Passport API

Auth Gateway

Exchange Token

Call this method to exchange an exchange code or refresh token for a new access token and refresh token.

Exchange Token

POST https://passport.rollup.id/token

Call this method to exchange an exchange code or refresh token for a new access token and refresh token.

Request Body

Name

Type

Description

code*

String

Exchange code

client_id*

String

Application client id

client_secret*

String

Application client secret

grant_type*

String

"authorization_code" or "refresh_token"

{
    access_token: string,
    refresh_token: string,
    token_type: 'Bearer',
    id_token: string
}

Example

const tokenForm = new Form()
tokenForm.append('code', exchangeCode)
tokenForm.append('grant_type', grantType)
tokenForm.append('client_id', clientId)
tokenForm.append('client_secret', clientSecret)

const { access_code, refresh_token } = await fetch(
  'https://passport.rollup.id/token',
  {
    method: 'post',
    body: tokenForm,
  }
)

curl https://passport.rollup.id/token -X POST \
  --header "Content-Type: application/x-www-form-urlencoded" \
  --data-urlencode "client_id={clientId}" \
  --data-urlencode "client_secret={clientSecret}"
  --data-urlencode "code={exchangeCode}"
  --data-urlencode "grant_type=authorization_code"

Source

https://github.com/proofzero/rollupid/blob/main/apps/passport/app/routes/token.tsx

User Info

Call this method to retrieve basic identity information for the user. This endpoint retrieves fresh data that would have been included in the ID token when the app was initially authorized by the user.

User Info

POST https://passport.rollup.id/userinfo

Call this method to retrieve basic identity information for the user.

Headers

Name

Type

Description

Authorization*

String

Bearer {access token}

{
    name: '(some name here)',
    picture: '(URL of some picture here)',
    email: '(email address connected to the account)',
    sub: '(unique identifier of the account aka. accountURN)',
    connected_accounts: [
      {
        type: 'eth',
        identifier: '(eth address)'
      },
      {
        type: 'email',
        identifier: '(email address of connected account)'
      },
      {
        type: 'github',
        identifier: '(github username)'
      }
      //other addresses
    ]
}

Example

const access_token = '(some access token value)'

const response = await fetch('https://passport.rollup.id/userinfo', {
  headers: {
    Authorization: `Bearer ${access_token}`,
  },
})
const { name, picture } = await response.json()

OpenID Connect Discovery

The OpenID provider metadata can be accessed in the endpoint described below.

OpenID Configuration

GET https://passport.rollup.id/.well-known/openid-configuration

{
  "issuer": "https://passport.rollup.id",
  "authorization_endpoint": "https://passport.rollup.id/authorize",
  "token_endpoint": "https://passport.rollup.id/token",
  "token_endpoint_auth_methods_supported": ["client_secret_post"],
  "token_endpoint_auth_signing_alg_values_supported": ["ES256"],
  "userinfo_endpoint": "https://passport.rollup.id/userinfo",
  "jwks_uri": "https://passport.rollup.id/.well-known/jwks.json",
  "scopes_supported": ["openid", "profile", "email"],
  "response_types_supported": ["code"],
  "subject_types_supported": ["public", "pairwise"],
  "userinfo_signing_alg_values_supported": ["ES256"],
  "id_token_signing_alg_values_supported": ["ES256"],
  "request_object_signing_alg_values_supported": ["ES256"],
  "claims_supported": ["sub", "iss"],
  "service_documentation": "https://docs.rollup.id/"
}

JSON Web Key Set

The JWKS is the list of public keys to be used to validate token signatures.

JWKS

GET https://passport.rollup.id/.well-known/jwks.json

{
  "keys": [
    {
      "alg": "ES256",
      "kid": "1682004114895",
      "kty": "EC",
      "x": "ArcyYahTQbDLptozxzlYArNCKkz50iE7uCW1FBZ4P6Y",
      "y": "Vi51b0mBI1QWALTf5vd2guoBNn72VTv473vhHt1ZgQw",
      "crv": "P-256"
    },
    {
      "alg": "ES256",
      "kid": "1682000697502",
      "kty": "EC",
      "x": "JL5ZRnjb9pp9TqKsT5-pfa0Yw-Q191J210MwpdpWlZQ",
      "y": "OOc5DhoEIUczfNNof25suDFLWKNUTTb0pDm2_4hJMk4",
      "crv": "P-256"
    }
  ]
}

PreviousGalaxy API NextScopes

Last updated 2 years ago

hashtagExchange Token

hashtagExchange Token

hashtagRequest Body

hashtagExample

hashtagSource

hashtagUser Info

hashtagUser Info

hashtagHeaders

hashtagExample

hashtagOpenID Connect Discovery

hashtagOpenID Configuration

hashtagJSON Web Key Set

hashtagJWKS

Exchange Token

Exchange Token

Request Body

Example

Source

User Info

User Info

Headers

Example

OpenID Connect Discovery

OpenID Configuration

JSON Web Key Set

JWKS