To simplify the complexity of implementing IDps Authentication and Authorization protocols for developers, HybridAuth come with a simple approach that separates thoses external applications from your site by using a specific page as a proxy (or what we call an "endpoint URL").

Basically, the endpoint page will provide two urls to be used during the user Authentication (start and done) :

  • URL Start login: redirect the user to IDps authentification page for approval.
  • URL Login done: once the user grants access to your application, the IDp will return the user back your site via this page.

In practice, this approch permits your [login] web pages to contain minimal php scripting since the hole work is done by HybridAuth EP.

  • HybridAuth endpoint URL Start login used only by Hybrid_IdProvider::login(), and you generally won't ever need to touch it,
  • HybridAuth endpoint URL Login done can be only requested by the IDp Authentification or Autorisation system,
  • HybridAuth endpoint URLs can't be directly accessed, they are supposed to be completely transparent to the end user.