Skip to content

Getting Started

Accessing Unidy’s API requires authenticating the respective service first. This section gives an introduction to how Unidy enables authentication.

Unidy is following the OpenID Connect (OIDC) specification for centralized authentication and access to user data by authorized third parties. OIDC is a well-known and established standard and allows Partners to integrate Unidy like they would integrate social logins from e.g. Facebook, XING, Google or Auth0.

Note

If you’re using an OpenID Connect compatible client / library, chances are good that you don’t need to write much custom code yourself. OIDC-compatible clients exist for most programming languages, frameworks, and standard applications.

Certified Open ID Developer Tools: http://openid.net/developers/certified/
JWT implementations: https://openid.net/developers/jwt/

Authentication from the users perspective goes as follows:

  1. User goes to partner's Website

  2. User clicks on Unidy authentication link

  3. User gets redirected to Unidy login page

  4. User either logs in or creates a new account (if the user isn’t logged in yet)

  5. User is asked to allow the partner to have access to requested scopes Image pass frontside

  6. User gets redirected to the partners page(redirect_uri) after approval with either a code, token or id_token parameter (depending on the requested flow)

Continue with Authorization

What We Need To Setup a Service

To authenticate your service with Unidy, it must first get registered in Unidy. For this, we require the following information:

  1. Connect URI (optional) The connect URI starts the authorization flow within your application, e.g. https://example.com/auth/start. By providing a connect uri a user is able to connect to your application from within Unidy's services overview page.

  2. Redirect URI (required) The redirect URI is the URL where the user is redirected to, after the authorization flow was successful and completed, e.g. https://example.com/auth/callback.

  3. Required user attributes (optional) The fields that the user is required to fill out before continuing the Oauth flow. See list of attributes here

  4. Needed scopes (required)

The data we share with the Oauth App. It's helpful if the scopes match the required Oauth fields. See list of scopes here

  1. Logo (optional)- Displayed in Unidy's services overview and authorization grant page

    • png-format
    • at least 50x50 px
    • web optimized

  2. Name and Description - Displayed in Unidy's services overview and authorization grant page