Use for

• Single-Page Web Applications

Following process describes how to obtain an user's authorization to interact with the Loom AI API on the user's behalf using the OAuth2 Implicit Flow.

1. User Authentication & Request Authorization

Redirect the user to following parameterized URL to authenticate the user and request authorization for your application to interact with the Loom AI API on the user's behalf.

https://auth.loomai.com/authorize?
  response_type=token&
  audience=https%3A%2F%2Fapi.loomai.com%2F&
  client_id={CLIENT_ID}&
  redirect_uri={REDIRECT_URI}&
  scope={SCOPE}&
  state={STATE}

Request

<a href="https://auth.loomai.com/authorize?
    response_type=token&
    audience=https%3A%2F%2Fapi.loomai.com%2F&
    client_id={CLIENT_ID}&
    redirect_uri=https%3A%2F%2Fapp.domain.tld%2Foauth%2Fcallback&
    scope=read:avatars%20write:avatars&
    state=0xdeadbeef">
    Sign In
</a>

Response

If all parameters are valid, you will receive a HTTP 302 response redirecting to your specified redirect_uri with an url fragment, encoded as query parameters, that contains the authorization result. Specifically the access_token required to use the Loom AI API as well as additional information like token lifetime, authorized scopes etc.

If authorization failed or has been denied by the user, the url fragment will contain an error parameter with further details instead.

HTTP/1.1 302 Found
Location: https://app.domain.tld/oauth/callback#
    access_token=ACCESS_TOKEN&
    expires_in=3600&
    token_type=Bearer&
    scope=AUTHORIZED_SCOPES&
    state=0xdeadbeef