Auth everywhere your users are.
Passport is an OAuth-based authentication and authorization gateway for your app that is hosted and customizable with your domain. It requires minimal integration and can be accessed on any device (desktop, web, mobile) and has the following flow and features.
The authentication step takes care of identifying profiles on the Profile Graph. The authentication method a user chooses acts like a DNS resolver to a users profile. If a profile is not found, one will be created.
Once authenticated the user will the be redirected to the authorization screen.
- Connect with Wallet
- Connect with Email (coming soon)
- Connect with WebAuthN (coming soon)
- Connect with Google
- Connect with Apple
- Connect with Twitter
- Connect with Github
- Connect with Microsoft
- Connect with Discord
No scope is equivalent to an auto authorization with access only to public profile information. If no scopes are configured in Console the user will not be presented the authorization screen.
The passport application is also responsible for issuing access and refresh tokens via the Profile API. It is recommended that these tokens be managed by your application in either a session cookie and/or user record. Tokens can be continuously refreshed so long as the user has not explicitly revoked access.
Authenticated users will also maintain their session with passport for 90 days and that session will be extended long as the user user visits the passport app within the 90 day period. This also means that if your application session expires and the user is redirected to passport you will automatically get another access token and refresh token.