Passport API
Auth Gateway
Exchange Token
Call this method to exchange an exchange code or refresh token for a new access token and refresh token.
Exchange Token
POST
https://passport.rollup.id/token
Call this method to exchange an exchange code or refresh token for a new access token and refresh token.
Request Body
code*
String
Exchange code
client_id*
String
Application client id
client_secret*
String
Application client secret
grant_type*
String
"authorization_code" or "refresh_token"
{
access_token: string,
refresh_token: string,
token_type: 'Bearer',
id_token: string
}
Example
const tokenForm = new Form()
tokenForm.append('code', exchangeCode)
tokenForm.append('grant_type', grantType)
tokenForm.append('client_id', clientId)
tokenForm.append('client_secret', clientSecret)
const { access_code, refresh_token } = await fetch(
'https://passport.rollup.id/token',
{
method: 'post',
body: tokenForm,
}
)
Source
https://github.com/proofzero/rollupid/blob/main/apps/passport/app/routes/token.tsx
User Info
Call this method to retrieve basic identity information for the user. This endpoint retrieves fresh data that would have been included in the ID token when the app was initially authorized by the user.
User Info
POST
https://passport.rollup.id/userinfo
Call this method to retrieve basic identity information for the user.
Headers
Authorization*
String
Bearer {access token}
{
name: '(some name here)',
picture: '(URL of some picture here)',
email: '(email address connected to the account)',
sub: '(unique identifier of the account aka. accountURN)',
connected_accounts: [
{
type: 'eth',
identifier: '(eth address)'
},
{
type: 'email',
identifier: '(email address of connected account)'
},
{
type: 'github',
identifier: '(github username)'
}
//other addresses
]
}
Example
const access_token = '(some access token value)'
const response = await fetch('https://passport.rollup.id/userinfo', {
headers: {
Authorization: `Bearer ${access_token}`,
},
})
const { name, picture } = await response.json()
OpenID Connect Discovery
The OpenID provider metadata can be accessed in the endpoint described below.
OpenID Configuration
GET
https://passport.rollup.id/.well-known/openid-configuration
{
"issuer": "https://passport.rollup.id",
"authorization_endpoint": "https://passport.rollup.id/authorize",
"token_endpoint": "https://passport.rollup.id/token",
"token_endpoint_auth_methods_supported": ["client_secret_post"],
"token_endpoint_auth_signing_alg_values_supported": ["ES256"],
"userinfo_endpoint": "https://passport.rollup.id/userinfo",
"jwks_uri": "https://passport.rollup.id/.well-known/jwks.json",
"scopes_supported": ["openid", "profile", "email"],
"response_types_supported": ["code"],
"subject_types_supported": ["public", "pairwise"],
"userinfo_signing_alg_values_supported": ["ES256"],
"id_token_signing_alg_values_supported": ["ES256"],
"request_object_signing_alg_values_supported": ["ES256"],
"claims_supported": ["sub", "iss"],
"service_documentation": "https://docs.rollup.id/"
}
JSON Web Key Set
The JWKS is the list of public keys to be used to validate token signatures.
JWKS
GET
https://passport.rollup.id/.well-known/jwks.json
{
"keys": [
{
"alg": "ES256",
"kid": "1682004114895",
"kty": "EC",
"x": "ArcyYahTQbDLptozxzlYArNCKkz50iE7uCW1FBZ4P6Y",
"y": "Vi51b0mBI1QWALTf5vd2guoBNn72VTv473vhHt1ZgQw",
"crv": "P-256"
},
{
"alg": "ES256",
"kid": "1682000697502",
"kty": "EC",
"x": "JL5ZRnjb9pp9TqKsT5-pfa0Yw-Q191J210MwpdpWlZQ",
"y": "OOc5DhoEIUczfNNof25suDFLWKNUTTb0pDm2_4hJMk4",
"crv": "P-256"
}
]
}
Last updated
Was this helpful?