTP_201_CREATED
token
HTTP_400_BAD_REQUEST