Introduction
Welcome to the OneProfile API documentation.
OneProfile provides a complete solution for identity management, authentication, and authorization. Our API is built on standard OAuth 2.0 and OpenID Connect protocols, ensuring compatibility with existing libraries and frameworks. This documentation will guide you through integrating OneProfile into your applications.
Base URL
https://your-sso-server.comQuick Start
To get started, you'll need an OneProfile account and a registered application.
Create an Account
Sign up at https://your-sso-server.com/access
Register Your App
Go to your dashboard and create a new application to get your Client ID and Client Secret.
Configure Redirect URIs
In your app's Branding settings, add the callback URLs where users will be redirected after login.
Integrate
Use our OAuth 2.0 endpoints or SDK to add authentication to your app.
Authentication Flow
OneProfile supports the standard Authorization Code flow for secure server-side applications.
1. Redirect user to authorization endpoint
GET https://your-sso-server.com/oauth/authorize? client_id=YOUR_CLIENT_ID& redirect_uri=YOUR_CALLBACK_URL& response_type=code& scope=openid profile email& state=RANDOM_STATE
2. User authorizes your app
User is redirected to your callback URL with an authorization code.
3. Exchange code for tokens
POST https://your-sso-server.com/oauth/token
Content-Type: application/json
{
"grant_type": "authorization_code",
"code": "AUTHORIZATION_CODE",
"redirect_uri": "YOUR_CALLBACK_URL",
"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_CLIENT_SECRET"
}4. Use access token
GET https://your-sso-server.com/oauth/user Authorization: Bearer ACCESS_TOKEN
API Endpoints
/oauth/authorizeStart authorization flow/oauth/tokenExchange code for tokens/oauth/userGet user information (requires token)/api/auth/logoutLogout userScopes & Permissions
Request specific scopes to control what data your application can access.
openidOpenID Connect
Required for OIDC. Returns an ID token with the user's unique identifier.
profileUser Profile
Access to the user's default profile claims (name, picture).
emailUser Email
Access to the user's email address and verification status.
SDKs & Libraries
OneProfile is compatible with standard OAuth 2.0/OIDC libraries. Select your platform below:
JavaScript / Browser
Client-side JavaScript for browser applications
JavaScriptRedirect to Login
// Redirect user to OneProfile login
function login() {
const clientId = 'YOUR_CLIENT_ID';
const redirectUri = encodeURIComponent('https://your-app.com/callback');
const scope = encodeURIComponent('openid profile email');
const state = Math.random().toString(36).substring(7);
// Save state for verification
sessionStorage.setItem('oauth_state', state);
window.location.href = `https://your-sso-server.com/oauth/authorize?` +
`client_id=${clientId}&` +
`redirect_uri=${redirectUri}&` +
`response_type=code&` +
`scope=${scope}&` +
`state=${state}`;
}JavaScriptHandle Callback
// Handle the OAuth callback
async function handleCallback() {
const params = new URLSearchParams(window.location.search);
const code = params.get('code');
const state = params.get('state');
// Verify state matches
if (state !== sessionStorage.getItem('oauth_state')) {
throw new Error('State mismatch');
}
// Send code to your backend for token exchange
const response = await fetch('/api/auth/callback', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ code })
});
const { user } = await response.json();
console.log('Logged in as:', user);
}Recommended Libraries
next-authNext.jsUse the 'Credentials' or custom OAuth provider
passport-oauth2Node.jsGeneric OAuth 2.0 strategy for Passport.js
authlibPythonOAuth 2.0 & OIDC library for Python
league/oauth2-clientPHPOAuth 2.0 Client by The PHP League
Laravel SocialiteLaravelOfficial Laravel OAuth package with custom provider support
laravel/passportLaravelFull OAuth2 server implementation for Laravel
Need help? Contact us at support@oneprofile.com