Class AuthenticationService

Retrieves the authentication details, which include the url that is used to start the Authorization code flow.

This is the Authorization Endpoint, used as part of the Authorization Code Grant, with the PKCE extension. This endpoint allows clients to securely authenticate into the Paysafe infrastructure by generating an authorization code, which can then be exchanged for an access token. For an enhanced security all clients must use the PKCE extension with the SHA-256 code challenge method.

How Authorization Code Flow works

1. The partner application retrieves the URL for the Paysafe Authentication UI by using this method.
2. The partner application opens the URL in a preferred environment (e.g. browser).
3. The end-user is redirected to the login page (Paysafe Authentication UI).
4. After successful authentication, the end-user is redirected to the partner application with the authorization code as a query parameter.
5. The partner application should use the authorization code to exchange it for an access token.
6. The partner application should invoke Paysafe Web SDK authenticate method with the issued access token.
7. The access token can be used to access the protected resources of the Paysafe API.

Example

// Example usage:

const brandIdentity = 'brand-identity';
const parameters = {
  client_id: 'f4db4e70-23fc-49b5-9c16-8792afa45b12',
  code_challenge: 'fnA81erDlIx65spDQ881PwGJkabRAcb2Z1aMUrys721'
  code_challenge_method: CodeChallengeMethod.S256,
  digital_fingerprint: '19e0abfb-590a-4f1f-af9e-bdf48473a123',
  state: 'Utwe',
  reset_credentials_url: 'https://www.paysafe.com/reset-credentials'
  redirect_uri: 'http://www.partner.com/wallet/dashboard'
  locale: 'en-US'
  login_strategy: LoginStrategy.PIN
};

const authenticationDetails: AuthenticationDetails = authenticationService.getAuthenticationDetails(brandIdentity, parameters);
window.location.href = authenticationDetails.authenticationUrl;
Copy

Sends a challenge via a secure communication mechanism as part of the ongoing Embedded or Hybrid SCA process.

Throws

If the HTTP request fails.

Example

// Example usage:
authenticationService.sendScaChallenge(eventId, request)
 .then((response) => {
   console.log(response);
 })
 .catch((error) => {
   console.error(`Error sending SCA challenge.`);
 });
Copy

Submits an Embedded or Hybrid authentication attempt for a Strong Customer Authentication (SCA) event.

Throws

If the HTTP request fails.

Example

// Example usage:
authenticationService.submitScaAttempt(eventId, request)
 .then((response) => {
   console.log(response);
 })
 .catch((error) => {
   console.error(`Error submitting SCA attempt.`);
 });
Copy

Retrieves the singleton instance of the AuthenticationService class.

Function

Static

Example

// Usage:
const authenticationService = AuthenticationService.getInstance();
Copy