Getting the Tokens

Getting an access token from Cotter's SDK is as easy as setting a variable to `true`.

Getting Cotter's OAuth Tokens is very easy using our current authentication methods. You should automatically receive the oauth_token whenever a user is succesfully authenticated, either using magic link, OTP, trusted device, or WebAuthn.

You will get an oauth_token object in the JSON response with all the tokens:

{
  ...
  "oauth_token": {
    "access_token": "eyJhbGciOiJFUzI1sInR5cC...",
    "auth_method": "TRUSTED_DEVICE", // authentication method used
    "expires_in": 3600,              // expiry in seconds
    "id_token": "eyJhbGciOiJFUz...",
    "refresh_token": "60:79hbLxl3aTjWWgCcIRnn...",
    "token_type": "Bearer"
  }
}

Getting Tokens using the SDK

There are 3 places in the existing SDK where you can receive access tokens:

pageDuring Email/Phone Verification

pageDuring Authentication

pageDuring enrolling Trusted Devices

Getting Tokens using HTTP Request

You can also call Cotter's API to get the tokens.

pageUsing the Refresh Token

PreviousCotter's OAuth 2.0 Tokens Specification NextGet Tokens during Authentication

Last updated 3 years ago