[your app name].authgear.com/oauth2/authorize?..., according to the OIDC 2.0 standard.
refresh tokento the Client App.
access tokenwith the
refresh tokenfor you, so you don't have to worry about it.
[your app name].authgear.com/_resolver/resolve(more details here); Alternatively, the access token is a JWT signed token which you can verify locally on your backend too.
[your app name].authgear.com/oauth2/revoketo logout.
yourdomain.com, you are recommended to set up a custom domain for Authgear, such as
yourdomain.com, all applications would share the same session cookies automatically.
redirect_uriparameter set. After the authentication is successful, Authgear will redirect the users to the URI, and set a cookie with a session access token.
otherapp.com, but you wish to authenticate users under
identity.yourdomain.cominstead of setting another custom domain at
identity.otherapp.comfor a better signle sign on user experience, conceptually you need to do the following:
otherapp.com, you can use the access token for the cookie content.