Auth, Login, Signup and Signin flow
The auth flow is used for login and signup. It has 4 different initiation urls, and contains several steps based on client configuration. You can initiate the flow by either using path
- /flow/login, to render a login view
- /flow/signup, to render a signup view
- /flow/auth, to render the either signup or login, based on if we recognize the user or not (recommended)
- /flow/signin, to render a signin view and let the user login without credentials
URL Path: /flow/auth, /flow/login, /flow/signup, /flow/signin,
How it works
The login flow can be just one step, or it can be more. It depends on the current state of the user, and client configuration.
- Step 1: Login or Signup
- Step 2: Verify step, only shown if user is unverified
- Step 3: Two factor authentication, only shown if client configuration require it
- Step 4: Accept agreement, only shown if user has not accepted the latest agreement
- Connect to client, an invisible step where user gets connected to client
- Step 5: Required fields step, only shown if client require fields user have not filled
- Step 6: Verify phone step, only shown if client configuration require it
- Step 7: Notifications step, not currently in use
Flow is initiated by path /flow/auth
, /flow/login
or /flow/signup
and require query parameters client_id
, redirect_uri
and response_type
. Optional query parameters include, among others, cancel_redirect_uri
and locale
.
The locale
parameter may include any of the supported locales in Schibsted account.
Signin flow
Sign-in flow is a slight exception. It lets user to log in without providing his/hers credentials by using an unique, one at a time, valid for 5 minutes token.
- Step 1: Signin view with e-mail input OR correct API endpoint
- Step 2: Receiving e-mail
- Optional step: Error page if link is expired or invalid
- Step 3: Accept agreement, only shown if user has not accepted the latest agreement
- Connect to client, an invisible step where user gets connected to client
- Step 4: Required fields step, only shown if client require fields user have not filled
- Step 5: Verify phone step, only shown if client configuration requires it
How it looks
Client teaser and Custom CSS is applied to all of the steps. See Flows for more info.
Flows
- About flows
- Auth/Login/Signup/Signin flow
- Checkout flow
- Forgot password flow
- Profile update flow
- Payment method flow
Help us improve
Did you spot an error? Or maybe you just have a suggestion for how we can improve? Leave a comment, or better yet, send us a pull request on GitHub to fix it (in-browser editing, only takes a moment).
Comments/feedback
Do you have questions, or just want to contribute some newly gained insight? Want to share an example? Please leave a comment. Our team reads and responds to every question. Additionally, your experience can help others using Schibsted account, and it can help us continuously improve our documentation.