Connect URL
A Connect URL is where you redirect users in order to log in with GlobaliD, after which they are redirected back to your app with an authorization
code
.When a user navigates to your connect URL, they are presented with a QR code that they must scan with their GlobaliD mobile app. If the user does not have the GlobaliD mobile app, they can scan the QR code to get a link to the mobile app in the App Store or on Google Play. From there, they will need to sign up for a GlobaliD account.
This document assumes you have created a Developer App and (optionally) set up Required Verifications.
- 1.In the Developer Portal, navigate to your app under My Apps > My developer apps.
- 2.Under App Configuration > Connect URLs, click Configure (or Add More, if you already have a Connect URL).
- 3.From here, you will need to do the following:
- Enter a URL description.
- Select the Scope Type. If you require PII (see PII Sharing), choose OpenId. Otherwise, choose Public. If you choose OpenId, you will need to generate and append a nonce.
- Set the Response Type to Authorization Code.
- Set the Interaction Mode as QR Code.
- (Optional) set the Hex color code.
- (Optional) toggle whether you would like to display your logo.
- (Optional) toggle whether users are required to accept your terms of service and privacy policy.
- 4.Click Save Changes.
If you choose OpenId for you Connect URL's Scope Type, you will need to generate and append a
nonce
query parameter to your Connect URL each time you present it to a user. The value of the parameter must be a cryptographic nonce containing 8 or more alphanumeric or hyphen ("-") characters.Here's a JavaScript example that uses a random UUID as the
nonce
:import { v4 as uuid } from "uuid";
const connectUrl = new URL("https://connect.global.id/?...");
connectUrl.searchParams.set("nonce", uuid());
const connectUrlWithNonce = connectUrl.toString();
Once a user has logged in via your Connect URL, they will be redirected back to your app using the Redirect URL you configured above. If the user confirms the request to log in with GlobaliD, you will receive an authorization
code
query parameter, which can be exchanged for an access token (see Authorization). You will also get a decoupled_id
query parameter, if you're utilizing the Delayed Verifications Flow.On the other hand, if the user declines the request to log in, you will receive
error
and error_description
query parameters instead of an authorization code
.Last modified 1yr ago