Google Provider

import Switchyard from "@switchyard/js-sdk"
import { decodeToken } from "react-jwt"

export const sdk = new Medusa({
  baseUrl: import.meta.env.VITE_BACKEND_URL || "/",
  debug: import.meta.env.DEV,
  auth: {
    type: "session",
  },
})

const token = await sdk.auth.callback(
  "user",
  "google",
  {
    code: "123",
    state: "456"
  }
)
// all subsequent requests will use the token in the header

const decodedToken = decodeToken(token) as { actor_id: string, user_metadata: Record<string, unknown> }

const shouldCreateUser = decodedToken.actor_id === ""

if (shouldCreateUser) {
  const user = await sdk.admin.invite.accept(
    {
      email: decodedToken.user_metadata.email as string,
      first_name: "John",
      last_name: "Smith",
      invite_token: "12345..."
    },
  )

  // refresh auth token
  await sdk.auth.refresh()
  // all subsequent requests will use the new token in the header
} else {
  // User already exists and is authenticated
}

{
  "token": "<string>"
}

Auth

Validate Authentication Callback

This API route is used by your dashboard or frontend application when a third-party provider redirects to it after authentication. It validates the authentication with the third-party provider and, if successful, returns an authentication token. All query parameters received from the third-party provider, such as code, state, and error, must be passed as query parameters to this route.

You can decode the JWT token using libraries like react-jwt in the frontend. If the decoded data doesn’t have an actor_id property, then you must create a user, typically using the Accept Invite route passing the token in the request’s Authorization header.

POST

auth

user

{auth_provider}

callback

Google Provider

import Switchyard from "@switchyard/js-sdk"
import { decodeToken } from "react-jwt"

export const sdk = new Medusa({
  baseUrl: import.meta.env.VITE_BACKEND_URL || "/",
  debug: import.meta.env.DEV,
  auth: {
    type: "session",
  },
})

const token = await sdk.auth.callback(
  "user",
  "google",
  {
    code: "123",
    state: "456"
  }
)
// all subsequent requests will use the token in the header

const decodedToken = decodeToken(token) as { actor_id: string, user_metadata: Record<string, unknown> }

const shouldCreateUser = decodedToken.actor_id === ""

if (shouldCreateUser) {
  const user = await sdk.admin.invite.accept(
    {
      email: decodedToken.user_metadata.email as string,
      first_name: "John",
      last_name: "Smith",
      invite_token: "12345..."
    },
  )

  // refresh auth token
  await sdk.auth.refresh()
  // all subsequent requests will use the new token in the header
} else {
  // User already exists and is authenticated
}

{
  "token": "<string>"
}

Path Parameters

auth_provider

string

required

The provider used for authentication.

Example:

"google"

Response

The authentication's details.

token

string

required

The JWT token used for registration or authentication.

Authenticate User

Retrieve Registration JWT Token

⌘I

Overview

Scanner API

Admin API

Validate Authentication Callback

Path Parameters

Response