leemorgan avatar image
leemorgan asked leemorgan commented

How to authenticate user login?

I know this is a very simple question, but I have been searching for hours and I cannot find anything in the Clover docs or on here. If somebody could tell me how this works or where I can find this in the docs I would very much appreciate it.

How do I go about validating a user that logs in with OAuth. After they have already signed up, and they use Clover to login, then are redirected to my site. I am guessing that I use the "code" that is given to me, but how do I use that to validate that they are coming from Clover?

Or, is the code a new code that I use to request a new access token? If that is the case, then am I supposed to just get a new access token every time that they login? Thanks in advance for the help.

10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

David Marginian avatar image
David Marginian Deactivated answered leemorgan commented

The code is used to obtain an access token during the OAuth flow. For subsequent logins you certainly can request a new access token, or you can securely store the access token.

10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

leemorgan avatar image leemorgan commented ·

Ok, so I am securely storing the access token. However, what about when the user logs in after that through Clover? Or if they click on the link to my app from within Clover. Most of the docs say that they should be automatically logged in. This is what I would like to have happen. However, I am wondering how do I validate the user from the data sent within the url in order to log them in?

0 Likes 0 ·
David Marginian avatar image David Marginian ♦♦ leemorgan commented ·

Once you have their token, they don't need to login to Clover.

0 Likes 0 ·
leemorgan avatar image leemorgan David Marginian ♦♦ commented ·

The docs seem to say that when a user launches the web app from Clover, they should automatically be logged in. I am trying to find exactly where it says this and I will send you a link. However, when we contacted Clover by email asking about the flow, we received the following response from Ricardo:

"Going forward [after signing up for our service], the merchant should no longer be asked to login or signup when they launch your web app from their dashboard."

0 Likes 0 ·
Show more comments
Show more comments

Welcome to the
Clover Developer Community