Authentication API Reference

Verify Token

POST /v1/auth/oauth/verify

Verify an internal OAuth token redirected to your application upon the completion of the OAuth flow. This token is generated by Streambird and can be used to exchange for the authenticated user information and/or the original access_token and refresh_token of the idp providers that can be used directly with the external OAuth providers (e.g., Google, Apple, Microsoft, etc).

HTTP Request

POST /v1/auth/oauth/verify

Returns

A successful response returns user_id, idp_session property with data from the OAuth provider by default. Session object in session property if any of the session_token, session_jwt, or session_expires_in is valid.

application/json

Body

token string Required

Required OAuthToken provided to the login/signup redirect url to authenticate the OAuth session and exchange user info and idp access_token and refresh_token.

Minimum length is 1.
session_expires_in number

Extend the session expiration time to N minutes from now, must be between 5 to 525600 minutes (365 days). This parameter will create a new session if there is no existing session along with a session_token and session_jwt. However, if a valid session_token or session_jwt is sent in, it will extend that session by the minutes specified. If not sent in and no valid session_token or session_jwt included, it will be ignored and no Streambird session will be created by default.
session_token string

Unique session token to verify.

Minimum length is 1.
session_jwt string

Unique Session JWT to verify.

Responses

• 200 application/json
Hide response attributes Show response attributes object
- provider_subject string Required
  
  Minimum length is 1.
- provider string Required
  
  Minimum length is 1.
- user_id string Required
  
  Minimum length is 1.
- idp_session object Required
  
  Returned if session_type with value idp is used.
  
  Hide idp_session attribute Show idp_session attribute
  
  idp object Required
  
  Hide idp attributes Show idp attributes
  
  access_token string Required
  
  Minimum length is 1.
  
  refresh_token string Required
  
  Minimum length is 1.
- session_token string Required
  
  Minimum length is 1.
- session_jwt string
- session object Required
  
  Hide session attributes Show session attributes
  
  id string Required
  
  Minimum length is 1.
  
  user_id string Required
  
  Minimum length is 1.
  
  session_token string Required
  
  Minimum length is 1.
  
  started_at number Required
  
  expires_at number Required
  
  last_active_at number Required
  
  factors array[object] Required
  
  At least 1 element.
  
  Hide factors attributes Show factors attributes object
  
  delivery_channel string Required
  
  Delivery channel for this factor. Possible values: sms, email, totp_authenticator, totp_recovery_code, google_oauth, apple_oauth, microsoft_oauth, discord_oauth, okta_oauth, github_oauth, slack_oauth, facebook_oauth, webauthn_credential, eth_wallet, sol_wallet.
  
  Minimum length is 1.
  
  type string Required
  
  Authentication type of factor. Possible values: otp, oauth, wallet, totp, webauthn.
  
  Minimum length is 1.
  
  method object Required
  
  Hide method attributes Show method attributes
  
  id string
  
  method_id string Required
  
  Minimum length is 1.
  
  method_type string Required
  
  Identifier method type. Possible values: email, wallet, phone_number, webauthn.
  
  Minimum length is 1.
  
  last_verified_at number Required
  
  phone_number_id string
  
  Minimum length is 1.
  
  phone_number string
  
  Minimum length is 1.
  
  email_id string
  
  email string
  
  wallet_type string
  
  wallet_id string
  
  wallet_public_address string
  
  totp_id string
  
  webauthn_credential_id string
  
  provider_subject string
  
  device_fingerprint object Required
  
  Hide device_fingerprint attributes Show device_fingerprint attributes
  
  user_agent string Required
  
  ip string Required
  
  Minimum length is 1.
  
  updated_at number Required
  
  created_at number Required

POST /v1/auth/oauth/verify

curl \
 -X POST https://api.streambird.io/v1/auth/oauth/verify \
 -H "Authorization: Bearer $ACCESS_TOKEN" \
 -H "Content-Type: application/json" \
 -d '{"token":"yRqkvNQVTwddlZV6D7S0ypSNpHlCbfYG4OAw3oUIVFFZ27UJ8R0xmRUQfNF59G9i"}'

Request example

{
  "token": "yRqkvNQVTwddlZV6D7S0ypSNpHlCbfYG4OAw3oUIVFFZ27UJ8R0xmRUQfNF59G9i"
}

Response examples (200)

{
  "provider_subject": "100157402424066154830",
  "provider": "google",
  "user_id": "user_24wFP9pDa9YiMJLun94iKykoZs2",
  "idp_session": {
    "idp": {
      "access_token": "ya29.A0ARrdaM9TnNfrdqDZmBIw7PBPjYf0HELFdxDCNC2cQRK7aqgsIfIusuCd0SJ5nx9dgGti2KU-rt_dIV7cpxasqpCpRq7VNyv-KsbC2-cn6j76p_wVmUwCKlWZ_3ZHx8WFdlIrLu-E1q3Ea_11zfmQCwuwgBMl",
      "refresh_token": "1//0d2jmQJmy0z17CgYIARAAGA0SNwF-L9IrF-jEvfwE-YNr_--Cqzu7MGnmtpLu0kklcFfgJzI2FSBib9_4wh1MAs4JKbAvue2XJoI"
    }
  },
  "session": null,
  "session_token": ""
}