Authenticating with third-party tokens

The token exchange endpoint allows external authentication systems to be integrated with Karhoo platform. This effectively means externally authenticated users can be authorized as Karhoo platform users.

A prerequisite for this flow is a third-party application possessing a proof of user being authenticated within an external authentication system in form of a string token. This token represents the identity of the party on behalf of whom Karhoo access token should be issued.

This flow involves a backend integration between your authentication system and Karhoo’s authentication system to map and manage user claims. In order to use it, your application must be registered within Karhoo auth service as a valid client (assigned with a client_id).

Moreover, you need to provide more details on how Karhoo auth service can use your tokens to extract/obtain user details such as: first name, last name, email, phone and locale. Typical scenarios are: external tokens are self-contained tokens (JWTs) or an additional user details endpoint is provided.

Click Try It! to start a request and see the response here!