DocsIntegration
OAuth for App Developers
Synchronex acts as an OAuth server for tools that need user-authorized memory access.
6 min read
Endpoints
| Endpoint | Purpose |
|---|---|
| /oauth/authorize | User consent and authorization code issuance |
| /api/oauth/token | Code and refresh token exchange |
| /api/oauth/revoke | Token revocation |
| /api/oauth/register | Dynamic Client Registration |
| /.well-known/oauth-authorization-server | Authorization server metadata |
PKCE
PKCE is required. Synchronex supports S256 only.
Dynamic Client Registration
Apps can register clients using RFC 7591 style metadata, then store the returned client identifier for future OAuth starts.
Example Flow
ts
const authorize = new URL('https://synchronex.ai/oauth/authorize')
authorize.searchParams.set('response_type', 'code')
authorize.searchParams.set('client_id', clientId)
authorize.searchParams.set('redirect_uri', redirectUri)
authorize.searchParams.set('scope', 'memory:read decisions:write')
authorize.searchParams.set('code_challenge_method', 'S256')
authorize.searchParams.set('code_challenge', codeChallenge)
authorize.searchParams.set('state', state)