Scopes, callback url configuration and responses
Clone this wiki locally
Scopes
Authentiq adds the capability to request personal information like name, email, phone number, and address from the Authentiq ID app (iOS, Android). During authentication, and only after the user consents, this information will be shared by the Authentiq ID app.
Requesting specific information or "scopes" is done by modifying the scope parameter in the basic usage example above.
Depending on your implementation, you may also need to provide the callback_url parameter.
Example:
use OmniAuth::Builder do
provider :authentiq, ENV['AUTHENTIQ_KEY'], ENV['AUTHENTIQ_SECRET'],
scope: 'aq:name email~rs aq:push phone address'
endAvailable scopes are:
-
aq:namefor name, providing:name,:first_name,:last_nameand additionally:middle_namewill be available in:extra -
emailproviding:emailand additionally:email_verifiedwill be available in:extra -
phoneproviding:phoneand additionally:phone_typeand:phone_number_verifiedwill be available in:extra -
addressproviding:locationwith the following format:
"location" => {
"country" => "Country",
"formatted" => "Street\nCity\nPostal Code\nState\nCountry",
"locality" => "City",
"postal_code" => "Postal Code",
"state" => "State",
"street_address" => "Street"
}-
aq:locationproviding:geolocation(geo coordinates and address from a reverse lookup) with the following format:
"geolocation" => {
"accuracy" => 20.509,
"address" => {
"country" => "Geo country",
"formatted" => "Geo street\nGeo city\nGeo postal_code\nGeo country",
"locality" => "Geo city",
"postal_code" => "Geo postal_code",
"street_address" => "Geo street"
},
"altitude" => 0.0,
"latitude" => 55.340157,
"longitude" => -30.555491,
"speed" => 0.0
}-
aq:pushto request permission to sign in via Push Notifications in the Authentiq ID app
:locale and :zoneinfo will be available in :extra regardless of the requested scopes. The format of these strings is:
-
localeproviding:localein thelanguage_territoryformat -
zoneinfoproviding:zoneinfoin theContinent/Cityformat
Append ~r to a scope to explicitly require it from the user.
Append ~s to phone or email scope to explicitly require a verified (signed) scope.
The ~s and ~r can be combined to ~rs to indicate that the scope is both required and should be / have been verified.
Response data
An example complete response, in the form of a ruby hash, after requesting all possible scopes would be:
{
"provider" => "authentiq",
"uid" => "E1YcKg143eO6Z-e-3vK1GBJEGpKlIpX1-BbeA3GY6II",
"sid" => "E1YcKg143eO6Z-e-3vK1GBJEGpKlIpX1-BbeA3GY6II"
"info" => {
"name" => "First Middle Last",
"first_name" => "First",
"last_name" => "Last",
"email" => "user@host.com",
"phone" => "+15417543010",
"location" => {
"country" => "Country",
"formatted" => "Street\nCity\nPostal Code\nState\nCountry",
"locality" => "City",
"postal_code" => "Postal Code",
"state" => "State",
"street_address" => "Street"
},
"geolocation" => {
"accuracy" => 20.509,
"address" => {
"country" => "Geo country",
"formatted" => "Geo street\nGeo city\nGeo postal_code\nGeo country",
"locality" => "Geo city",
"postal_code" => "Geo postal_code",
"street_address" => "Geo street"
},
"altitude" => 0.0,
"latitude" => 55.340157,
"longitude" => -30.555491,
"speed" => 0.0
}
},
"credentials" => {
"token" => "gVh3XACpE3pchcV7f9jcAJOurRE7pN",
"refresh_token" => "5xqib7u9u79HbRoXXqom7V9REtxhzt",
"expires_at" => 1481706571,
"expires" => true
},
"extra" => {
"middle_name" => "Middle",
"email_verified" => true,
"phone_type" => "mobile",
"phone_number_verified" => true,
"locale" => "language_territory", #eg en_US
"zoneinfo" => "Continent/City" #eg Europe/Amsterdam
}
}So far you have integrated signing in and managing user information with Authentiq Omniauth and the Authentiq ID app. You can take the extra mile and provide the full experience to your users by implementing remote log out for your Rails application by adding a few more lines of code. Read the next chapter of this wiki to find out how to do that.
Official Authentiq OmniAuth strategy wiki