# Errors are notated by a diff block - Lines colored in red are the observed errors ! Lines colored in orange are 1R's temporary fix or resolution for testing purposes + Lines colored in green are a potential permanent resolution
These steps were created by following the documentation at https://developers.id.me/documentation/implicit/groups
- Link rendered on frontend with URL:
https://api.id.me/oauth/authorize?client_id=<client_id>&redirect_uri=https://verabradley-dev.myshopify.com/cart&response_type=token&scope=military,student,teacher,nurse,medical,responder
# ERRORS:
- The provided redirect URI does not match any of the registered values
! 1R created a separate ID.me sandbox environment and added `https://verabradley-dev.myshopify.com/cart` as a permitted redirect URI
+ 1R needs access to the VB `ID.me` admin console so we can modify the permitted redirect URIs- Customer logs in & validates on
ID.me - Customer is redirected to
redirect_uriwithaccess_tokenprovided as a hash:
https://verabradley-dev.myshopify.com/cart#access_token=<access_token>&token_type=bearer&expires_in=300
- Frontend makes a
fetchrequest to the REST API to validate the request and get all customer information
https://api.id.me/api/public/v3/attributes.json?access_token=<access_token>
# ERRORS:
- Access to fetch at 'https://api.id.me/api/public/v3/attributes.json' from origin 'https://verabradley-dev.myshopify.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
! 1R made this request from a local terminal via `curl` to verify the contents of the response from this endpoint
+ CORS needs to be enabled on this endpoint so the "client-side" flow can be fully client-side