Manage authentication providers

This documentation explains how to configure your own providers to authenticate end-users in the Consents API. This section shows how to create a new provider, set it as the default provider for your organization, and use one or multiple providers in your widgets.

Manage authentication providers

Manage authentication within a widget

Manage authentication providers

Create a provider

A default provider of type otp is attached your organization (except if you have subscribed to Didomi before the 4th of July 2023).

It will allow our system to send an email to your end-user when he authenticates from a widget or to the Didomi API through the /auth/initiate endpoint.

You can also create an Magic Link provider in order to provide a one-step less journey to your end-users. Note that this method includes a token in a link and might be less secured than the One-Time Password workflow.

Create an One-Time Password provider

To create an One-Time Password provider, you can send a POST request to /auth-providers. You need to specify the following values.

POST https://api.didomi.io/auth-providers

{
    "type": "otp",
    "organization_id": "YOUR_ORGANIZATION_ID",
    // To set as default provider of the organization
    "is_default": true
}

To create a Magic Link provider, you can send a POST request to /auth-providers. You need to specify the following values.

POST https://api.didomi.io/auth-providers

{
    "type": "message",
    "organization_id": "YOUR_ORGANIZATION_ID"
    // To set as default provider of the organization
    "is_default": true    
}

Set a default provider

A dedicated property is_default could be set within auth provider’s payload to mark the selected auth provider as a default one.

To set a provider as your default provider, you can send a PATCH request to /auth-providers/id.

You need to set the is_default property to true and specify the type of your provider which can be either otp or message.

PATCH https://api.didomi.io/auth-providers/{id}

{
    "type": "otp",
    "is_default": true
}

If you have already one default provider and you create a new one with is_default set to true, then the other provider will be switched to false automatically.

Manage authentication within a widget

Authentication configuration is available at widget level. When you create a widget, depending on the template used, a authentication configuration is set. To edit the authentication configuration, you need to send a PATCH request on /widgets/{id} endpoint.

Be careful when you are editing the auth property. This is a JSONB and by design, you need to fill in every property already added every time you edit this object.

PATCH https://api.didomi.io/widgets/{id}?organization_id=YOUR_ORG_ID

{
    "auth": {
        "method": "email",
        "componentOptions": {},
        "hideIfNotAuthenticated": false,
        "providerId": "PROVIDER_ID"
    }
}

Note that if you choose to set the method to null, you have to support authentication on your side. To do so, please follow our dedicated documentation.

Last updated