To initiate the authorization flow you need to identify your application to the API. This is done by providing a client ID and a client secret.

Obtaining Credentials

You can use the SID developer dashboard to create a new application and obtain credentials. You will need to provide a name for your application, and a list of redirect URIs (explained below).

Redirect URIs

A redirect URI is a URL that SID will redirect the user to after they have authorized your application. You can choose any URL you like, such as https://example.com/api/sid/callback. Because the redirect contains sensitive data, the set of all valid redirect URIs must be pre-registered with SID. Usually, you will have a redirect URI for each environment that your application runs in (e.g. local development, staging, production). For example, you may have the following set of redirect URIs:
  • https://localhost:3000/api/sid/callback
  • https://staging.example.com/api/sid/callback
  • https://example.com/api/sid/callback
Alternatively, you can create separate applications (with separate credentials) for each environment.

Credentials

After you have created your application, you will be given a client ID and a client secret. You will need to store these securely, as they are used to identify your application to the API.

Conventions

Throughout these docs, we assume that your credentials are stored in the following environment variables:
Enviroment VariableValueIs Secret?
SID_CLIENT_IDClient IDNo
SID_CLIENT_SECRETClient SecretYes
SID_REDIRECT_URIThe redirect URI corresponding to the current environmentNo
Choose the appropriate redirect URI based on your environment. If you are developing locally, you will most likely need to use a localhost URI.
In a localhost environment, the port is a fixed component of the redirect URI. If you wish to use different ports, you will need to add a separate redirect URI for each port.