Passport docs
  • Getting started
  • Integrations
    • Sign in with Passport
    • Apply with Passport
    • Easy Apply
  • Authentication
    • Overview
    • Authorization Code Flow (3-legged OAuth)
    • Client Credential Flow (2-legged OAuth)
    • Refresh Token
    • Token Debugging
Powered by GitBook
On this page
  • Apply with Passport Flow
  • Prerequisites
  • Step 1: Request an Authorization code
  • Sample Request
  • Sample Response
  • Step 2. Getting the Access Token
  • Sample Request
  • Access Token Response
  • Access Token Scopes and Lifetime
  • Step 3. Get the submitted application
  • Sample Request
  • Request Body
  • Sample Response
  • Additional resources
  • Image resources
  1. Integrations

Apply with Passport

Apply with Passport allows organizations or individuals to apply with one click to funding/programs or opportunities on partner websites and ATS (Applications Tracking Systems) across the web by reusing their Passport Data.

When an organization/individual clicks "Apply with Passport" on one of these partner sites, we'll securely send all the relevant Passport data to the partner site/app. This means that the opportunity owner will be able to easily access the organization/individual’s complete Passport Data on its own site/ATS as they look through the applicants for an opportunity.

During the process, the user will be promted to grant access to some information of his organization.

Apply with Passport Flow

  • The applicant goes to your application and clicks the "Apply with Passport" button.

  • Your application directs the browser to Passport's authorization page.

  • The user authenticates and selects the organization from which he wants to apply.

  • After authentication and authorization, Passport's authorization server passes an authorization code to your application.

  • Your application sends this authorization code to Passport and Passport returns an access token.

  • Your application uses this token to make an API calls to receive the application data.

Prerequisites

  • Have a Passport application with the following scope: "opportunity.apply" and an registered Opportunity

Step 1: Request an Authorization code

After configuring your application and opportunity, the next step is to get an authorization code, needed to retrieve the access token.

GET 'https://auth.onepassport.eu/apply?slug={slug}&client_id={client_id}&redirect_uri={redirect_uri}&response_type={response_type}&scope={scope}'
Parameter
Type
Description
Required

slug

string

The slug of the opportunity

Yes

client_id

string

The Client ID

Yes

redirect_uri

string

URI you want to redirect the user after getting the code

Yes

response_type

string

The response is of type code

Yes

scope

string

scope opportunity.apply is mandatory

Yes

state

string

A unique string value of your choice that is hard to guess. Used to prevent CSRF.

Yes

Sample Request

curl --request GET \
--url 'https://auth.onepassport.eu/apply?slug=opportunity-one&client_id=s7h9BHLeuZ7dfEfLHSQtQmsfsQ6Rqw6P&redirect_uri=http://localhost:3000/oauthlogin&response_type=code&scope=opportunity.apply'

Once redirected, the applicant is presented with Passport's authorization screen. When the applicant completes the authorization process, the browser is redirected to the URL provided in the redirect_uri query parameter.

Sample Response

https://dev.example.com/auth/passport/callback?code=f3f47d20109a0ead53afc818af4dd5473449673e&appId=ff50ff99a246ad30d2cc5570&state=foobar

Attached to the redirect_uri are three important URL arguments that you need to read from the request:

code — The authorization code. state — A value used to test for possible CSRF attacks. appId — The ID of the application the user submitted.

Step 2. Getting the Access Token

The next step is to get an access token for your application.

POST 'https://auth.onepassport.eu/token'
Parameter
Type
Description
Required

grant_type

string

The value of this field should always be: client_credentials

Yes

client_id

string

The Client ID

Yes

client_secret

string

The Secret Key

Yes

Sample Request

curl --request POST \
--url 'https://auth.onepassport.eu/token?grant_type=client_credentials&client_id=s7h9BHLeuZ7dfEfLHSQtQmsfsQ6Rqw6P&client_secret=HAjhDx2swgNfHgNcZCDqAEg9oyPxWoB2EoAcwdgBg42w5cuppL4xiya4aTuPCvsR6qmLzm7TDMhKDQHyCzSuyTLM2DmoSE8oFgYAGKXCH5HPzpLpM8MvrwQ7LvnwCxHn'

Access Token Response

A successful access token request returns a JSON object containing the following fields:

Parameter
Type
Description

token_type

string

The type is always bearer token

access_token

string

expires_in

int

The number of seconds remaining until the token expires. Currently, all access tokens are issued with a 60-day lifespan.

scope

list

The scope with this type of authentication will be always identity.basic

{
    "token_type":"bearer",
    "access_token":"3a047685dd4bd0f23864743ac6b555dbf97c3c2b",
    "expires_in":2592000,
    "scope":["opportunity.apply"]
}

Access Token Scopes and Lifetime

Access tokens stay valid until the number of seconds indicated in the expires_in field in the API response. You can go through the OAuth flow on multiple clients (browsers or devices) and simultaneously hold multiple valid access tokens if the same scope is requested. If you request a different scope than the previously granted scope, all the previous access tokens are invalidated.

Step 3. Get the submitted application

Once you've obtained an access token, you can make an API requests to get the data of the User's submitted application.

Sample Request

curl -X GET 'https://auth.onepassport.eu/applications/{applicationId}' \
-H 'Authorization: Bearer {INSERT_TOKEN}'

Request Body

Field
Type
Description

applicationId

string

The application ID obtained requesting the authorization token.

token

string

Required. The string value of the token you received in the previous step

Sample Response

{
	"_id": "759b66a14d6e83e051f9020b",
	"slug": "export-import-opportunity",
	"passport": {
		"profile": {
			"contact_email": "fbox@gmail.com",
			"name": "NameBrand",
			"tagline": "Loren ipsum",
			"logo": "https://media-exp1.licdn.com/dms/image/C4D0BAQFd_oV35N5wHA/company-logo_200_200/0/1622166740962?e=1630540800&v=beta&t=O1S8hiddaphvZsvn6XnzJIMy8",
			"industry": "91"
		},
		"legal": {
			"legal_name": "NameBrand",
			"year_founded": 1999,
			"n_employees": "11-50"
		},
		"parentOrganization": {
			"name": "NameBrand",
			"type": "person"
		},
		"media": {
			"logo": "https://media-exp1.licdn.com/dms/image/C4D0BAQFd_oV35N5wHA/company-logo_200_200/0/1622166740962?e=1630540800&v=beta&t=O1S8hiddaphvZsvn6XnzJIMy8"
		}
	},
	"owner": {
		"oid": "9812d1da4be23099bbcea502",
		"oslug": "namebrand-2",
		"oname": "NameBrand"
	},
	"createdBy": {
		"uid": "jGY578EtnM4wEzETx",
		"uname": "fbox",
		"uavatar": "https://media-exp1.licdn.com/dms/image/C4D03AQEg19HYTI48LA/profile-displayphoto-shrink_100_100/0/1612178277896?e=1628121600&v=beta&t=oxNaFkGrGWtI"
	},
	"createdAt": "2021-06-21T19:52:16.672Z",
	"_version": 1,
	"modifiedAt": "2021-06-21T19:52:16.677Z",
	"modifierId": "jGY578EtnM4wEzETx"
}

Additional resources

Image resources

PreviousSign in with PassportNextEasy Apply

Last updated 3 years ago

The access token for the application. This value must be kept secure as specified in the . The length of access tokens is ~500 characters. We recommend that you plan for your application to handle tokens with length of at least 1000 characters to accommodate any future expansion plans. This applies to both access tokens and refresh tokens.

official Apply with Passport button images in different sizes and formats for use within your site or application.

Download
API Terms of Use