Skip to content

Login Flow

The authorization code mode returns the authorization code to the client, and the client can then directly exchange it for an ID Token and Access Token. The advantage is that no token is exposed to the user agent or other malicious applications that may access the user agent. The authorization server can also authenticate the client before exchanging the access token for the authorization code. The authorization code mode is suitable for clients that can securely maintain confidentiality between themselves and the authorization server.

Overall flow:

  1. The user accesses the third-party application, and the third-party application initiates an authorization login request to BambooCloud IDaaS. After the user allows the third-party application to be authorized, BambooCloud IDaaS redirects to the third-party application with the authorization code parameter.

  2. The third-party application uses the authorization code to call the BambooCloud IDaaS API to exchange for the access token access_token and ID token id_token.

  3. The third-party application verifies id_token and retrieves the end user's subject identifier.

Development Steps

The development process for integrating with BambooCloud IDaaS using OAuth2.0 standard authorization code mode is as follows:

Step1: Get Authorization Code

Click to view the get authorization code API

Step2: Get Access Token

Click to view the get access token API

Step3: Parse ID Token to Get User Info

Click to view get user info

Step4: Call userinfo API to Get User Info (Optional)

Click to view get user info

BambooCloud IDaaS Open Platform