POST
/
public
/
v1
/
submit
/
oauth
Authorizations
Body
Enum options:
ACTIVITY_TYPE_OAUTHTimestamp (in milliseconds) of the request, used to verify liveness of user requests.
Unique identifier for a given Organization.
The parameters object containing the specific intent data for this activity.
Show details
Show details
Client-side public key generated by the user, to which the oauth bundle (credentials) will be encrypted.
Optional human-readable name for an API Key. If none provided, default to Oauth - <Timestamp>
Expiration window (in seconds) indicating how long the API key is valid for. If not provided, a default of 15 minutes will be used.
Enable to have your activity generate and return App Proofs, enabling verifiability.
Response
A successful response returns the following fields:The activity object containing type, intent, and result
Show activity details
Show activity details
The intent of the activity
Show intent details
Show intent details
The oauthIntent object
Show oauthIntent details
Show oauthIntent details
Client-side public key generated by the user, to which the oauth bundle (credentials) will be encrypted.
Optional human-readable name for an API Key. If none provided, default to Oauth - <Timestamp>
Expiration window (in seconds) indicating how long the API key is valid for. If not provided, a default of 15 minutes will be used.
The result of the activity
Show result details
Show result details
The oauthResult object
Show oauthResult details
Show oauthResult details
A list of objects representing a particular User’s approval or rejection of a Consensus request, including all relevant metadata.
curl --request POST \
--url https://api.turnkey.com/public/v1/submit/oauth \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--header "X-Stamp: <string> (see Authorizations)" \
--data '{
"type": "ACTIVITY_TYPE_OAUTH",
"timestampMs": "<string> (e.g. 1746736509954)",
"organizationId": "<string> (Your Organization ID)",
"parameters": {
"oidcToken": "<string>",
"targetPublicKey": "<string>",
"apiKeyName": "<string>",
"expirationSeconds": "<string>",
"invalidateExisting": "<boolean>"
}
}'
import { Turnkey } from "@turnkey/sdk-server";
const turnkeyClient = new Turnkey({
apiBaseUrl: "https://api.turnkey.com",
apiPublicKey: process.env.API_PUBLIC_KEY!,
apiPrivateKey: process.env.API_PRIVATE_KEY!,
defaultOrganizationId: process.env.ORGANIZATION_ID!,
});
const response = await turnkeyClient.apiClient().oauth({
oidcToken: "<string> (Base64 encoded OIDC token)",
targetPublicKey: "<string> (Client-side public key generated by the user, to which the oauth bundle (credentials) will be encrypted.)",
apiKeyName: "<string> (Optional human-readable name for an API Key. If none provided, default to Oauth - <Timestamp>)",
expirationSeconds: "<string> (Expiration window (in seconds) indicating how long the API key is valid for. If not provided, a default of 15 minutes will be used.)",
invalidateExisting: true // Invalidate all other previously generated Oauth API keys
});
{
"activity": {
"id": "<activity-id>",
"status": "ACTIVITY_STATUS_COMPLETED",
"type": "ACTIVITY_TYPE_OAUTH",
"organizationId": "<organization-id>",
"timestampMs": "<timestamp> (e.g. 1746736509954)",
"result": {
"activity": {
"id": "<string>",
"organizationId": "<string>",
"status": "<string>",
"type": "<string>",
"intent": {
"oauthIntent": {
"oidcToken": "<string>",
"targetPublicKey": "<string>",
"apiKeyName": "<string>",
"expirationSeconds": "<string>",
"invalidateExisting": "<boolean>"
}
},
"result": {
"oauthResult": {
"userId": "<string>",
"apiKeyId": "<string>",
"credentialBundle": "<string>"
}
},
"votes": "<array>",
"fingerprint": "<string>",
"canApprove": "<boolean>",
"canReject": "<boolean>",
"createdAt": "<string>",
"updatedAt": "<string>"
}
}
}
}