Togo ID

The Togo Group Developer Hub

Welcome to the Togo Group developer hub. You'll find comprehensive guides and documentation to help you start working with Togo Group as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    API Reference

Integrate with Togo ID

To have the end-user approve your application for access to their Togo ID data and to gain access to our APIs, you need to integrate your application with Togo ID.

Raise an integration request

To integrate with Togo ID, identify all the client applications that you want to integrate and fill out the below form for each client application. You will then receive a corresponding client ID and secret from us.

📘

Register each client separately

The registration form allows you to register one client at a time. Each client will require separate registration.

Form Field

Description

Email address

The Client ID and secret will be sent to this email.

Full name

Enter your full name.

Website

Enter your application's publicly accessible home page.

Client name

Enter a meaningful application name that will be displayed to users of the app.

Application type

Select the type of app you're building, Web or Public client (mobile & desktop).

Login Redirect URI

Specify return URI(s) to use for each client application. The redirect URI must be https or a mobile app scheme/deep link.

Logout Redirect URI

Specify the logout return URI(s) to use for each client application. The redirect URI must be https or a mobile app scheme/deep link.

Flow

Specify the flow your client will use (implicit, authorization_code, or hybrid). To choose the right flow for your application, see [How to choose an OAuth 2.0 flow?](doc:authentication-flows#section-how-to-choose-an-oauth-20-flow

Email Validation

Specify whether an unvalidated user is allowed to log in. By default, unvalidated users are not allowed to log in. For more information on how email validation works in Togo ID, see Email validation.

Special Request

Optional. If you have any special requests or wish to use some of the lesser known portions of the OpenID Connect 1.0 or OAuth 2.0 standards, let us know in this request.
For example, “our app requires PKCE” or “can you whitelist CORS requests from a domain that does not match the redirect URI?”

📘

Redirect URIs

To ensure data privacy, unencrypted HTTP is not supported.

Sample Request Form

Here is a sample request to register your client applications.

Client Name: sample-production
Login Redirect URI: https://sample.togogroup.com/togo-callback
Logout Redirect URI: https://sample.togogroup.com/togo-logout-callback
Flow: Implicit
Email Validation: Do not allow unvalidated users to log in.

Client Name: sample-development
Login Redirect URI: https://dev.sample.togogroup.com/togo-callback
https://sample.test:3000/togo-callback
Logout Redirect URI: https://dev.sample.togogroup.com/togo-logout-callback https://sample.test:3000/togo-logout-callback
Flow: Implicit
Email Validation: Do not allow unvalidated users to log in.

Client Name: sample-mobile-app
Login Redirect URI: sample-togogroup-app://oauth_redirect
Logout Redirect URI: sample-togogroup-app://oauth_redirect
Flow: implicit
Email Validation: Do not allow unvalidated users to log in.
Special request: Handles both our iOS and Android app.

Sample Response

In response, we will issue you a client ID and client secret for each of your client applications. In addition, we will also issue organization ID, one for testing the integration and another for production.

🚧

Keep the client secret a secret!

You should protect these secrets as if they were a critical piece of sensitive data. Like a production database password.

If your apps use implicit flow, you do not need a client secret, but you might need it for some corner cases. If your apps use authorization code flow or hybrid flow, you must use the issued client secret.

Client ID: sample-production
Client Secret: MWYzNGVjNjM3NmE5NGZiYzUwZmI3NDky
Organization ID: 98eb24cc-ec7a-5h33-84a5-6b8209d3d166

Client ID: sample-development
Client Secret: Y2QxNDMyNjM1ZGFmZGI5MGNkZDc4NTA4
Organization ID:kk27eac8-a949-4d79-ag7d-87d9a4886eb5

Client ID: sample-mobile-app
Client Secret: OTQ2YzhiZWQ0NGY5ZTkxNDY0MGQwNjhj
Organization ID: ff27eac8-a949-4d79-aa2d-87d9a4886eb5

Host URL

All requests are passed to the Togo ID server https://id2.runswithtogo.com/identity host URL.

Updated about a year ago



Integrate with Togo ID


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.