Authorize users from your app
Step-by-step guide to getting user authorization to access an external API from your application.
Pre-requisite: complete the Configure an integration guide.
Generate a session token (backend)
In your backend, set up an API endpoint that your frontend will call. This endpoint should request a session token from Nango and return it to the frontend.
Here’s an example of how to generate a session token using Nango’s API (API ref / Node SDK ref):
Trigger the auth flow (frontend)
In your frontend, load the Nango frontend SDK, retrieve the session token from the backend, and trigger the authorization flow.
Option 1: Use the Nango Connect UI
Option 2: Use your custom UI
Refer to the Authorize an API from your app with custom UI guide for details on implementing a custom user interface.
Save the Connection ID (backend)
The connection ID, a UUID generated by Nango, is required to manage the connection and access its credentials & data. So you need to persist this ID.
Upon successful authorization, Nango will send a webhook to your backend with the connection ID.
To set up this webhook:
- go to the Environment Settings tab in the Nango UI
- specify a Webhook URL where Nango should send notifications
- enable the Send New Connection Creation Webhooks option
- create the specified route in your backend to handle Nango webhooks
Successful authorization webhooks sent by Nango are POST
requests with the following JSON body:
For each successful authorization, persist the connectionId
value alongside its corresponding user or organization, designated by endUser.endUserId
and endUser.organizationId
.
Troubleshoot authorization errors
If an authorization request fails, you can analyze the relevant log in the Logs tab of the Nango UI.
Reconnect an existing connection
When testing or troubleshooting an issue, you may need a user to re-authorize an API. Nango allows you to do this without deleting and recreating the connection. Instead, you can reconnect an existing connection while preserving its metadata and configuration.
In your backend, use the POST /connect/sessions/reconnect
endpoint (API/SDK reference) to generate a session token specifically for reconnecting a user. This token is then used on the frontend in the same way as when creating a connection, but it will reconnect the existing connection instead.
You are ready
You have successfully set up the authorization flow for your users. Next steps:
- View new connections & associated credentials in the Connections tab of the Nango UI
- Retrieve connection credentials with the API or Node SDK
- Read data from the API
- Write data to the API
- Proxy request to the API
Questions, problems, feedback? Please reach out in the Slack community.
Was this page helpful?