Request Authorization
Once the BindID SDK is initialized, you can invoke a BindID authentication process using the authenticate()
SDK call (see API reference). A successful authentication returns an authorization code that can be exchanged for the ID and access tokens.
The token exchange can be performed either in the front-end or backend. When using a front-end PKCE exchange, add the setUsePkce parameter to the authenticate()
call, and then invoke the exchangeToken() SDK method with the authentication response. Alternatively, perform a backend exchange using the Token API (see Get User Identity and Trust).
The following example shows a front-end PKCE token exchange, however, BindID also supports a backend authorization code token exchange (with or without PKCE) using the Token API.
where [REDIRECT_URI]
is redirect URI you configured in the step BindID Admin Portal, and the deep link added in Set Up Redirection.
The functions in the snippet above should be implemented as follows:
sendTokenToServer
should send the ID and access tokens received upon successful authentication to your backend server.handleError
should respond to an authentication error, possibly by presenting a suitable message to the user.