In the context of QEX, OAuth can only be used to authenticate a session generated by the QEX API. This session can then be used to query the QEX API and/or initialize a widget integration.
A session can be created via API.
POST https://partners.liquid.com/api/v1/session{"public_api_key": "pk_xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"}200{"success":true,"environment":"PRODUCTION","message":"Session created.","payload":{"public_api_key":"pk_xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx","session_id":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx","session_secret":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx""environment":"PRODUCTION","client_info":{"ip_country":"JP"},"_links":{"terms_of_service":{"href":"https://help.liquid.com/en/articles/3969828-quick-exchange-by-liquid-end-user-terms-of-use"}}}}
Once a session has been created it can be associated with a user by having them approve the OAuth request. This is done by opening a browser window to the URL below.
https://partners.liquid.com/api/v1/session/{session_id}/liquid_oauth
Note: when OAuth is completed the user will be presented with an instruction to close the web browser and manually return to your app.
This can alternatively redirect the user to a specified URL or deep link.
The authenticated session can now be used to query the user account balances. See Authorization.
GET https://partners.liquid.com/api/v1/session/${session_id}/accountsAuthorization: Bearer {jwt}
The session id/key can be passed into the widget. This will cause the widget to assume the session of the user authenticated earlier.
{"public_api_key": "pk_xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",..."identity": {"user_session": {"session_id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx","session_secret": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"}}}