Authentication

Options

With a server-side integration, you are responsible for directly handling and storing sensitive user information. With a client-side integration, you can use Moov.js and server-generated access tokens to transmit data from your user directly to Moov.

Access tokens

End-to-end encryption

Scopes

Moov follows the OAuth2 protocol authentication flow. This guide provides the complete list of scopes and guidance for using them.

If you're using Moov.js or any client-side integration, you'll need to set scopes. Scopes specify what actions an account can take. When generating an OAuth2 access token, you'll include the name of the scope that covers the type of access needed. You will then use a generated token for each API call you make.

Options

Access tokens

End-to-end encryption

Scopes

Was this helpful?