Implicit Flow

PreviousClient Credentials Flow NextRefresh Token Flow

Last updated 4 years ago

Was this helpful?

Implicit Flow

Use for

Single-Page Web Applications

Following process describes how to obtain an user's authorization to interact with the Loom AI API on the user's behalf using the .

1. User Authentication & Request Authorization

Redirect the user to following parameterized URL to authenticate the user and request authorization for your application to interact with the Loom AI API on the user's behalf.

https://auth.loomai.com/authorize?
  response_type=token&
  audience=https%3A%2F%2Fapi.loomai.com%2F&
  client_id={CLIENT_ID}&
  redirect_uri={REDIRECT_URI}&
  scope={SCOPE}&
  state={STATE}

Parameter

Description

response_type

Set to token.

audience

Set to https://api.loomai.com/(url-encoded).

client_id

redirect_uri

The URL to which the user will be redirected after authorization has been completed (url-encoded). The access token will be appended to the URL using an url fragment (#).

scope

state

Request

<a href="https://auth.loomai.com/authorize?
    response_type=token&
    audience=https%3A%2F%2Fapi.loomai.com%2F&
    client_id={CLIENT_ID}&
    redirect_uri=https%3A%2F%2Fapp.domain.tld%2Foauth%2Fcallback&
    scope=read:avatars%20write:avatars&
    state=0xdeadbeef">
    Sign In
</a>

Response

If all parameters are valid, you will receive a HTTP 302 response redirecting to your specified redirect_uri with an url fragment, encoded as query parameters, that contains the authorization result. Specifically the access_token required to use the Loom AI API as well as additional information like token lifetime, authorized scopes etc.

If authorization failed or has been denied by the user, the url fragment will contain an error parameter with further details instead.

HTTP/1.1 302 Found
Location: https://app.domain.tld/oauth/callback#
    access_token=ACCESS_TOKEN&
    expires_in=3600&
    token_type=Bearer&
    scope=AUTHORIZED_SCOPES&
    state=0xdeadbeef

PreviousClient Credentials Flow NextRefresh Token Flow

Last updated 4 years ago

Was this helpful?

Use for

Single-Page Web Applications

Following process describes how to obtain an user's authorization to interact with the Loom AI API on the user's behalf using the .

1. User Authentication & Request Authorization

Redirect the user to following parameterized URL to authenticate the user and request authorization for your application to interact with the Loom AI API on the user's behalf.

https://auth.loomai.com/authorize?
  response_type=token&
  audience=https%3A%2F%2Fapi.loomai.com%2F&
  client_id={CLIENT_ID}&
  redirect_uri={REDIRECT_URI}&
  scope={SCOPE}&
  state={STATE}

Parameter

Description

response_type

Set to token.

audience

Set to https://api.loomai.com/(url-encoded).

client_id

Your application's .

redirect_uri

The URL to which the user will be redirected after authorization has been completed (url-encoded). The access token will be appended to the URL using an url fragment (#).

scope

Whiite-space separated list of scopes you are requesting authorization for. Please refer to for more details.

state

A random alphanumeric string your client application adds to the request. The value will be included when redirecting back to your application. This is used to prevent .

Request

<a href="https://auth.loomai.com/authorize?
    response_type=token&
    audience=https%3A%2F%2Fapi.loomai.com%2F&
    client_id={CLIENT_ID}&
    redirect_uri=https%3A%2F%2Fapp.domain.tld%2Foauth%2Fcallback&
    scope=read:avatars%20write:avatars&
    state=0xdeadbeef">
    Sign In
</a>

Response

If authorization failed or has been denied by the user, the url fragment will contain an error parameter with further details instead.

HTTP/1.1 302 Found
Location: https://app.domain.tld/oauth/callback#
    access_token=ACCESS_TOKEN&
    expires_in=3600&
    token_type=Bearer&
    scope=AUTHORIZED_SCOPES&
    state=0xdeadbeef