Authentication
Authenticate your users with Cephable using the OAuth 2.0 Authorization Code flow.
Authentication model
Cephable uses OAuth 2.0 Authorization Code flow to authenticate users. Your application:
- Redirects the user to the Cephable login page
- Receives an authorization code at your redirect URI
- Exchanges the code for an access token and refresh token
- Uses the access token to call the Cephable API on behalf of the user
Security: Never expose your
CLIENT_SECRETin client-side code or public repositories.
Getting credentials
- Sign in to the Cephable Portal
- Create or open a project
- Copy your Client ID, Client Secret, and Device Type ID
Step 1 — Redirect user to Cephable login
Construct the authorization URL and redirect the user:
https://services.cephable.com/signin?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&response_type=code
Parameters:
| Parameter | Description |
|---|---|
client_id |
Your application's OAuth client ID |
redirect_uri |
The URL Cephable will redirect back to with the code |
response_type |
Always code |
JavaScript example
const CLIENT_ID = "YOUR_CLIENT_ID";
const redirectUri = window.location.origin + window.location.pathname;
const authUrl = `https://services.cephable.com/signin?redirect_uri=${encodeURIComponent(redirectUri)}&client_id=${CLIENT_ID}`;
window.location.href = authUrl;
C# / Unity example
string redirectUri = "http://localhost:51772/";
string authUrl = $"https://services.cephable.com/signin?client_id={CLIENT_ID}&redirect_uri={redirectUri}&response_type=code";
Application.OpenURL(authUrl);
Step 2 — Exchange the authorization code for a token
After the user logs in, Cephable redirects to your redirect_uri with a code query parameter. Exchange it for tokens:
POST https://services.cephable.com/signin/token?grant_type=code&code={code}&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}
Response:
{
"access_token": "eyJ...",
"refresh_token": "...",
"access_token_expiration": "...",
"refresh_token_expiration": "..."
}
JavaScript example
const response = await axios.post(
`https://services.cephable.com/signin/token?client_id=${clientId}&code=${encodeURIComponent(code)}&redirect_uri=${encodeURIComponent(redirectUri)}&grant_type=code`
);
const accessToken = response.data.access_token;
C# / Unity example
UnityWebRequest www = UnityWebRequest.Post(
$"https://services.cephable.com/signin/token?grant_type=code&code={authCode}&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}",
string.Empty
);
yield return www.SendWebRequest();
var tokenResponse = TokenResponse.CreateFromJSON(www.downloadHandler.text);
PlayerPrefs.SetString("accessToken", tokenResponse.access_token);
Step 3 — Refresh tokens
Use the refresh token to get a new access token without re-authenticating the user:
POST https://services.cephable.com/signin/token?grant_type=refresh_token&client_secret={CLIENT_SECRET}&refresh_token={REFRESH_TOKEN}&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}
C# / Unity example
string refreshToken = PlayerPrefs.GetString("refreshToken");
UnityWebRequest www = UnityWebRequest.Post(
$"https://services.cephable.com/signin/token?grant_type=refresh_token&client_secret={CLIENT_SECRET}&refresh_token={refreshToken}&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}",
string.Empty
);
yield return www.SendWebRequest();
var tokenResponse = TokenResponse.CreateFromJSON(www.downloadHandler.text);
Using the access token
Add the token to the Authorization header of every API request:
Authorization: Bearer {access_token}
Token response model
{
"access_token": "string",
"refresh_token": "string",
"access_token_expiration": "string",
"refresh_token_expiration": "string"
}
Next steps
- API Reference Overview — Device API and hub
- Swagger UI — Interactive API explorer
- Virtual Controller Integration
- Unity Integration