Qentrah Partners Docs

OAuth without an SDK

Use standards-based OAuth 2.1 directly while the official SDK is not published.

Current v1 path

Use OAuth 2.1 endpoints directly. Do not depend on an @qentrah/auth-sdk package unless your Qentrah contact has provided a private build.

Frontend responsibility

The frontend should only start authorization and receive the callback route. Use the button copy Authorize with Qentrah.

export function AuthorizeWithQentrahButton() {
  return <a href="/api/qentrah/oauth/start">Authorize with Qentrah</a>;
}

Backend responsibility

Your backend should generate PKCE values, store the verifier in a secure session, exchange the authorization code, refresh tokens, and call Workspace APIs.

export async function startQentrahOAuth() {
  // Generate code_verifier and S256 code_challenge.
  // Store the verifier in an HttpOnly session.
  // Redirect to /oauth/authorize.
}

AI agent implementation prompt

Copy a complete prompt for implementing Qentrah partner OAuth, env setup, and Workspace API reads.

Register an app

Configure client metadata, redirect URIs, scopes, and review status.

On this page

Current v1 pathFrontend responsibilityBackend responsibility