Very OAuth Demo

Interactive demonstration of Very OAuth 2.0 integration

📱 Demo App Registration

App Name: Demo App

Client ID: veros_145b3a8f2a8f4dc59394cbbd0dd2a77f

Client Secret: vcs_sDufZmdeB8QWQ3nU3OyMnvv3GyicU_mSD4QHr2RAgF4Z_QvmkkHsD4rfmSVMXF5q

Redirect URI: /callback

🔐 Security Parameters

State:

Nonce:

These random values are generated for each OAuth request to prevent CSRF attacks and ensure token freshness.

This will redirect you to: connect.very.org

Using the state and nonce values shown above

🔍 How This Demo Works

🆕 First Time Authentication

  1. Click "Login with Very" to start OAuth flow
  2. You'll be redirected to connect.very.org
  3. Complete authentication on Very platform
  4. Get redirected back with authorization code
  5. Demo exchanges code for access token and ID token
  6. Extract and store your external user ID
  7. Fetch user data using the access token
  8. Display all tokens and user information

🔄 Re-verification Flow

  1. After first authentication, a "Re-verify" button appears
  2. Click to go through OAuth flow again
  3. Demo compares the new user ID with stored user ID
  4. Shows success if IDs match, error if they don't
  5. This demonstrates how to verify user identity over time

⚙️ Technical Details

  • OAuth Flow: Authorization Code with PKCE
  • Scope: openid (basic user identification)
  • Security: Random state and nonce parameters
  • Tokens: Access token for API calls, ID token for user info
  • User ID: Extracted from JWT tokens for identity verification