Documentation
Start typing to search…

OAuth Overview

Using OAuth 2.0 to Access RaidenX APIs

Basic steps

All applications follow a basic pattern when accessing a RaidenX API using OAuth 2.0. At a high level, you follow five steps:

1. Obtain OAuth 2.0 Credentials

Visit the Obtain OAuth 2.0 Credentials to know how to obtain OAuth 2.0 credentials such as a client ID and client secret that are known to both RaidenX and your application. The set of values varies based on what type of application you are building.

You must create an OAuth client appropriate for the platform on which your app will run, for example:

  • For server-side or JavaScript web apps use the "web" client type. Do not use this client type for any other application, such as native or mobile apps.

2. Examine scopes of access granted by the user.

Compare the scopes included in the access token response to the scopes required to access features and functionality of your application dependent upon access to a related RaidenX API. Disable any features of your app unable to function without access to the related API.

Some requests require an authentication step where the user logs in with their RaidenX account. After logging in, the user is asked whether they are willing to grant one or more permissions that your application is requesting. This process is called user consent.

If the user grants at least one permission, the RaidenX Authorization Server sends your application an authorization code that your application can use to obtain an access token and a list of scopes of access granted by that token. If the user does not grant the permission, the server returns an error.

The scope included in your request may not match the scope included in your response, even if the user granted all requested scopes. Refer to the documentation for each RaindenX API for the scopes required for access. An API may map multiple scope string values to a single scope of access, returning the same scope string for all values allowed in the request.

3. Obtain an access token from the Raidenx Server.

Before your application can access private data using a RaidenX API, it must obtain an access token that grants access to that API. A single access token can grant varying degrees of access to multiple APIs. A variable parameter called scope controls the set of resources and operations that an access token permits. During the access-token request, your application sends one or more values in the scope parameter.

4. Send the access token to an API.

After an application obtains an access token, it sends the token to a RaidenX API in an HTTP Authorization request header.

Access tokens are valid only for the set of operations and resources described in the scope of the token request. For example, if an access token is issued for the RaidenX Limit Order API, it does not grant access to the RaidenX Market Order API. You can, however, send that access token to the RaidenX Limit Order API multiple times for similar operations.

5. Refresh the access token, if necessary.

Access tokens have limited lifetimes. If your application needs access to a RaidenX API beyond the lifetime of a single access token, it can obtain a refresh token. A refresh token allows your application to obtain new access tokens.

Updated 4 months ago