Login with Sigma
Sigma Apps can ask Sigma Members for programmatic access to their Sigma Merits and profile on behalf of an Org by asking them to "Login with Sigma" using your App.
Web Flow
In order for your App to see a Sigma Member's profile or Merits you'll need to add a "Login with Sigma" web flow to your own software.
Somewhere in your software you may show a "Login with Sigma" button, which should trigger a call to the Request LoginWithSigma Url endpoint, documented here: https://dev.sig.ma/reference#request-login-with-sigma-url
Your App may request some combination of the following permissions in the table
Permission Type | What it grants |
---|---|
CanViewAllStandardMerits | View Merits sent to the recipient by any Org |
CanViewPublicProfile | View the recipient's name and primary email |
CanViewAllStandardMeritsFromOrg (with a specific OrgId) | View Merits sent to the recipient by a specific Org NOTE: it is not necessary to pass this permission for your own Org or the linked Org; Those are given |
curl -X POST -H "Authorization: Bearer {orgAccessToken}" https://api.sig.ma/v2/orgs/5bb5a3992bfa430006c47bd5/request_loginwithsigma_url -H "Content-Type: application/json" -d '{ "requestedPermissions": [{ "permissionType": "CanViewPublicProfile" }, { "permissionType": "CanViewAllStandardMerits" }], "successUrl": "/goodpath", "failureUrl": "/badpath", "state": "somestatevariable" }'
Once you receive a request_loginwithsigma_url
from this endpoint, which will look like the following: https://sig.ma/login-with-sigma?token={token}
, re-direct your user to this special authorization page for your App.
If a Sigma Member agrees to Login with Sigma for a given App and Org, they'll be sent a pre-accepted Sigma Access Merit for the App from the Org and then redirected to your site along with a Sigma Member ID Token in the memberIdToken
URL parameter. You can exchange this token for a `Member ID using the Member ID Token endpoint.
As long as their Sigma Access Merit remains accepted your App will be granted special permissions to access the Member's Merits and profile. You'll probably want to start by fetching their Merits using the Member Merits endpoint.
Updated about 5 years ago