Enable Users to Sign In to App
-
Create a new client application in the workspace of your choice.
Once your application is created, it gets its client credentials (like a client identifier and client secret) that you can use to call Cloudentity APIs.
-
Make sure to set the Redirect URIs field to the appropriate value for your application.
The redirect URI is where Cloudentity will redirect the user after authentication.
-
You can mark your application as trusted, if you want to skip the step of gathering users' consent for sharing data.
-
In your application, create a login button or link that, when clicked, triggers a call to the Cloudentity /authorize endpoint.
client_id
: The client ID of the client application you created in the first step.redirect_uri
: The redirect URI specified in the client application settings.response_type
: Set tocode
for an Authorization Code Grant flow.
If your application has no backend and it is not able to store client secrets securely, you need to use the Proof Key of Code Exchange OAuth Extension to be able to securely call the
/authorize
endpoint.When the user clicks the login button or link, they will be redirected to the Cloudentity login page. After authenticating, the user can provide their consent to share data (optional). If the app is trusted, the consent step can be skipped.
Upon successful authentication and consent (if required), the user will be redirected to the specified redirect URI with an authorization code. Use this code to request an access token from the Cloudentity
/token
endpoint to make API calls on behalf of the user. -
Connect any of the Authentication Providers to your workspace.
Cloudentity stands out with its unparalleled federated identity capabilities. By connecting multiple Authentication Providers to your workspace, users can conveniently authenticate using their preferred provider and access your application. Our philosophy is to ensure that no partner, customer, or user is ever compelled to switch their Identity/Authentication provider.