canD Apps

To put it in a nutshell, canD Apps are applications that use API provided by canD Modules.

Creating a canD App

You can create a canD App at https://canpass.me/developers/apps with the following properties:

1. Name: The canD App’s name. It is the only required value.
2. Website url: The canD App’s website url.
3. Logo: The canD App’s logo to be displayed in pages where users authorize your canD app.
4. Favicon: The canD App’s favicon to be displayed in pages where users authorize your canD app.
5. Redirect uris: A set of uris to be redirected after authorization. A redirect_uri query parameter included in OAuth2 authorization endpoint url should be listed in the redirect uris. If not, authorization requests will be rejected.
6. Webhook url: A url to receive events from canD Modules. The url should be enough complicated so that others can’t guess and call it with fake data.
7. Consent display type: A display type to show agreements for the user’s consent for terms of service and privacy policy. 3 types are possible: 1. A line without checkboxes 2. A line with a single checkbox for two items, 3. Two lines with a checkbox for each item. Users should check the checkbox if exists to continue.
8. Terms of service and privacy policy url: Your service’s terms of service url and privacy policy url.
9. 14 years old required: A flag to show a checkbox whether the user is over 14 years old.

The created canD App has the following properties additionally:

1. App id: canD App’s identifier
2. OAuth2 client id: OAuth2 client identifier

By default, OAuth2 client secret isn’t generated. If you want to use it in Authorization Code flow without PKCE flow, make sure your app can manage the secret in a safe manner, and then only if it can do that, generate and use it. Practically, only applications with backend can manage the secret safely. If it’s supposed to be run on browser, mobile devices, or desktop, you should not use the secret.