Authentication
In this guide, we'll walk through some of the definitions used in Set, take a look at how we handle security and privacy, and finally, how to get your client credentials!
Definitions
Let's just quickly hit the basics:
- A Developer... That's you!
- A Client corresponds to one mobile app. You may create however many clients you desire.
- Each client will have its own
clientIdandclientSecretpair. - Each client will have its own set of users.
- Each client will have its own
- A User is one of your mobile app users.
Okay. Pretty straightforward right? Onward...
Security overview
The Set REST API uses scoped JSON Web Tokens (JWTs) to authenticate with the Set mobile SDK and external integrations (like IFTTT and Alexa). For example, whenever a request is made by the SDK from within your app, one of these tokens is passed along via HTTP Basic Auth, identifying the requester and stating what specific permissions they have.
[info] Privacy
We take your users' privacy very seriously. So, with the exception of registering your client, communications between the SDK and our REST API are authenticated with user-scoped tokens. This keeps each of your users nicely siloed and secure.
Get your client credentials
In order to run the SDK, you'll need to pass a clientId and clientSecret pair to launch. These are only used to register your client, at which point they'll be exchanged for scoped tokens which are used internally by the SDK. Don't share your client credentials!
1. Create you Set account
Navigate to our Developer Portal and create a new account.
2. Verify your email address
After you create your account, you'll be able to create clients, but client registration from the SDK will fail unless you've verified your email address. To do this, just click the "Verify Email" button in the email that was sent to you.
3. Create a new client that will be tied to your mobile application
Click the big green "Create your first client" button.
Enter your client details into the form, and click "Create Client".
2. Find your client credentials
Click on your newly created client in the clients list. The "Overview" section contains your client details, including the clientId and clientSecret pair.
[success] Congrats!
Now you're ready to learn about SDK Performance.
Get in touch
- If you need help, shoot us a message at [email protected] or ping us on our Slack community.
- If found a bug, or have a feature request, add an Issue on the SetSDK Repo.
- Follow us on Twitter for product updates: @everyset
