For developers

Plug in Libermall ID
in 5 minutes

Standard OpenID Connect — no vendor lock-in. Ready-made SDKs for popular stacks.

Request a key GitHub
Endpoints

OIDC Discovery

All endpoints live under https://id.libermall.com. Discovery doc — /.well-known/openid-configuration.

OpenID discovery:    /.well-known/openid-configuration
Authorize:           /login/oauth/authorize
Token:               /api/login/oauth/access_token
UserInfo:            /api/userinfo
JWKS:                /.well-known/jwks
Logout:              /api/logout
OAuth 2.0 / OIDC flow

Authorization Code + PKCE

1. User clicks "Sign in with Libermall ID"
2. Redirect to /login/oauth/authorize?response_type=code&client_id=...&redirect_uri=...&state=...&scope=openid+profile+email
3. Casdoor renders the form, the user signs in (Telegram, TON, email, Apple, Google)
4. Casdoor redirects back to your-redirect-uri?code=&state=
5. Your server exchanges the code for an access_token via POST /api/login/oauth/access_token
6. GET /api/userinfo with the Bearer token → claims
SDK examples

Ready-made examples for popular stacks

Node.js / Next.js

openid-clientNextAuth.js
npm install openid-client passport passport-openidconnect

// index.js
const { Issuer, Strategy } = require('openid-client');
const passport = require('passport');

(async () => {
  const issuer = await Issuer.discover('https://id.libermall.com/.well-known/openid-configuration');
  const client = new issuer.Client({
    client_id: process.env.LIBERMALL_CLIENT_ID,
    client_secret: process.env.LIBERMALL_CLIENT_SECRET,
    redirect_uris: ['https://yourapp.com/auth/callback'],
    response_types: ['code'],
  });
  passport.use('libermall', new Strategy({ client }, (tokenset, done) => done(null, tokenset.claims())));
})();

Laravel

composer require laravel/socialite socialiteproviders/generic-oauth2

// config/services.php
'libermall' => [
    'host' => env('LIBERMALL_ID_HOST', 'https://id.libermall.com'),
    'client_id' => env('LIBERMALL_ID_CLIENT_ID'),
    'client_secret' => env('LIBERMALL_ID_CLIENT_SECRET'),
    'redirect' => env('APP_URL') . '/oauth/libermall/callback',
],

// routes/web.php
Route::get('/oauth/libermall', fn() => Socialite::driver('libermall')->redirect());
Route::get('/oauth/libermall/callback', [LibermallController::class, 'callback']);

curl

# 1. Authorize (open in browser)
open "https://id.libermall.com/login/oauth/authorize?response_type=code&client_id=$CLIENT_ID&redirect_uri=$REDIRECT&state=$STATE&scope=openid+profile+email"

# 2. Exchange code for token
curl -X POST https://id.libermall.com/api/login/oauth/access_token \
  -d "grant_type=authorization_code" \
  -d "code=$CODE" \
  -d "client_id=$CLIENT_ID" \
  -d "client_secret=$CLIENT_SECRET" \
  -d "redirect_uri=$REDIRECT"

# 3. Get user info
curl https://id.libermall.com/api/userinfo \
  -H "Authorization: Bearer $ACCESS_TOKEN"
Claims & scopes

What id_token returns

{
  "iss": "https://id.libermall.com",
  "aud": "your_client_id",
  "sub": "uuid-of-user",
  "preferred_username": "sviatoslav",
  "name": "Sviatoslav Gusev",
  "email": "[email protected]",
  "email_verified": true,
  "picture": "https://t.me/i/userpic/320/...",
  "tg_id": 12345678,
  "tg_username": "defiton",
  "wallets": [{ "chain": "ton", "address": "EQ..." }]
}

Scopes

ScopeIncludes
openidRequired for OIDC. Returns sub.
profilename, preferred_username, picture, tg_id, tg_username
emailemail, email_verified
walletsArray of linked TON wallets with verification
offline_accessrefresh_token for long-lived sessions
questsAccess to the Quest API for Libermall Card achievements
Registration

Get a client_id within 24 hours

OAuth app registration is manual for now. Email [email protected] and we will send credentials.

1. Send your info

Service name, URL, list of redirect_uri, required scopes.

2. Receive the keys

client_id + client_secret within 24 hours.

3. Done

Integrate in 5 minutes — the "Sign in with Libermall ID" button just works.

Ready to integrate?

Get a client_id, add the button, and 7,000+ ecosystem users will sign in with a single click.