search

Implicit Flow

Use for

  • Single-Page Web Applications

Following process describes how to obtain an user's authorization to interact with the Loom AI API on the user's behalf using the OAuth2 Implicit Flowarrow-up-right.

hashtag
1. User Authentication & Request Authorization

Redirect the user to following parameterized URL to authenticate the user and request authorization for your application to interact with the Loom AI API on the user's behalf.

https://auth.loomai.com/authorize?
  response_type=token&
  audience=https%3A%2F%2Fapi.loomai.com%2F&
  client_id={CLIENT_ID}&
  redirect_uri={REDIRECT_URI}&
  scope={SCOPE}&
  state={STATE}

Parameter

Description

response_type

Set to token.

audience

Set to https://api.loomai.com/(url-encoded).

client_id

Your application's Client ID.

redirect_uri

The URL to which the user will be redirected after authorization has been completed (url-encoded). The access token will be appended to the URL using an url fragment (#).

scope

Whiite-space separated list of scopes you are requesting authorization for. Please refer to Authorization Scopes for more details.

state

A random alphanumeric string your client application adds to the request. The value will be included when redirecting back to your application. This is used to prevent CSRF attacksarrow-up-right.

hashtag
Request

hashtag
Response

If all parameters are valid, you will receive a HTTP 302 response redirecting to your specified redirect_uri with an url fragment, encoded as query parameters, that contains the authorization result. Specifically the access_token required to use the Loom AI API as well as additional information like token lifetime, authorized scopes etc.

If authorization failed or has been denied by the user, the url fragment will contain an error parameter with further details instead.

PreviousClient Credentials FlowNextRefresh Token Flow

Last updated

Was this helpful?