Use Bubble as identity provider(for authentication)

Hey guys, anyone with an idea on how to set up my Bubble app to authenticate users then redirect them to my django app using OAuth?Basically I have a django app that displays info to specific users depending on user type, and all info on user management is on Bubble - users cant login/sign up using the django app.When a user wants to view this info, he should be redirected to the Bubble app login/sign up, and then be redirected back to the django app afterwards .Will greatly appreciate, thanks

hey @luis — any progress on this problem? would love an update as I am looking to do something similar.

thanks,

Jack

Hey @jack211,

Yes, I managed to get it working with django-social-auth in the backend and requests from React.

First, you would need add a 3rd party app on the “3rd Party Oauth / SAML Access” section of the app. And also to follow django-social-auth instructions to create a new backend class for Bubble.

Then, the flow is as follows:

  1. Make a GET request from React (or the front-end you’re using) to https:///api/1.1/oauth/authorize with the “client_id” and “redirect_uri” as parameters (the same ones you used on the Bubble app). Once the user is logged in, Bubble will redirect the user to the “redirect_uri”, including a code.
  2. Make a POST request from React to Django (on the social auth URL that you configured) including that code.
  3. Django social auth will make a POST request to https:///api/1.1/oauth/access_token with parameters: “client_id”, “client_secret”, “redirect_uri”, and “code”. Bubble will return the “access_token”, “expires_in”, and “uid” parameters that you would need to use for further request to Bubble on behalf of the user that logged in.

I hope this helps

Cheers

This is great! Thanks @luis. I found very little information about OAuth in the bubble documentation. Did you rely on the official OAuth documentation or I am just looking in the wrong place? Thanks again :slight_smile:

Hey @clunnity,

There is no official documentation from Bubble regarding this.

I used the official Oauth2 RFC documentation and the information Bubble support provided to me. The combination of both is what you can find on my previous message.

On top of that, I use the following URL to refresh the access token once it expires:
https:///api/1.1/oauth/access_token?grant_type=authorization_code

Cheers