# OAuth2 service
OAuth2 can already be used with the Basic license.
The DocCheck Login service supports OAuth2 based on the Authorization Code Flow (opens new window). After successful authentication on the DocCheck page, an authorization code is sent to your callback URL. You exchange this code for an access token.
# Authentication (Access token endpoint) Economy
In the basic scenario, the OAuth2 service is used for authentication without retrieving personal data.
- After successful login via your client, an authorization code (
code) is appended to your target URL - The parameters
client_id(Login client ID),code, andclient_secretcan be exchanged for an access token - Important: The token request must include
grant_type=authorization_code. Details and examples: Access token endpoint - A successful response from the access token endpoint means the authorization code and other parameters are valid and the user has authenticated via DocCheck
# Requesting personal data (User data endpoint) Economy+
The full OAuth2 implementation includes the user data endpoint and requires an Economy license (or higher). The user data endpoint manages access permission to personal data.
- Once you have an access token, you can call the user data endpoint
- If the required license is assigned to the login client and the user has given consent, the user data endpoint returns the granted data set in JSON format
- The scope of data –
scope– is defined via the login button - Return values of the user data endpoint: Overview
# Demo Auth (sample project)
Demo project
Try the OAuth2 flow live: https://demo-auth.doccheck.com/
- Access (htaccess):
DrHouse/!Lupus - Login:
testuser-5430/1love2DocCheck!(profession: employee of the industry) - Note: A verified DocCheck user is required for the demo. We can provide a test account on request.