3rd Party developers can use our OAuth2 flow to authorize applications and users. OAuth2 is an industry standard authentication system that's used by big companies like Facebook and Google. Most languages have an OAuth2 client library that should be compatible out of the box to make authentication from your apps on the Formide API easy to implement. Our own client libraries also feature OAuth login functions.
In order to start the OAuth2 flow on our API, you need some credentials. These credentials can be obtained by registering your application in our connect portal. After creating a new app with type
REST, you will receive a client ID and secret. Combined with whitelisted redirect URLs, these form the credentials you need to go through the authorization flow.
OAuth2 involves 3 steps:
- Start a new auth flow by navigating your user to the authorization endpoint. Here your user will be faced with a page where they can accept or deny giving your application access to their user data.
- After accepting, the user will be redirected back to the specified (and previously white-listed) redirect URL. We will pass an authorization code along in that redirect. This code can be used in the last step.
- Hit our access token endpoint to swap the authorization code for an actual access token. This access token is what your app will be using to access our API for the authorized user.
Next to getting access via OAuth2, our API features a scoping system. Scopes are pieces of the API that are either available or not to your application. They give the user a sense of security, since your app cannot access data that it doesn't need or shouldn't be using at all. For example, your app can have the
user_resource:read scope to get a list of printer settings, but not the
user_resource:write scope to make changes to the settings.
After updating your app's scopes in the developer portal, you need to re-authenticate your users to access these scopes.
Read basic user information. Does not include private information like email address.
Read user resources like files, printers, materials, and slice profiles.
Edit the same user resources.
Read preset resources. These can help you populate your own settings.
Read device information and current status.