> For clean Markdown of any page, append .md to the page URL. > For a complete documentation index, see https://docs.vlenseg.com/llms.txt. > For full documentation content, see https://docs.vlenseg.com/llms-full.txt. > For AI client integration (Claude Code, Cursor, etc.), connect to the MCP server at https://docs.vlenseg.com/_mcp/server. # OAuth Registration Vlens supports OAuth 2.0 authentication via **Google** and **Microsoft (Azure AD B2C)**. Users can register and log in using an existing social account — skipping the email OTP verification step. *** ## Setup OAuth providers must be configured in the **Vlens portal** before use: * **Google** — create OAuth client credentials in the [Google Cloud Platform Console](https://console.cloud.google.com/) * **Microsoft** — set up credentials in [Azure AD B2C](https://docs.microsoft.com/azure/active-directory-b2c/tutorial-create-user-flows) Contact your Vlens administrator to enable and link the client credentials to your tenant. *** ## How it works ```mermaid sequenceDiagram participant App participant Provider as Google / Microsoft participant Vlens App->>Provider: User taps "Sign in with Google" Provider-->>App: OAuth ID token App->>Vlens: POST /Register/StepVerifyOAuthToken (IdToken) Vlens-->>App: oAuthTokenVerificationRequestId + email App->>Vlens: POST /Register/StepCreate (oAuthTokenVerificationRequestId) Vlens-->>App: accessToken (user registered + logged in) ``` *** ## Step 1 — Verify the OAuth token After your app obtains an ID token from the provider, send it to Vlens for verification: ```bash curl -X POST https://api.vlenseg.com/api/DigitalIdentity/Register/StepVerifyOAuthToken \ -H "ApiKey: YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "provider": "Google", "IdToken": "OAUTH_ID_TOKEN_FROM_PROVIDER" }' ``` ```javascript const res = await fetch( "https://api.vlenseg.com/api/DigitalIdentity/Register/StepVerifyOAuthToken", { method: "POST", headers: { "ApiKey": API_KEY, "Content-Type": "application/json" }, body: JSON.stringify({ provider: "Google", // or "Microsoft" IdToken: idTokenFromProvider }) } ); const { data } = await res.json(); // data.oAuthTokenVerificationRequestId — save this // data.email — email extracted from the token ``` ```python res = requests.post( "https://api.vlenseg.com/api/DigitalIdentity/Register/StepVerifyOAuthToken", headers={"ApiKey": API_KEY}, json={"provider": "Google", "IdToken": id_token} ) data = res.json()["data"] oauth_request_id = data["oAuthTokenVerificationRequestId"] ``` **Response:** ```json { "data": { "oAuthTokenVerificationRequestId": "3fa85f64-5717-4562-b3fc-2c963f66afa6", "isVerified": true, "validationResult": "Token verified successfully", "email": "user@gmail.com" }, "error_code": null } ``` Save `oAuthTokenVerificationRequestId` — it is required in Step 2. *** ## Step 2 — Complete registration Pass the `oAuthTokenVerificationRequestId` to the registration endpoint. This skips the email OTP step because the email is already verified by the OAuth provider. ```bash curl -X POST https://api.vlenseg.com/api/DigitalIdentity/Register/StepCreate \ -H "ApiKey: YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "phoneNumber": "+201234567890", "oAuthTokenVerificationRequestId": "SAVED_REQUEST_ID" }' ``` ```javascript const regRes = await fetch( "https://api.vlenseg.com/api/DigitalIdentity/Register/StepCreate", { method: "POST", headers: { "ApiKey": API_KEY, "Content-Type": "application/json" }, body: JSON.stringify({ phoneNumber: "+201234567890", oAuthTokenVerificationRequestId: oauthRequestId }) } ); const { data } = await regRes.json(); const userToken = data.accessToken; ``` ```python reg = requests.post( "https://api.vlenseg.com/api/DigitalIdentity/Register/StepCreate", headers={"ApiKey": API_KEY}, json={ "phoneNumber": "+201234567890", "oAuthTokenVerificationRequestId": oauth_request_id } ) user_token = reg.json()["data"]["accessToken"] ``` On success the user is registered and a user access token is returned — same as the standard registration flow. *** ## Skip email for an existing user If a user is already registered but has not verified their email, use `VerifyOAuthToken` to verify the email via OAuth instead of sending an email OTP: ```bash curl -X POST https://api.vlenseg.com/api/DigitalIdentity/VerifyOAuthToken \ -H "ApiKey: YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "provider": "Microsoft", "IdToken": "OAUTH_ID_TOKEN" }' ``` The response is the same shape as `StepVerifyOAuthToken` — use the returned `oAuthTokenVerificationRequestId` to complete the pending registration step. *** ## Supported providers | Provider | `provider` value | | ------------------------ | ---------------- | | Google | `"Google"` | | Microsoft (Azure AD B2C) | `"Microsoft"` | *** ## Standard registration comparison | Step | Standard flow | OAuth flow | | --------------------- | ------------------------------------- | ----------------------------------------------- | | Send phone OTP | `Register/StepVerifyPhone` (send) | Same | | Validate phone OTP | `Register/StepVerifyPhone` (validate) | Same | | Verify email | `Register/StepVerifyEmail` | **Replaced by `Register/StepVerifyOAuthToken`** | | Complete registration | `Register/StepCreate` | Same — pass `oAuthTokenVerificationRequestId` |