To simplify development of your Cord integration, we have
server-side libraries for several languages. These make it easier to
produce tokens and call our REST API
All functions generate a JWT with HS512 and an expiration time of 1 minute.
You can get your app ID and secret from the Cord console. Store your secret securely on your servers. Don't share it with anyone, and don't include it in client code.
See our authentication guide for a description of the behavior invoked by including optional parts of the client auth token data.
type Status int
const (
Unspecified Status = iota
Active
Deleted
)
// Any values that are left at their zero value are not sent except
// Email, which is required.
type UserDetails struct {
Email string
Name string
ProfilePictureURL string
Status Status
}
// Any values that are left at their zero value are not
// sent except Name, which is required.
type OrganizationDetails struct {
Name string
Status Status
Members []string
}
type ClientAuthTokenData struct {
UserID string
OrganizationID string
UserDetails *UserDetails
OrganizationDetails *OrganizationDetails
}
func ClientAuthToken(appID string, secret []byte, data ClientAuthTokenData) (string, error)
Java:
/* Example usage */
import com.cord.server.Cord;
import com.cord.server.ClientAuthTokenData;
import com.cord.server.PlatformUserVariables;
import com.cord.server.PlatformOrganizationVariables;
// "user" and "org" are your app's model objects
String clientToken = Cord.getClientAuthToken(
APP_ID,
SECRET,
new ClientAuthTokenData
.ClientAuthTokenDataBuilder(user.getId(), org.getId())
.organizationDetails(new PlatformOrganizationVariables
.PlatformOrganizationVariablesBuilder(org.getName())
.build())
.userDetails(new PlatformUserVariables
.PlatformUserVariablesBuilder(user.getEmail())
.profilePictureUrl(user.getProfilePictureUrl())
.build())
.build());
All functions generate a JWT with HS512 and an expiration time of 1 minute.
You can get your app ID and secret from the Cord console. Store your secret securely on your servers. Don't share it with anyone, and don't include it in client code.
NodeJS:
function getServerAuthToken(app_id: string, app_secret: string): string;
These are customer-level server authentication tokens used to interact only with the Applications API
You can get your customer ID and secret from the Cord console. Store your secret securely on your servers. Don't share it with anyone, and don't include it in client code.
NodeJS:
function getApplicationManagementAuthToken(customer_id: string, customer_secret: string): string;