ScalixScalix Docs
Sign up

OAuth Providers

Sign in with Google, GitHub, and other OAuth providers

Supported Providers

ProviderStatus
GoogleAvailable
GitHubAvailable

OAuth Flow

1. Initiate

Request an authorization URL:

bash
curl -X POST https://api.scalix.world/v1/auth/oauth/authorize \
  -H "Content-Type: application/json" \
  -d '{"provider": "google", "redirect_url": "https://myapp.com/callback"}'

Response:

json
{
  "url": "https://accounts.google.com/o/oauth2/v2/auth?..."
}

Redirect the user to the returned URL.

2. Callback

After the user authorizes, they're redirected to your callback URL with a code:

plaintext
https://myapp.com/callback?code=auth_code_here&state=csrf_state

3. Exchange

Exchange the code for tokens:

bash
curl -X POST https://api.scalix.world/v1/auth/oauth/callback \
  -d '{
    "provider": "google",
    "code": "auth_code_here",
    "redirect_url": "https://myapp.com/callback",
    "state": "csrf_state"
  }'

Response:

json
{
  "user": {
    "id": "usr_abc123",
    "email": "user@gmail.com",
    "is_anonymous": false
  },
  "session": {
    "access_token": "eyJhbGciOi...",
    "refresh_token": "a1b2c3d4e5...",
    "expires_in": 900,
    "token_type": "bearer"
  }
}

Client SDK

The auth SDK handles the OAuth flow:

typescript
import { ScalixAuthClient } from "@scalix-world/auth";
 
const auth = new ScalixAuthClient({ url: "https://api.scalix.world" });
 
// Returns an authorization URL
const { url } = await auth.signInWithOAuth("google", "https://myapp.com/callback");
window.location.href = url;

Account Linking

If a user signs up with email/password and later signs in with Google using the same email, the accounts can be linked via the identity link endpoint:

bash
curl -X POST https://api.scalix.world/v1/auth/identity/link \
  -H "Authorization: Bearer $ACCESS_TOKEN"