Connect URL

A Connect URL is where you redirect users in order to log in with GlobaliD, after which they are redirected back to your app with an authorization code.

When a user navigates to your connect URL, they are presented with a QR code that they must scan with their GlobaliD mobile app. If the user does not have the GlobaliD mobile app, they can scan the QR code to get a link to the mobile app in the App Store or on Google Play. From there, they will need to sign up for a GlobaliD account.

Prerequisites

This document assumes you have created a Developer App and (optionally) set up Required Verifications.

Create a Connect URL

  1. In the Developer Portal, navigate to your app under My Apps > My developer apps.

  2. Under App Configuration > Connect URLs, click Configure (or Add More, if you already have a Connect URL).

  3. From here, you will need to do the following:

    • Enter a URL description.

    • Set the Redirect URL to your redirect endpoint.

    • Select the Scope Type. If you require PII (see PII Sharing), choose OpenId. Otherwise, choose Public. If you choose OpenId, you will need to generate and append a nonce.

    • Set the Response Type to Authorization Code.

    • Set the Interaction Mode as QR Code.

    • (Optional) set the Hex color code.

    • (Optional) toggle whether you would like to display your logo.

    • (Optional) toggle whether users are required to accept your terms of service and privacy policy.

    • (Optional) select the Required Verification Set (see Required Verifications).

  4. Click Save Changes.

Generate and Append a Nonce

If you choose OpenId for you Connect URL's Scope Type, you will need to generate and append a nonce query parameter to your Connect URL each time you present it to a user. The value of the parameter must be a cryptographic nonce containing 8 or more alphanumeric or hyphen ("-") characters.

Here's a JavaScript example that uses a random UUID as the nonce:

import { v4 as uuid } from "uuid";

const connectUrl = new URL("https://connect.global.id/?...");
connectUrl.searchParams.set("nonce", uuid());
const connectUrlWithNonce = connectUrl.toString();

Next Steps

Once a user has logged in via your Connect URL, they will be redirected back to your app using the Redirect URL you configured above. If the user confirms the request to log in with GlobaliD, you will receive an authorization code query parameter, which can be exchanged for an access token (see Authorization). You will also get a decoupled_id query parameter, if you're utilizing the Delayed Verifications Flow.

On the other hand, if the user declines the request to log in, you will receive error and error_description query parameters instead of an authorization code.

PreviousRequired VerificationsNextAuthorization

Last updated