@livechat/accounts-sdk) is a JavaScript library that lets you implement the Sign in with Text flow — the easiest way to get access to basic information in Text accounts.
The Sign in with Text flow lets you:
- Get access to the Text account user’s email, account ID, or organization ID.
- Receive an
access_tokenthat can be used to perform API calls. - Receive a
codeusing the PKCE extension, which could be then used to obtain the account’srefresh_tokenandaccess_token.
User flow
Users start the flow by clicking the Sign in with Text button. If a user is not signed in, they’ll be asked to do that. Then, the user must give the app access to the specified parts of their Text account. Finally, the app receives anaccess_token that allows it to perform different API calls, limited to what the user agreed to in the prompt.
How to start
Step 1: Create a new app
Go to Settings → API access → OAuth clients and create a new OAuth client. You will receive a newclient_id to use in the next steps.
The Redirect URI field must match the URL of the website that has the Sign in with Text button installed. The button will not work with any other URL addresses.
Step 2: Include the SDK library
Install the SDK from NPM:Step 3: Prepare button container
Prepare the login button, which will invoke the authorization flow when a user clicks it.Accounts SDK reference
Following classes and methods are available in the Accounts SDK:AccountsSDK
The main instance of the SDK used to authorize users in Text Accounts.options object with the following properties:
The
transaction object consists of the following parameters:
In the
pkce object, define the following configuration properties:
popup
Returns aPopup object instance built on top of sdk.
redirect
Returns aRedirect object instance built on top of sdk.
authorizeURL
Creates an authorization URL for the given flow and parameters.verify
Verifies if thestate parameter from the redirect matched the one provided upon initialization. If it does, the method returns Transaction. Otherwise, it returns null.
Popup
A class responsible for acquiring the user authorization data through a popup window.sdk:
authorize
Returns a promise that resolves with the user authorization data or an error.Redirect
A class responsible for acquiring the user authorization data through theredirect method.
sdk:
authorize
Starts the redirect authorization flow.authorizeData
Checks if a user was redirected to the current origin with the authorization data. Returns a promise that resolves with the user authorization data or an error.PKCE support
To acquire bothaccess_token and refresh_token in a frontend application, use the PKCE Extension, which prevents the usage of a hijacked redirect by malicious apps.
- Start by enabling PKCE. Provide
AccountsSDKinstance with PKCE options:
- Then, using the
redirectflow, you’re able to receive thecodeauthorization data:
Response format
Allauthorize methods return the user authorization data on success, or an error on failure.
Success
Error
If the authorization process fails, the promise will be rejected with an error:identity_exception
Possible values:unauthorized– The resource owner identity is unknown or the consent is missing.
oauth_exception
Possible values:invalid_request– The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.unauthorized_client– The client is not authorized to request a token using this method.access_denied– The resource owner or authorization server denied the request.unsupported_response_type– The authorization server doesn’t support acquiring a token using this method.