Introduction
This guide describes how to use Brime Authentication to enable your application to take actions on behalf of a Brime account or access certain data about users’ accounts. The preferred method of authentication is OAuth. We use parts of the OAuth 2.0 protocol.
In addition to OAuth, Brime supports OIDC (OpenID Connect) for a more secure OAuth 2.0 flow. OIDC tokens are compatible with services built for OIDC compliance, such as Cognito by Amazon Web Services.
To create an app that uses the Brime API, you need to register it on the Brime developer site.
When creating this app, enter your redirect URI, which is where your users are redirected after being authorized. You can provide several redirect URIs, for example, if you wish to use the same client for different environments.
Once you create a developer application, you are assigned a client ID. Some authentication flows also require a client secret, which you can generate on the same page as the client ID.
Client IDs are public and can be shared (for example, embedded in the source of a Web page).
Client secrets are equivalent to a password for your application and must be kept confidential. Never expose it to users, even in an obscured form.
Because your client secret is confidential, we cannot show it to you once you leave the page, so make sure to record it somewhere safe. Also, generating a new client secret immediately invalidates the current one, which might make your API requests fail until your app is updated.