Comment on page
Authorization
Make sure to have signed up for an account so you are able to get access credentials for your application and deploy your first pool.
When you have access THX Dashboard you will be able to register an application. This application will hold you client credentials. With these credentials you are able to create a Basic Authentication header, which should be passed in the request to obtain your API Access Token.
Two grant types exist that you can register a client for.
This grant is meant for browser to API data exchange and allows for retrieving user account information since the access token is obtained after user authentication.
const authorizationEndpoint = 'http://auth.thx.network/authorize';
const clientId = 'your-client-id'; // Create one at Campaign -> Developer -> API Keys
const redirectUri = 'your-redirect-uri'; // Eg. https://localhost:8080/callback
const scope =
'openid offline_access account:read account:write erc20:read erc721:read erc1155:read point_balances:read referral_rewards:read point_rewards:read wallets:read wallets:write pool_subscription:read pool_subscription:write claims:read';
// Redirect user to authorization endpoint
const authUrl = new URL(authorizationEndpoint);
authUrl.searchParams.append('client_id', clientId);
authUrl.searchParams.append('redirect_uri', redirectUri);
authUrl.searchParams.append('scope', scope);
authUrl.searchParams.append('response_type', 'code');
window.location.href = authUrl;
// Once user is redirected back to your application with the authorization code
const authorizationCode = 'code-received-from-redirect';
const tokenRequestData = {
grant_type: 'authorization_code',
code: authorizationCode,
client_id: clientId,
redirect_uri: redirectUri,
};
// Exchange authorization code for access token
fetch('http://auth.thx.network/token', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(tokenRequestData),
})
.then((response) => response.json())
.then((tokenResponse) => {
console.log('Access Token:', tokenResponse.access_token);
})
.catch((error) => {
console.error('Token exchange error:', error);
});
This grant is meant for backend to API data exchange and allows for most API interactions except user account information.
CLIENT_ID=_lntZMrYTLdoc_Eqxd1mZ
CLIENT_SECRET=3LlIsWk5Ef2DU_OOERbLqrXEhtMru8hxuMZ7fo8WD8E5aJAXDVLppdkoMMgxcPbktzlgps5fe_SyjQH8CWv6XQCopy
Never use the client credentials grant in applications that run in the browser.
Bad actors can easily intercept your requests and extract your access token or client credentials from the header information.
This is an example of how to create a base64 encoded Basic Authorization header.
const h = 'Basic ' + new Buffer(`${CLIENT_ID}:${CLIENT_SECRET}`).toString('base64');
Provide the Basic Authorization header and the correct Content-Type in your request to obtain your API access token.
Request:
axios({
url: 'https://auth.thx.network/token',
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Authorization': 'Basic ' + new Buffer(`${CLIENT_ID}:${CLIENT_SECRET}`).toString('base64'),
},
data: {
grant_type: 'client_credentials',
scope: 'openid admin',
}
});
Response:
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImtNV0FGWDdIenh2ek52R3JXNkpQZUJhUXdvY21LRzZnSUNzWUd1dUMtTjQifQ.eyJqdGkiOiJ6WW5vTjI0VUZ1Z1NRRDNfRVp0OVciLCJpYXQiOjE2MTQ2NzYyNjIsImV4cCI6MTYxNDY3Njg2Miwic2NvcGUiOiJvcGVuaWQgYWRtaW4iLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjMwMDAiLCJhdWQiOiJfbG50Wk1yWVRMZG9jX0VxeGQxbVoifQ.FubTCity_twCn2vrSKrzTyRscWNxEh4iV62i_yFHMTNOXkX5tX1ZH4syDqd7jEWfGP8Rzcc4DoIqDu-5IZQ6Pyrf-78LxRmfy_h0eNml7x-0X18lo6by20dfR9u7I2vdkb9c8YyNkFpK_ywJJwufoEfOhm1PPRCUcjAV1MX_nLbK4kgAp1NIeYqDENyb7LM3taC1HLdrzRYZhekD1W48895SJWSW12Ljm_seDXRQa1e_5neIjmC22JT98q26fPBRRxi1ZUyj0qks68grlD1k4hadosODwqQjFMTupg5KCqVt5T4WzrboY-jdgl-hURS3W3W8sHRyUWA0mB6M3LH7Rg",
"expires_in": 600,
"token_type": "Bearer",
"scope": "openid admin"
}
Last modified 3d ago