Authorize an API (headless)
Step-by-step guide on how to getting user authorization to access an external API on their behalf.
Authorize users from your app using headless frontend
It’s recommended to use Nango Connect, but you can build your own UI using the following API
Integrate the frontend SDK
Once you have tested that the authorization flow works for your own external account, you can trigger authorization flows for your customers from your app with the Nango SDK.
Get your Public Key
from the Environment Settings tab.
In your frontend, initiate Nango (reference):
Initiate the authorization flow (reference):
For OAuth, the nango.auth()
method will trigger the OAuth flow in a popup, to let the user log in to their external account.
Nango will automatically collect, store, and refresh the API credentials as needed.
Before using Nango in production, we advise securing the frontend SDK.
APIs requiring connection-specific configuration for authorization
Some APIs require connection-specific configuration (e.g. Zendesk, Shopify).
For example, Zendesk has the following authorization URL, where the subdomain is specific to a user’s Zendesk account:
https://<USER-SUBDOMAIN>.zendesk.com/oauth/authorizations/new
For these cases, you must provide this configuration when calling nango.auth()
(reference):
In some cases you might want to override the scopes provided by an integration at the connection level. For this case you can pass in the scopes to nango.auth
:
This connection configuration is stored in the connection. You can retrieve it with the SDK (reference), API (reference), and the Nango UI.
Troubleshoot authorization errors
If an authorization request fails, you can analyze the relevant log in the Logs tab of the Nango UI.
Use a custom callback URL
You can personalize Nango’s callback URL (e.g. use your domain). If you are using Nango Cloud, follow these steps:
- Add a new endpoint in your app, e.g.
https://EXAMPLE.com/oauth-callback
. All requests to this endpoint should redirect tohttps://api.nango.dev/oauth/callback
and pass along all original parameters. The easiest way to do this is with a 308 redirect. - Change the registered OAuth callback URL with all API providers. Otherwise, they will refuse new flows!
- When ready, change your Nango callback URL in the Environment Settings tab.
If you are self-hosting Nango, follow the instructions here to change your callback URL.
Questions, problems, feedback? Please reach out in the Slack community.
Was this page helpful?