Turnkey Solution

Using WordPress? Our WordPress pluginopen in new window is all you need.

Using anything else? No problem. Since our authentication is OAuth 2.0 based, there are ready-made libraries available for all major server-side languages and frameworks. All you need to know are the following parameters:

Client ID: copy this from My Webpagesopen in new window

Client secret: copy this from My Webpagesopen in new window

Authorize URL: https://id.eideasy.com/oauth/authorize

Access token URL: https://id.eideasy.com/oauth/access_token

User data URL: https://id.eideasy.com/api/v2/user_data

For example, in PHP you may wish to use thephpleague/oauth2-clientopen in new window:

$provider = new \League\OAuth2\Client\Provider\GenericProvider([
  'clientId' => 'your_oauth2_client_id',
  'clientSecret' => 'your_oauth2_client_secret',
  'redirectUri' => 'http://your-site.com/your-redirect-url/', // The url that will run this code snippet
  'urlAuthorize' => 'https://id.eideasy.com/oauth/authorize',
  'urlAccessToken' => 'https://id.eideasy.com/oauth/access_token',
  'urlResourceOwnerDetails' => 'https://id.eideasy.com/api/v2/user_data'

// If we don't have an authorization code then get one
if (!isset($_GET['code'])) {

  // Fetch the authorization URL from the provider; this returns the
  // urlAuthorize option and generates and applies any necessary parameters
  // (e.g. state).
  $authorizationUrl = $provider->getAuthorizationUrl([
      // Optional params
      'lang' => 'en',
      // ...

  // Get the state generated for you and store it to the session.
  $_SESSION['oauth2state'] = $provider->getState();

  // Redirect the user to the authorization URL.
  header('Location: ' . $authorizationUrl);

// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || (isset($_SESSION['oauth2state']) && $_GET['state'] !== $_SESSION['oauth2state'])) {

  exit('Invalid state');

} else {

  // Try to get an access token using the authorization code grant.
  $accessToken = $provider->getAccessToken('authorization_code', [
      'code' => $_GET['code']

  // Using the access token, we may look up details about the
  // resource owner.
  $resourceOwner = $provider->getResourceOwner($accessToken);

  $ownerData = $resourceOwner->toArray();

  // Bam! You can now access the user's identity in $ownerData.
  echo "Authenticated user's ID code: " . $ownerData['idcode'];

Optional redirect query parameters:

lang – language of the user. Use 2-letter codes: (ISO 639-1)

Last Updated: