# Widget OAuth configuration

### Configuration

You can configure oauth authorization for customers on our endpoint: `https://spinner.closer.app/api/oauth-config`. \
All requests needs admin's ApiKey in `X-Api-Key` header.\
To create a config send a `POST` with body:

```
{
  "tokenEndpoint": "http://oauth.com/token",
  "userInfoEndpoint": "http://oauth.com/userinfo",
  "clientId": "clientId",
  "clientSecret": "clientSecret",
  "oauthConfigEnabled": true,
  "allowAnonymousSignUp": true
}
```

You can retrieve config by executing `GET` request. Result should look like this:

```
{
  "tokenEndpoint": "http://oauth.com/token",
  "userInfoEndpoint": "http://oauth.com/userinfo",
  "clientId": "clientId",
  "clientSecret": "**",
  "oauthConfigEnabled": true,
  "allowAnonymousSignUp": true
}
```

To update config you can use `PATCH` request with body:

```
{
  "tokenEndpoint": "http://oauth.com/token",
  "userInfoEndpoint": "http://oauth.com/userinfo",
  "clientId": "clientId",
  "clientSecret": "clientSecret",
  "oauthConfigEnabled": true,
  "allowAnonymousSignUp": true
}
```

All fields are optional. Send only the fields you want to update.

You can also delete your config by simply executing `DELETE` without body.

### /userinfo endpoint

This endpoint should return body:

```
{
  "externalUserId": "external_id_2",
  "userData": {
    "id": "external_id_2",
    "email": "a@example.com",
    "phone": {
      "region": "PL",
      "number": "666777666"
    },
    "firstName": "Tyler",
    "lastName": "Durden",
    "backOfficeData": [
      {
        "key": "office_number",
        "value": "777666777",
        "displayName": "Office number"
      }
    ]
  }
}

```

Required fields:

* <kbd>$.externalUserId</kbd>
* <kbd>$.userData</kbd>
* <kbd>$.userData.id</kbd>
* <kbd>$.userData.backOfficeData</kbd> (can be an empty array)

In <kbd>$.userData.backOfficeData</kbd> you can specify any additional information you want to display for your agents.