Overview
PBS Account is a PBS's OAuth2 provider (though, it also supports authentication via Google and Facebook Oauth2); it can be used to implement login on station site and/or for Passport.
It is based on OAuth2. You can learn more about by OAuth2 here:
Getting started
- Request a client id, client secret, and scopes (tell support what you need to access) from PBS Support.
- Provide a redirect URI in your request: this is the URL you want your users to land on once they have successfully logged in to your site
- Develop your implementation, using the PBS Account QA https://account-qa.pbs.org/accounts/login/ site, until you are ready for production.
After we process your request, what we give you
Client id - given to you by a PBS Account Admin
Client secret - granted to you by a PBS Account Admin
- Scope(s): this denotes what you can do with your access token; currently we require 'account' and station name (e.g. 'wnet') scopes
- Access token - actually, this is dynamically provided via the OAuth2 workflow
Endpoints
| Authorization endpoint | /oauth2/authorize/ |
|---|---|
| Token exchange endpoint | /oauth2/token/ |
- You must provide the PBS Account URL for the environment you're using (example: https://account-qa.pbs.org) (Figure 1.1)
- Enter the access token you received after successfully authenticating to PBS Account (Figure 1.2). Be sure to type "Bearer" before the access token.
- Results for the requested record appear (Figure 1.3).
Login snapshot
What's happening in the back-end
PBS Internal detailed technical docs