Manage authentication providers

This documentation explains how to configure your own providers to authenticate end-users in the Consents API. This section shows how to create a new provider, set it as the default provider for your organization, and use one or multiple providers in your widgets.

Manage authentication within a widget

Manage authentication providers

Create a provider

A default provider of type otp is attached your organization (except if you have subscribed to Didomi before the 4th of July 2023).

It will allow our system to send an email to your end-user when he authenticates from a widget or to the Didomi API through the /auth/initiate endpoint.

You can also create an Magic Link provider in order to provide a one-step less journey to your end-users. Note that this method includes a token in a link and might be less secured than the One-Time Password workflow.

Create an One-Time Password provider

To create an One-Time Password provider, you can send a POST request to /auth-providers. You need to specify the following values.

POST https://api.didomi.io/auth-providers

{
    "type": "otp",
    "organization_id": "YOUR_ORGANIZATION_ID",
    // To set as default provider of the organization
    "is_default": true
}

Create a Magic Link provider

To create a Magic Link provider, you can send a POST request to /auth-providers. You need to specify the following values.

POST https://api.didomi.io/auth-providers

{
    "type": "message",
    "organization_id": "YOUR_ORGANIZATION_ID"
    // To set as default provider of the organization
    "is_default": true    
}

Set a default provider

A dedicated property is_default could be set within auth provider’s payload to mark the selected auth provider as a default one.

To set a provider as your default provider, you can send a PATCH request to /auth-providers/id.

You need to set the is_default property to true and specify the type of your provider which can be either otp or message.

PATCH https://api.didomi.io/auth-providers/{id}

{
    "type": "otp",
    "is_default": true
}

If you have already one default provider and you create a new one with is_default set to true, then the other provider will be switched to false automatically.

Authentication configuration is available at widget level. When you create a widget, depending on the template used, a authentication configuration is set. To edit the authentication configuration, you need to send a PATCH request on /widgets/{id} endpoint.

Property

Type

Description

method

String

Method used by the widget to authenticate the end-user. Options available are email and null.

componentOptions

Object

Options to configure the Login component.

hideIfNotAuthenticated

Boolean

Hide the widget when the end-user is not authenticated. (Prevents from displaying an empty widget when authentication is not processed)

providerId

String

In case of multiple authentication provider, to use a different provider than the default provider, set the providerId of the authentication provider you want to use.

Be careful when you are editing the auth property. This is a JSONB and by design, you need to fill in every property already added every time you edit this object.

PATCH https://api.didomi.io/widgets/{id}?organization_id=YOUR_ORG_ID

{
    "auth": {
        "method": "email",
        "componentOptions": {},
        "hideIfNotAuthenticated": false,
        "providerId": "PROVIDER_ID"
    }
}

Note that if you choose to set the method to null, you have to support authentication on your side. To do so, please follow our dedicated documentation.

PreviousAuthentication NextAuthenticate your end-user

Last updated 1 year ago