# Integration ## Summary Debank Connect is based on the [OAuth2.0](https://datatracker.ietf.org/doc/html/rfc6749) authorization standard protocol. With DeBank Connect, enable Web3 users to effortlessly sign in your Dapp via DeBank. Once they grant authorization, access their account name/avatar, on-chain portfolio data, and social following data. ## Create App #### Create and Verify App Log in to [Official dashboard](https://official.debank.com/), click the Apps tab on the navbar, and click Create New App.
Once you have finished creating the App, follow the instructions to complete the validation of the App.
#### Create Client Click "Create Client"
After the creation, save the Client ID and Client Secret for subsequent Integration.
## Integration {% hint style="info" %} *DeBank Connect currently only supports OAuth 2.0* [***Authorization Code Grant***](https://datatracker.ietf.org/doc/html/rfc6749#section-4.1)*.* {% endhint %} **OAuth 2.0** [**Authorization Code Grant**](https://datatracker.ietf.org/doc/html/rfc6749#section-4.1)**:** 1. The DAPP guides the user to the DeBank Connect authorization page
Example of Authorization Redirect URL: ``` https://debank.com/connect?client_id=7iySAAu5k9zJdpu3NbSyvb6p&response_type=code&scope=user:base:read%20user:chain:read%20user:social:read&redirect_uri=https://example-dapp.com/callback&state=44438279 ```
* Description of DeBank Connect Authorization Page URL Parameters | Paramater | Requierd | Description | | -------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | client\_id | Yes | Third party identification credentials | | redirect\_uri | Yes | After the authorization process is complete, it redirects to the dapp with the code. | | scope | No | The required scope of access for dApp application. | | response\_type | No | Authorization code grant mode, default is "code". | | state | No, Recommed | If this parameter is included in the request, the authentication server will return it exactly as it is during the redirection, in order to prevent replay attacks. |
ScopeDescription
user:base:readUser base infoUser Base info
user:chain:readUser on-chain portfolio dataUser on-chain portfolio data
user:social:readUser social infoUser social data
2. The user can decide whether to authorize the Web service application. If authorization is not agreed, the process terminates. If authorization is agreed, the authorization endpoint is triggered. Then redirect to the "redirect\_uri" Example of redirect uri: ``` https://example-dapp.com?code=Ro6MIQFigLDcK1hceX9B9B8dgl2ZgcStHXsDQ2XugM0v1gh3&state=132141234 ``` | Paramater | Required | Description | | --------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | code | Yes | Authorization code. After the user grants authorization, DeBank connect will redirect to the dApp with the code. | | state | No, Recommed | If this parameter is included in the request, the authentication server will return it exactly as it is during the redirection, in order to prevent replay attacks. | 3. The dApp server side obtains access token and refresh token through authorization code. DeBankConnect API for access token and refresh\_token. ``` URL: https://api.connect.debank.com/oauth/token Method:POST Head:auth = HTTPBasicAuth(client_id, client_secret) Content-Type:form-data ``` {% hint style="info" %} ``` HTTPBasicAuth: https://en.wikipedia.org/wiki/Basic_access_authentication ``` {% endhint %} | Paramater | Required | Description | | ------------- | -------- | ----------------------------------------------------------------------------- | | code | Yes | Authorization code | | redirect\_uri | Yes | The link for the redirection when the user is authorized, must be consistent. | | grant\_type | Yes | Authorization code mode, default is "authorization\_code". | Response: | Paramater | Required | Description | | -------------- | -------- | ------------------------------------------------- | | access\_token | Yes | Access Token | | expires\_in | Yes | Expire time | | refresh\_token | Yes | Refresh Token | | scope | Yes | The required scope of access for dApp application | | token\_type | Yes | The authentication method for the access token. | Example: ``` curl --location -g --request POST 'http://api.connect.debank.com/oauth/token' \ --header 'Authorization: Basic TVM4YUxDemZQTlZDTURiemFHZlZpcUlaOm9iWDJJbFRjdW1XS0U0T1lEYm51RzBGU003Z09wb1I3UFlFUFdlazhJeHJBazlBaQ==' \ --form 'grant_type="authorization_code"' \ --form 'code=""' \ --form 'redirect_uri=""' { "access_token": "xmpF421TrBTyBTwYNLAQXE3wTKgqt5h29HaKfGZPJh", "expires_in": 864001, "refresh_token": "agCd2oYdCrLiqKCJNrOFQmkPg6b7N0OQcPXXw7Pf6vQHNDR2", "scope": [ "user:base:read", "user:chain:read", "user:social:read" ], "token_type": "Bearer" } ``` 4. The DAPP service refreshes the access\_token by refresh\_token. ``` URL: api.connect.debank.com/oauth/token Method:POST Headers:auth = HTTPBasicAuth(client_id, cleint_secret) Content-Type:form-data ``` | Paramater | Required | Description | | -------------- | -------- | ----------------------------------------------------- | | refresh\_token | Yes | Refresh Token | | grant\_type | Yes | Authorization code mode, default is "refresh\_token". | Response: | Paramater | Required | Description | | -------------- | -------- | ------------------------------------------------- | | access\_token | Yes | Access Token | | expires\_in | Yes | Expire time | | refresh\_token | Yes | Refresh Token | | scope | Yes | The required scope of access for dApp application | | token\_type | Yes | The authentication method for the access token. | Example: ``` curl --location -g --request POST 'http://api.connect.debank.com/oauth/token' \ --header 'Authorization: Basic UzNNQVdWa1NKZ2FpNHFLVGZPZnR4bEdtOlMwSlI0QThCRUw4T2FENWNjU2xMcVh3TmQzUzJzNFVZVWRSM0VxNkEzczJJZnZTMA==' \ --form 'grant_type="refresh_token"' \ --form 'refresh_token=""' { "access_token": "xmpF421TrBTyBTwYNLAQXE3wTKgqt5h29HaKfGZPJh", "expires_in": 864001, "refresh_token": "agCd2oYdCrLiqKCJNrOFQmkPg6b7N0OQcPXXw7Pf6vQHNDR2", "scope": [ "user:base:read", "user:chain:read", "user:social:read" ], "token_type": "Bearer" } ``` ## Accessible API list
scopeLinklink
user:base:readhttps://docs.cloud.debank.com/en/debank-connect/api/user-base-data
user:chain:readhttps://docs.cloud.debank.com/en/debank-connect/api/user-chain-data
user:social:readhttps://docs.cloud.debank.com/en/debank-connect/api/user-social-data