Getting Started
Obtaining client_id
client_idEither client_id and client_secret and is required for the OAuth2 workflow.
In order to develop your own application with the Faraway API you need to do the following:
- Contact Faraway Platform Team: https://faraway.com/dev-platform.
- Obtain your
client_idandclient_secretfrom the team by providing a valid URL of your web application and email that can be used for communication purposes.Keep your
client_secretsecured.
Integration
The OAuth2 server provides the following endpoints:
https://platform.faraway.com/v1/oauth2/authorize– for requesting and granting your authorization. Read Authorization Request.The Faraway OAuth2 server requires enabled PKCE with
sha-256code challenge method.https://platform.faraway.com/v1/oauth2/token– for issuing access and refresh tokens. Read Access Token Request. Actually, the server authenticates a client by reading bothclient_idandclient_secretfrom theAuthorization: Basic ...header.
The endpoints above are working in conjunction with Faraway Connect UI. The UI is making sure a user is authenticated properly with his wallet. Faraway Platform Team will provide you with the guidance how this UI should be integrated into your product.
OAuth2 URLs
Production
Authorize url: https://platform.faraway.com/v1/oauth2/authorize
Token url: https://platform.faraway.com/v1/oauth2/token
Sandbox
Authorize url: https://sandbox-platform.faraway.com/v1/oauth2/authorize
Token url: https://sandbox-platform.faraway.com/v1/oauth2/token
Access JWT
The Access JWT implements RFC7519: Registered Claim Names.
{
"iss": "faraway",
"sub": "bc255296-ba34-48b6-b4b8-3d37379a83eb",
"exp": 1735352822,
"iat": 1699352822,
"jti": "89bca928-98a0-4c22-b3eb-41bcb0d8f176"
}
The signature algorithm is ES256 with the following public key:
-----BEGIN PUBLIC KEY-----
kid: 1
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE3VM9CTmv59ULJ2TLxRPDiJ52rB6A
w8acDG/1NY5+DLsv5gfoNjeRmXinkPXUeAOztj2PQZtqa1FnDZEzw1hzNQ==
-----END PUBLIC KEY-----