The purpose of this endpoint is the following: if you have your own website with user accounts you can log your own users in to their Cobot account without them having to enter their credentials.
The way it works is that you have each of your website users go though the OAuth authenticaton process once and obtain an access token with the signin
scope. You store that access token in your own user database. After that you can at any time request a sigin link (using the previously obtained access token) from the Cobot API and send your users there, logging them in to Cobot without entering their credentials.
POST https://www.cobot.me/api/session
Returns a link that signs a user in.
URL:
POST https://www.cobot.me/api/session
Body:
{ "redirect": "http://some.url/path" }
Response:
{ "link": "https://www.cobot.me/session/new?token=gf13432579t086ac76a8675b" }
Response status is always 201 on success. Send the link to the user's browser and they will be signed in to Cobot.
The redirect
parameter is optional. If present, Cobot will return a link that redirects to the given URL after logging the user in.
If your coworking space has a custom domain, logging in to Cobot won't automatically log you in to the custom domain. In that case, to log in to the space, instead of sending the user to www.cobot.me/session/new?token=123
, send them to <custom domain>/session/new?token=123