Back to Dashboard

Integration Guide

Welcome to the authPro documentation. Learn how to integrate secure, modern OAuth 2.0 authentication into your applications in minutes, no complex configurations required.

Enterprise Security

Built on industry-standard OAuth 2.0 protocols ensuring your user data remains secure.

Developer First

Simple APIs, typed SDKs, and comprehensive documentation to get you moving fast.

Getting Started

Follow these steps to prepare your environment for authPro.

Prerequisites

  • An active authPro account
  • A registered application in your dashboard
  • Node.js or any HTTP client environment

Installation

While authPro works with standard HTTP requests, you can use our upcoming SDK for a smoother experience. For now, simply copy your credentials.

Client ID

Unique identifier for your app

Client Secret

Keep this value private!

Authorization

Implement the standard OAuth 2.0 authorization code flow.

1. Redirect User

Direct the user's browser to the authorize endpoint. Include your client ID and redirect URI.

HTTP GET
https://auth-pro.com/authorize?
  client_id=YOUR_CLIENT_ID
  &redirect_uri=https://your-app.com/callback
  &response_type=code
  &scope=email profile
  &state=xyz123

2. Handle Callback

The user will be redirected back to your `redirect_uri` with a temporary authorization code.

Callback URL Example
https://your-app.com/callback?code=AUTH_CODE_HERE&state=xyz123

API Reference

Detailed endpoint documentation.

GET/authorize

The entry point for the OAuth flow. This endpoint renders the login/consent page.

ParameterTypeDescription
client_idstringRequired. Your application's Public ID.
redirect_uristringRequired. Must exactly match one of your allowed URIs.
response_typestringRequired. Must be "code".
statestringRecommended. Random string to prevent CSRF.
POST/api/oauth/token

Exchange the authorization code for an access token and user information.

ParameterTypeDescription
codestringRequired. The authorization code received in the callback.
client_idstringRequired. Your application's Public ID.
client_secretstringRequired. Your application's Secret Key.
Response Example
{
  "access_token": "ct_...",
  "token_type": "Bearer",
  "expires_in": 3600,
  "user": {
    "id": "user_...",
    "email": "jane@example.com",
    "name": "Jane Doe",
    "image": "https://...",
    "discord": {
        "user": { ... },
        "guilds": [ ... ]
    },
    "roblox": { ... }
  }
}

User Data Object

The user object in the token response contains the requested information based on the scopes granted.

  • email: Included if email scope is granted.
  • name: Included if profile or name scope is granted.
  • image: Included if profile or image scope is granted.
  • discord: Included if discord.user or discord.guilds scopes are granted.
  • roblox: Included if roblox.user scope is granted.