Ryan Baig
so, when you create an OAuth2
Session, it asks for callback functions, one for success
and failure
. So after the Oauth2
(for ex. Google) is granted, does it send a header, a cookie, or something else to the callback?
TL;DR
There are two flows for OAuth in the context of creating OAuth2 sessions and tokens.
**Flow 1 (createOAuth2Session):**
- Simplifies setup but may fail on browsers with 3rd party cookie issues.
- Suggested solution is to use OAuth tokens or define a custom domain in project settings.
**Flow 2 (createOAuth2Token):**
- Similar to JWT, does not rely on 3rd party cookies but is more complex to set up.
When creating an OAuth2 session and specifying callback functions for success and failure, after the OAuth2 authorization is granted, it sends a token and a userId as Ryan Baig
I cant find anything about it in the docs / reference
Meldiron
There are 2 flows for OAuth:
account.createOAuth2Session()
. The flow is as following:
- Visitor comes to
myapp.com
- Visitor is redirected to
cloud.appwrite.io
- Visitor is redirected to
login.google.com
(not sure what's exact domain) - Visitor login and authorize access
- Visitor is redirected to
cloud.appwrite.io
- Session created, and cookie is set for
cloud.appwrite.io
domain - Visitor is redirected to
myapp.com/success
(success URL set as 2nd param)
Benefits:
- Easy to setup Downside:
- Browsers with 3rd party cookies can fail - cookie is set on
cloud.appwrite.io
somyapp.com
cant see it. Solution is to either use oauth tokens (below), or define custom domain in your project settings - so instead ofcloud.appwrite.io
you useappwrite.myapp.com
, so now the cookie is on same domain
account.createOAuth2Token()
. Goes like this: --- Same beginning start --- - Visitor comes tomyapp.com
- Visitor is redirected tocloud.appwrite.io
- Visitor is redirected tologin.google.com
(not sure what's exact domain) - Visitor login and authorize access _- Visitor is redirected tocloud.appwrite.io
_ --- Same beginning end ---
- Session created, and token generated
- Visitor is redirected to
myapp.com/success?token=X&userId=X
(success URL set as 2nd param) - Website automatically takes token and userId from path, and runs
account.createSession()
Benefits:
- Flow similar to JWT - doesn't relay on 3rd party cookies - works in any browser
Downsides:
- More complex to setup
Ryan Baig
oh ok
Ryan Baig
thanks
Ryan Baig
[SOLVED] Just A Small Question
Recommended threads
- `notContains` Query not available
I have a collection with documents that have a `userIds` attribute containing an array of string values. I want to list these documents by excluding the ones th...
- `appwrite push functions` doesn't commit...
When using the cli, appwrite push deploys the function but somehow doesn't commit it? If it does commit, where can I see my commits (they are not visible in my ...
- i need help: general_unauthorized_scope
any one can help me?