The LoginApp Controller facilitates secure integration between third-party backend services and our authentication system through a specialized OAuth flow. This controller is designed specifically for server-to-server authentication scenarios where direct user interaction is not required. The authentication process follows three key steps:
- A third-party backend service makes a signed request to initiate the process
- The service can then request a one-time authorization code using the provided state parameter
- The standard OAuth flow proceeds to complete the authentication
This integration method is particularly useful for CMS systems like Typo3 and other backend services requiring secure authentication with our system.
Reference
Login App
This endpoint validates the incoming request using the signature and registers the authentication attempt. Upon successful validation, the state parameter can be used once to request an authorization code in the next step.
Although currently not marked as such: State and client_id are required fields. Applications without state or client_id will stop working without prior notice soon!
| Field | Type | Required | Description |
|---|---|---|---|
| additionalParams | object | ✗ | Optional parameters that can be passed to customize the authentication flow. Contact our team for details. |
| client_id | string | ✗ | OAuth client identifier – required for application authentication |
| debug | boolean | ✗ | When set to true, provides verbose logging for troubleshooting integration issues |
| ✓ | Email address of the user to authenticate | ||
| firstname | string | ✓ | First name of the user for account identification and personalization |
| lastname | string | ✓ | Last name of the user for account identification and personalization |
| settings | object | ✗ | Please do not use without anymore |
| state | string | ✗ | Unique identifier for the authentication session that must be used in subsequent code requests |