Multipass Sign In With Multipass Sign In

API Multipass

Obtaining access

  • Step 1: Log in to Multipass https://multi-pass.online/login
  • Step 2: Go to page https://multi-pass.online/partner and сreate a new project
  • Step 3: Wait for the approval of the project from the administration
  • Step 4: Go to the project editing page
  • Step 4: After entering the REDIRECT_URL field, you will receive a Client ID and a Secret Key

Where:

  • CLIENT_ID - The Client ID that was assigned to you
  • REDIRECT_URL - The redirect address you specified when filling out the request (Location where the authorization request payload data is referenced in the authorization request to the endpoint)
  • STATE - The value to be returned in the token. The client application can use it to memorize the state of its interaction with the end user during the authentication call. It may contain alphanumeric characters, commas, dots, underscores, and hyphens.

Integration

Integration is performed by OAuth2.0 standards

Direct the user to the following address:

https://multi-pass.online/oauth/authorize?client_id=CLIENT_ID&redirect_uri=REDIRECT_URI&response_type=code&scope=&state=STATE

 

A PHP example using Laravel:


session()->put('state', $state = uniqid('', true));
$query = http_build_query([
   'client_id'     => config('auth.client_id'),
   'redirect_uri'  => config('auth.redirect'),
   'response_type' => 'code',
   'scope'         => '',
   'state'         => $state,
]);
redirect('https://multi-pass.online/oauth/authorize?'.$query);

At the address of the specified redirect, it accepts the response. Data in case of successful authorization:


{
    'code' => CODE,
    'state' => STATE,
}

Change the authorization code to Access token, referring to the address:

https://multi-pass.online/oauth/token?grant_type=authorization_code&client_id=CLIENT_ID&client_secret=CLIENT_SECRET&redirect_uri=REDIRECT_URI&code=CODE



Where:

  • CLIENT_ID - The Client ID that was assigned to you
  • CLIENT_SECRET - The secret key you were given
  • REDIRECT_URL - The redirect address you specified when filling out the request (Location where the authorization request payload data is referenced in the authorization request to the endpoint)
  • CODE - Received authorization code



A PHP example PHP using Laravel:


if (request()->session()->get('state') !== request()->get('state')) {
    // Error
}

$response = Http::post('https://multi-pass.online/oauth/token', [
    'grant_type'    => 'authorization_code',
    'client_id'     => config('auth.client_id'),
    'client_secret' => config('auth.secret'),
    'redirect_uri'  => config('auth.redirect'),
    'code'          => request()->get('code'),
]);

$result = $response->json();

If successful, you will receive an access_token and a refresh_token:


{
    'token_type'    => Bearer,
    'expires_in'    => 1296000,
    'access_token'  => ACCESS_TOKEN,
    'refresh_token' => REFRESH_TOKEN,
}

Next, you can use the access_token to get information about the user at the  following address:

https://multi-pass.online/api/user

A PHP example:


$response = Http::withHeaders([
  'Accept'        => 'application/json',
  'Authorization' => 'Bearer '. $access_token,
])->get('https://multi-pass.online/api/user');

$result = $response->json();

A user object will be returned as the result of the query.

Skip the login form page

To skip the login form page, you need to add a parameter with mail or phone to the address:

https://multi-pass.online/oauth/authorize?client_id=CLIENT_ID&redirect_uri=REDIRECT_URI&response_type=code&scope=&state=STATE&email=mail@example.com