Authentication
Articles in this section
Options
With a server-side integration, you are responsible for directly handling and storing sensitive user information. With a client-side integration, you can use Moov.js and server-generated access tokens to transmit data from your user directly to Moov.
Access tokens
End-to-end encryption
Scopes
Moov follows the OAuth2 protocol authentication flow. This guide provides the complete list of scopes and guidance for using them.
If you're using Moov.js or any client-side integration, you'll need to set scopes. Scopes specify what actions an account can take. When generating an OAuth2 access token, you'll include the name of the scope that covers the type of access needed. You will then use a generated token for each API call you make.