Use OpenID Connect
Configure your authorization process to use OpenID Connect protocol
When a customer links their company data, OpenID Connect lets you retrieve standard information from the user profile of their accounting package, such as the customer's name, email address, and phone number. You might use these details to:
- Pre-fill an application form for the customer.
- Identify accounts linked by the same person.
This article explains how to configure your authorization process to use OpenID Connect.
- Codat's linking process can only return available profile details, which vary from platform to platform. Codat currently supports OpenID Connect for QuickBooks Online, Xero, and our testing sandbox. See OpenID Connect Supported fields for the specific fields supported for each platform.
- Codat doesn't use OpenID Connect to either verify the identity of customers, or to authorize data sharing or connections.
Configure your authorization process
Update your redirect URL and Hosted Link URLs.
Add any parameters that you require from the user profile to your redirect URL. For example:
https://redirect.com/site/{companyId}?firstName={openId_given_name}&email={openId_email}&phone={openId_phone_number}Append
?openId=trueto a Link URL before you send it to a customer. For example:https://link-uat.codat.io/{companyId}/link?openId=trueWhen the customer connects their accounting package any available profile values are substituted in the redirect URL. For example:
https://redirect.com/site /{companyId}?firstName=John&email=john.smith@theworld.com&phone+441234555666
Codat supports a subset of the available OpenID Connect fields, or claims, for selected integrations. Codat prepends each field name with openId_ to avoid conflict with existing fields.
OpenID Connect fields
The following table lists OpenID Connect fields and the accounting platforms for which they are supported.
| Field and type | Description | Platform availability |
|---|---|---|
| openId_name, string | Full name of the customer. | Sandbox |
| openId_given_name, string | First name of the customer. | Sandbox, QuickBooks Online, Xero |
| openId_middle_name, string | Middle name of the customer. | Sandbox |
| openId_family_name, string | Last name of the customer. | Sandbox, QuickBooks Online, Xero |
| openId_nickname, string | Alternative or casual name of the customer. | Sandbox |
| openId_preferred_username, string | Short name the customer prefers to be known by. | Sandbox |
| openId_gender, string | Gender of the customer. | Sandbox |
| openId_birthdate, string | Birthday of the customer in the in YYYY-MM-DD format. | Sandbox |
| openId_address, JSON object | Postal address the customer prefers to be contacted at. | Sandbox, QuickBooks Online |
| openId_email, string | Email address the customer prefers to be contacted by. | Sandbox, QuickBooks Online, Xero |
| openId_email_verified, boolean | If true, this email address has been verified. | Sandbox, QuickBooks Online |
| openId_phone_number, string | Phone number the customer prefers to be contacted on. | Sandbox, QuickBooks Online |
| openId_phone_number_verified, boolean | If true, this phone number has been verified. | Sandbox, QuickBooks Online |
| openId_locale, string | Language and country code for the locale of the customer. For example: en-GB. | Sandbox |
| openId_profile, string | URL of the profile page for the customer. | Sandbox |
| openId_picture, string | URL of the profile image for the customer. | Sandbox |
| openId_website, string | URL of the web page or blog of the customer. | Sandbox |
| openId_zoneinfo, string | Time zone for the location of the customer. For example: Europe/Paris. | Sandbox |
| openId_birthdate, string | Birthday of the customer in YYYY-MM-DD format. | Sandbox |
| openId_updated_at, -number_ | Time the customer last updated their profile. | Sandbox |