POST

/api/users/{handle}/o-auth-identities

Authorization*
curl --request POST \
  --url https://codecombat.com/api/users/{handle}/o-auth-identities \
  --header 'Authorization: <authorization>' \
  --header 'Content-Type: application/json' \
  --data '{
  "provider": "<provider>"
}'
{
  "_id": "string",
  "email": "string",
  "license": {
    "active": "boolean",
    "ends": "string"
  },
  "name": "string",
  "oAuthIdentities": [
    {
      "id": "string",
      "provider": "string"
    }
  ],
  "role": "string",
  "slug": "string",
  "stats": {
    "concepts": "object",
    "gamesCompleted": "number",
    "playTime": "number"
  },
  "subscription": {
    "active": "boolean",
    "ends": "string"
  }
}
  1. If no access token is provided, it will use your OAuth2 token URL to exchange the given code for an access token.
  2. Then it will use the access token (given by you, or received from step 1) to look up the user on your service using the lookup URL, and expects a JSON object in response with an id property.
  3. It will then save that user id to the user in our db as a new OAuthIdentity.
url = `https://codecombat.com/api/users/${userID}/o-auth-identities`;
OAUTH_PROVIDER_ID = "xyz";
json = { provider: OAUTH_PROVIDER_ID, accessToken: "1234" };
request.post({ url, json, auth }, (err, res) => {
  console.log(res.body.oAuthIdentities); // [ { provider: 'xyx', id: 'abcd' } ]
});

In this example, we call your lookup URL (let’s say, https://oauth.provider/user?t=<%= accessToken %>) with the access token (1234). The lookup URL returns { id: 'abcd' } in this case, which we save to the user in our db.

Authorizations

Authenticationheaderrequired
string

Basic authentication header of the form Basic <encoded-value>, where <encoded-value> is the base64-encoded string username:password.

Path Parameters

handlerequired
string

The document's _id or slug.

Body

application/json
accessToken
string

Will be passed through your lookup URL to get the user ID. Required if no code.

code
string

Will be passed to the OAuth token endpoint to get a token. Required if no accessToken.

providerrequired
string

Your OAuth Provider ID.

Response

200 - application/json
_id
string
email
string
license
object
name
string
oAuthIdentities
object[]
role
string

Usually either 'teacher' or 'student'

slug
string
stats
object
subscription
object