Focus on your Service,
We care about authentication !

Context

Decathlon wants to offer a unique experience for each sport user. To do it we need to know/recognize our sport user: his habits, his wishes, his practices…
We must offer him personalized services. Data is key.
To associate all his data to a unique sport user, it has to exist an identification and a unique entry point common to all the services :
That’s the role of Decathlon Login
Global Process
global process


Link to the Terms & Services


How to Implement ?


Authorization Code Flow

The algorithm returns an authorization code and then retrieves tokens:

  • tokens are returned only through the token interface
  • the recovery of an access token is done in two steps:
    • a code is returned by the authorization interface
    • this code is sent by the client to the token interface
  • applies very well to web WITH secured back-end applications


This algorithm is best suited for stateful applications (with sessions/backend)

PKCE Flow

This is an extension to the Authorization Code flow to be able to securely perform the OAuth exchange from public clients:

  • tokens are returned only through the token interface
  • the recovery of an access token is done in two steps:
    • a code is returned by the authorization interface
    • this code and a verifier code are sent by the client to the token interface


Algorithm for Native and Single Page applications. This flow is mandatory for Mobile applications

Implicit Flow

The algorithm directly returns the tokens.

  • tokens are returned directly by the authorization interface
  • there is no notion of Refresh Token
  • long-lived tokens are not allowed

Algorithm for Native and Single Page applications

This flow has been deprecated. Please use the PKCE flow instead.


Usefull Tips !


Refresh your Access Tokens

A Refresh Token is a special kind of token that contains the information required to obtain a new Access Token

LogOut

You want to provide a logout button ?

Authentication with API

Why we won't support Resource Owner Password Credentials Flow?

Terms & Services