Authorization

Overview

Below are the steps each user will need to follow in order to connect with your app:


HandCash Authorization Flow

  1. The user will click a redirection url from within your app, redirecting them to the HandCash web app, or the HandCash native app.

To generate the redirection url your App ID will be required. Find your App ID by viewing your application inside the HandCash developer dashboard:

app-id

  1. The user will sign in to HandCash. If they don’t have an account already, they will be prompted to register.

  1. HandCash will ask the user if they would like to grant permissions to your app.

  1. The user can accept or decline access to the your app.

Accept → Authorization Success URL.

Decline → Authorization Failed URL.


  1. HandCash will then redirect the user back to the your app.

While redirecting, an authToken query parameter will be added to the request:
<auth-success-url>?authToken=<token>



Your App Authorization

To connect with a user, generate a redirection url using the SDK:

const {HandCashConnect} = require('@handcash/handcash-connect');
const handCashConnect = new HandCashConnect('<app-id>');

// Use this field to redirect the user to the HandCash authorization screen.
const redirectionLoginUrl = await handCashConnect.getRedirectionUrl();

Users will recognize the HandCash brand if you attach the url to this button; full source code can be found in our assets page:


Connect with HandCash


The user will be redirected to the HandCash app and will be asked to grant your app permissions.


Once the user selects accept or decline, they will be redirected back your app’s Authorization Success URL or Authorization Failed URL.


While redirecting, an authToken query parameter will be added to the request:

<auth-success-url>?authToken=<token>

Any extra query parameters provided will be added to the <auth-success-url>.
Ex: <auth-success-url>?authToken=<token>?

At this point, you may use the authToken to view and spend on behalf of the user.



Video Walkthrough

Below is a video walkthrough illustrating a demo implementation of the authentication process: