User API Access (Auth Code with PKCE)
The Client Credentials Grant is used to get App API Access to resources from the API. Client Credentials authenticates your app, not any specific user.
With a token from the Client Credentials Grant you can:
- Get generic and statistics information about Hubble (for instance products & sales)
And you cannot:
- Request information about a specific user
- Request the userinfo information
tip
Do not attempt to implement the Authorization Code Grant yourself, use a library!
You can find examples at the intro page.
Configuration
tip
On test, use login.test.starcommunity.app instead.
You can use the following URLs when requested:
| Description | URL |
|---|---|
| Discovery Endpoint | https://login.starcommunity.app/.well-known/openid-configuration |
| JWKS Endpoint | https://login.starcommunity.app/oauth2/jwks |
| Authorize Endpoint | https://login.starcommunity.app/oauth2/authorize |
| Token Endpoint | https://login.starcommunity.app/oauth2/token |
| Userinfo Endpoint | https://login.starcommunity.app/oauth2/userinfo |
| Logout Endpoint | https://login.starcommunity.app/oauth2/logout |
Other settings:
- Please sign out the user after signing out of your app by using OIDC RP-iniated signout with the Logout Endpoint. Your library should support this.
- For PKCE, we only support the
S256algorithm. Use ofplainis disabled.