Step 1. Redirecting user to

To use Y8 Account authorization, your application has to present user an menu window, that will log user in (or create new account if user does not have one) and then ask him to give your application access to one of his identities. There are various ways to provide application login: iframe window, new window popup, SDK call etc, but we will consider the most simple one - plain redirect.

We will cover the javascript SDK way. To read about it in detail, you can visit JavaScript page.

First and foremost, you have to integrate the javascript sdk into your page:

<script type="text/javascript">
  window.idAsyncInit = function() {
    // Triggered when the SDK has finished initialization
    ID.Event.subscribe('id.init', function(){
      // When user clicks on the link it will open the authentication modal
      jQuery('#connect').on('click', function(){

        appId         : 'YOUR_APP_ID',                              // App ID from the app dashboard
        status        : true,                                       // Check login status
        responseType  : 'code',                                     // 'token' by default
        redirectUri   : ''    // default redirect_uri

  (function(d, s, id){
    var js, fjs = d.getElementsByTagName(s)[0];
     if (d.getElementById(id)) {return;}
     js = d.createElement(s); = id;
     js.src =  document.location.protocol == 'https:' ? "" : "";
     fjs.parentNode.insertBefore(js, fjs);
  }(document, 'script', 'id-jssdk'));

Step 2. Server side

// This is a simple node server to use Y8 OAuth 2.0 authorization service
// Install dependencies to make this code work
// npm install request

var request = require('request');
var http = require('http');
var url = require('url');
var site = '';

http.createServer(function (req, response) {
  var queryData = url.parse(req.url, true).query;
  var pathname = url.parse(req.url).pathname;
  // You can customize this callback as you want
  if (pathname === '/auth/callback') {

    // check if there is a code
    if (queryData.code) {
      var exchange = {
        code: queryData.code,
        client_id: 'APP_ID', // replace by your APP_ID
        client_secret: 'APP_SECRET', // replace by your APP_SECRET
        grant_type: 'authorization_code'
      // Exchange code for an access_token + '/oauth/token', {form: exchange}, function(e,r, body){
        var obj = JSON.parse(body);
        // You need to store this object in your database to reuse it and call API on behalf of the user
        var token = obj.access_token;
        options = {
          headers: {
            Authorization: 'Bearer ' + token
        // Request User information API with access_token
        request.get(site + '/api/v1/json/profile', options, function(e, r, body){
          var obj = JSON.parse(body);
          response.end('Connected as ' + obj.nickname + ' / PID: ' +;