API Referansı
Atlantic ID API'nin tüm endpoint'leri, parametreleri ve response'ları.
Base URL: https://id.codeatlantis.com
Endpoints
1. Discovery
GET /.well-known/openid-configurationOpenID Connect metadata.
Response: OAuth-OIDC sayfasına bakın
2. Authorization
GET /oauth/authorizeKullanıcı girişini başlatır.
Query Parameters:
| Param | Tip | Zorunlu | Açıklama |
|---|---|---|---|
client_id |
string | ✅ | Client ID |
response_type |
string | ✅ | code |
scope |
string | ✅ | Scope listesi (space-separated) |
redirect_uri |
string | ✅ | Kayıtlı redirect URI |
state |
string | 📝 | CSRF koruması |
nonce |
string | 📝 | Replay koruması |
code_challenge |
string | ✅ (PKCE) | SHA256 hash |
code_challenge_method |
string | ✅ (PKCE) | S256 |
prompt |
string | ❌ | none, login, consent |
max_age |
integer | ❌ | Max auth age (seconds) |
ui_locales |
string | ❌ | tr, en |
Success: 302 redirect to redirect_uri?code=XXX&state=YYY
Error: 302 redirect to redirect_uri?error=XXX&error_description=YYY
3. Token
POST /oauth/tokenToken exchange ve refresh.
Content-Type: application/x-www-form-urlencoded
Authorization Code Grant
Body Parameters:
| Param | Tip | Zorunlu | Açıklama |
|---|---|---|---|
grant_type |
string | ✅ | authorization_code |
code |
string | ✅ | Authorization code |
redirect_uri |
string | ✅ | Authorize'daki ile aynı |
client_id |
string | ✅ | Client ID |
client_secret |
string | 🔒 | Confidential için |
code_verifier |
string | ✅ (PKCE) | PKCE verifier |
Response:
{
"access_token": "eyJ...",
"token_type": "Bearer",
"expires_in": 900,
"id_token": "eyJ...",
"refresh_token": "RT_...",
"scope": "openid profile email"
}Refresh Token Grant
Body Parameters:
| Param | Tip | Zorunlu | Açıklama |
|---|---|---|---|
grant_type |
string | ✅ | refresh_token |
refresh_token |
string | ✅ | Refresh token |
client_id |
string | ✅ | Client ID |
client_secret |
string | 🔒 | Confidential için |
scope |
string | ❌ | Daraltılmış scope |
4. UserInfo
GET /oauth/userinfoKullanıcı profil bilgileri.
Authentication: Authorization: Bearer {access_token}
Response:
{
"sub": "550e8400-e29b-41d4-a716-446655440000",
"name": "Görkem Yılmaz",
"email": "gorkem@codeatlantis.com",
"email_verified": true,
"phone_number": "+905001234567",
"picture": "https://id.codeatlantis.com/avatar/550e8400.jpg",
"updated_at": 1735686000
}Errors:
401 Unauthorized- Token geçersiz/expired403 Forbidden- Insufficient scope
5. JWKS (Public Keys)
GET /oauth/jwksJWT imza doğrulama için public keyler.
Response:
{
"keys": [
{
"kty": "RSA",
"use": "sig",
"kid": "atlantic_id_2024_rsa_key",
"alg": "RS256",
"n": "0vx7agoebGcQSuuPiLJXZptN9nn...",
"e": "AQAB"
}
]
}6. Token Revocation
POST /oauth/revokeToken iptal etme.
Content-Type: application/x-www-form-urlencoded
Body Parameters:
| Param | Tip | Zorunlu | Açıklama |
|---|---|---|---|
token |
string | ✅ | İptal edilecek token |
token_type_hint |
string | ❌ | access_token veya refresh_token |
client_id |
string | ✅ | Client ID |
client_secret |
string | 🔒 | Confidential için |
Response: 200 OK (token geçerli olsun olmasın)
7. Logout
GET /oauth/logoutFront-channel logout.
Query Parameters:
| Param | Tip | Zorunlu | Açıklama |
|---|---|---|---|
id_token_hint |
string | 📝 | ID token (önerilen) |
post_logout_redirect_uri |
string | ❌ | Dönüş URL'i |
state |
string | ❌ | State to relay |
Response: 302 redirect (user logged out)
Error Responses
OAuth Errors
{
"error": "invalid_request",
"error_description": "Missing required parameter: code_challenge"
}Error Codes:
| Code | Açıklama |
|---|---|
invalid_request |
Eksik/hatalı parametreler |
unauthorized_client |
Client auth başarısız |
access_denied |
Kullanıcı reddetti |
unsupported_response_type |
response_type desteklenmiyor |
invalid_scope |
Geçersiz scope |
server_error |
Sunucu hatası (500) |
temporarily_unavailable |
Servis geçici kullanılamıyor |
invalid_grant |
Grant geçersiz/expired |
invalid_client |
Client credentials hatalı |
HTTP Status Codes
| Code | Anlamı |
|---|---|
200 |
Success |
302 |
Redirect (authorize, logout) |
400 |
Bad Request |
401 |
Unauthorized |
403 |
Forbidden |
404 |
Not Found |
429 |
Too Many Requests |
500 |
Internal Server Error |
503 |
Service Unavailable |
Rate Limiting
- Auth endpoints: 100 req/min per IP
- Token endpoint: 50 req/min per client
- UserInfo endpoint: 200 req/min per token
Headers:
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 87
X-RateLimit-Reset: 1735686060429 Response:
{
"error": "rate_limit_exceeded",
"error_description": "Too many requests. Try again in 32 seconds."
}cURL Examples
Authorization
curl -i "https://id.codeatlantis.com/oauth/authorize?\
client_id=cli_abc123&\
response_type=code&\
scope=openid+profile+email&\
redirect_uri=https://myapp.com/callback&\
state=xyz789&\
code_challenge=E9Melhoa2Owv&\
code_challenge_method=S256"Token Exchange
curl -X POST https://id.codeatlantis.com/oauth/token \
-u "cli_abc123:sec_def456" \
-d "grant_type=authorization_code" \
-d "code=AQCxxx" \
-d "redirect_uri=https://myapp.com/callback" \
-d "code_verifier=dBjftJeZ4CVP"UserInfo
curl -H "Authorization: Bearer eyJhbGc..." \
https://id.codeatlantis.com/oauth/userinfoRefresh Token
curl -X POST https://id.codeatlantis.com/oauth/token \
-u "cli_abc123:sec_def456" \
-d "grant_type=refresh_token" \
-d "refresh_token=RT_xxx"Revoke Token
curl -X POST https://id.codeatlantis.com/oauth/revoke \
-u "cli_abc123:sec_def456" \
-d "token=RT_xxx" \
-d "token_type_hint=refresh_token"SDKs
Official kütüphaneler: SDK Documentation
İlgili sayfalar: