API Reference

(B2C) Signup to Product

Cofor.io can take care of user signup and setting up payments for your product!

📘

For B2C only

This OAuth flow is only for products where users can signup directly to products without a team for user management.

Link the "Signup" button on your B2C product frontend and/or marketing page to the following URL:

https://cofor.io/oauth/create?mode=b2c&product={PRODUCT_ID}&redirect_uri={REDIRECT_URI}&state={STATE}

Use the following query parameters to send information to Cofor.io about your product and login flow:

  • product: The product ID provided to you when setting up your product on Cofor.io
  • redirect_uri: URL to send the user to after login or in case of error
  • state: (Optional) Any information to be returned as is to the redirect URI

This will take the user to a Cofor.io login page. If they already have a Cofor.io account (maybe used on another product), they can use that to authenticate. If not, they will be given the option to create a new account.

1017

In the Cofor.io product configuration page, if you choose to collect users' payment method and billing information upon creating the team, Cofor.io will collect that for you and set them up with your Stripe account. This means you don't have to touch sensitive credit card or bank account information!

Once their account is created, they will be sent to the redirect URL along with a *user signup token in the URL query parameter token**. For example, if the redirect URI is https://my.product.com/signup, then the user will be sent to:

https://my.product.com/signup?token={USER_SIGNUP_TOKEN}

🚧

Set up Redirect URIs on Cofor.io

Make sure you set up a list of acceptable Redirect URIs on the Cofor.io Product Configuration page! If not, Cofor.io will NOT redirect you back to the provided URIs on the flow query parameters.

Your product frontend can then collect any additional information needed from the user (such as plan, etc.) and then make a request to your product API to create the user membership. If you don't have any additional information to collect, you can also directly make the request on loading the product creation page.

On your product backend, make a request to the Product REST API to create your team, or use the Product SDK to create your team.

After your team has been created, you need to login the user. Since we know exactly who created the account, you can automatically log them in by passing the user's membership ID to an OAuth confirmation page:

https://cofor.io/oauth/confirm?product={PRODUCT_ID}&membership={MEMBERSHIP_ID}&user={USER_ID}&redirect_uri={REDIRECT_URI}&state={STATE}

Use the following query parameters to send information to Cofor.io about your product and login flow:

  • product: The product ID provided to you when setting up your product on Cofor.io
  • membership: The user's membership ID returned when created by the POST /p/memberships route
  • user: The user ID (this is needed to get cached authentication token)
  • redirect_uri: URL to send the user to after login or in case of error
  • state: (Optional) Any information to be returned as is to the redirect URI

Once the user confirms that they are attempting to login to the product they just created, the user authorization token will be send to the redirect URI as done in the login flow.