updates for login_hint

hellocoop · Aug 14, 2024 · ea516d0 · ea516d0
1 parent 8f31d1d
commit ea516d0
Show file tree

Hide file tree

Showing 7 changed files with 23 additions and 17 deletions.
diff --git a/pages/docs/apis/admin.mdx b/pages/docs/apis/admin.mdx
@@ -1,3 +1,3 @@
-# Admin
+# Admin API
 
 The control plane APIs used by the [Hellō Developer Console](https://console.hello.coop) and [Hellō Quickstart](https://quickstart.hello.coop) are an OAuth 2.0 protected resource. If you are interested in integrating Hellō application management into your console, please email us at [contact@hello.coop](mailto:contact@hello.coop?subject=Hellō+Controle-Plane+Inquiry)
diff --git a/pages/docs/apis/invite.mdx b/pages/docs/apis/invite.mdx
@@ -1,7 +1,7 @@
 import { Callout } from 'nextra/components'
 import { Steps } from 'nextra/components'
 
-# Invite (BETA)
+# Invite API (BETA)
 
 <Callout type="warning">
 This feature is currently in BETA, particularly the [Multi Tenant/Role](#multi-tenantrole-apps) features.

diff --git a/pages/docs/apis/quickstart.mdx b/pages/docs/apis/quickstart.mdx
@@ -1,4 +1,4 @@
-# Quickstart
+# Quickstart API
 
 
 [Quickstart](https://quickstart.hello.coop) accelerates getting a developer up and running with apps that use Hellō. It returns a `client_id` by creating a new app with defaults, or selecting an existing Hellō app.

diff --git a/pages/docs/apis/wallet.mdx b/pages/docs/apis/wallet.mdx
@@ -1,6 +1,6 @@
 import { Callout } from 'nextra/components'
 
-# Wallet
+# Wallet API
 
 ## Authorization Request 
 
@@ -62,8 +62,9 @@ Possible slug values:
 
 <Callout type="info" emoji="🦆">
 Explore how the `provider_hint` functionality works with the [Hellō Playgound](https://playground.hello.dev)<br/>
-*Logout of the [Hellō Wallet](https://wallet.hello.coop) and click `forget me` to see the new user experience*
+*Logout of the [Hellō Wallet](https://wallet.hello.coop) and click `forget me` to see the user experience*
 </Callout>
+
 ## Authorization Response
 
 See [OpenID Connect | Auth Response](../oidc/response/) for the supported standard parameters.

diff --git a/pages/docs/apis/web-client.mdx b/pages/docs/apis/web-client.mdx
@@ -18,7 +18,8 @@ Load this endpoint in the browser to login the user. Loading this endpoint will
 | target_uri    | overrides the default target_uri |
 | scope         | overrides the default scope |
 | provider_hint | overrides the default provider_hint |
-| login_hint    | provides a login_hint |
+| login_hint    | provides a [login_hint]() |
+| prompt        | 
 
 *Example:*
 

diff --git a/pages/docs/oidc/request.mdx b/pages/docs/oidc/request.mdx
@@ -10,19 +10,23 @@ The **request URL** is `https://wallet.hello.coop/authorize` and a query with th
 
 |Parameter|Description|
 |---|---|
-|`client_id`|The `client_id` for your app from [console.hello.coop](https://console.hello.coop) |
-|`redirect_uri`|One of the redirect_uri values you registered for your app |
-|`scope`|The `openid` scope and zero or more space delimited scopes listed at [Hellō Claims](/docs/scopes)|
-|`nonce`|A unique string that will be included in the signed ID Token. This links the ID Token to your request|
-|`response_type` (optional)| `id_token` for *implicit flow* <br/>or<br/><span>`code` for *code flow* - default and recommended, but requires [PKCE - RFC7636](https://www.rfc-editor.org/rfc/rfc7636.html)).</span> |
-|`response_mode` (optional)|if *id_token flow* can be `fragment` or `form_post` (default) <br/>if *code flow* can be `fragment`, `form_post`, or `query` (default)|
-|`state` (optional)|A value representing the state of your application that will be returned as a parameter in the response|
-|`code_challenge`|REQUIRED if *code flow* and not using a client secret to authenticate to the token endpoint. See PKCE below|
-|`code_challenge_method`|May be provided if `code_challenge` is included.<br/>MUST have value of `S256` if included. See PKCE below|
-|`prompt` (optional)|A space delimited list. Values include:|
+|`client_id`<br/>*required*|The `client_id` for your app from [console.hello.coop](https://console.hello.coop).|
+|`redirect_uri`<br/>*required*|One of the redirect_uri values you registered for your app.|
+|`scope`<br/>*required*|The `openid` scope and zero or more space delimited scopes listed at [Hellō Claims](/docs/scopes).|
+|`nonce`<br/>*required*|A unique string that will be included in the signed ID Token. This links the ID Token to your request.|
+|`response_type`<br/>*optional*| `id_token` for *implicit flow* <br/>or<br/><span>`code` for *code flow* - default and recommended, but requires [PKCE - RFC7636](https://www.rfc-editor.org/rfc/rfc7636.html)).</span> |
+|`response_mode`<br/>*optional*|if *id_token flow* can be `fragment` or `form_post` (default) <br/>if *code flow* can be `fragment`, `form_post`, or `query` (default).|
+|`state`<br/>*optional*|A value representing the state of your application that will be returned as a parameter in the response.|
+|`code_challenge`|REQUIRED if *code flow* and not using a client secret to authenticate to the token endpoint. See PKCE below.|
+|`code_challenge_method`|MAY be provided if `code_challenge` is included.<br/>MUST have value of `S256` if included. See PKCE below.|
+|`login_hint`<br/>*optinal*|A hint for which user account to use. Only email addresses in the form of `mailto:name@domain.example` are currently supported.|
+|`prompt`<br/>*optional*|A space delimited list. Values include:|
 |                   | - `login` will require the user to re-authenticate at their login provider|
 |                   | - `consent` will require the user to review, and potentially change, released claims|
 |                   | other values are ignored| 
+
+The non-standard `provider_hint` is optionally available. See [Wallet API | provider_hint](/docs/apis/wallet/#provider_hint) for details.
+
 ### PKCE Code
 
 > [RFC 7636](https://datatracker.ietf.org/doc/html/rfc7636) *(Proof Key for Code Exchange by OAuth Public Clients)* enables your application to prove it made the authorization request that received the authorization code when it calls the token endpoint. 

diff --git a/pages/docs/scopes.mdx b/pages/docs/scopes.mdx
@@ -44,7 +44,7 @@ Following are the scopes currently supported by Hellō. At the top are the stand
 |`twitter`|A verified Twitter username and id.|
 |`ethereum`|A verified ethereum address.|
 
-If the user has already provided consent to your application, they will not be prompted again to consent to the claims provided unless you include `prompt=consent` in your authorization request. This allows the user to update the profile data that they have provided you. 
+If the user has already provided consent to your application, they will not be prompted again to consent to the claims provided unless you include `prompt=consent` in your authorization request. This allows the user to update the profile data that they have provided you. To provide a better experience for your users with `prompt=consent`, also include `login_hint=mailto:name@domain.example`.
 
 
 ## Other Scopes?