docs/docs/00200-core-concepts/00500-authentication/00100-spacetimeauth/00400-testing.md
:::warning
SpacetimeAuth is currently in beta, some features may not be available yet or may change in the future. You might encounter bugs or issues while using the service. Please report any problems you encounter to help us improve SpacetimeAuth.
:::
Before integrating SpacetimeAuth into your application code, it’s a good idea to verify that your client and redirect URIs are working correctly. One of the easiest ways to do this is with OIDC Debugger.
OIDC Debugger simulates the OAuth2 / OIDC Authorization Code flow in your browser. It allows you to:
email, sub, preferred_username, etc.).Authorization Endpoint:
https://auth.spacetimedb.com/oidc/auth
Token Endpoint:
https://auth.spacetimedb.com/oidc/token
Client ID: From your SpacetimeAuth dashboard, you can use any available client.
Redirect URI: https://oidcdebugger.com/debug must be added to your client’s allowed redirect URIs in the SpacetimeAuth dashboard.
Go to https://oidcdebugger.com.
Fill out the fields as follows, leave all other fields at their defaults (e.g., response type = code, state, nonce).
| Field | Value |
|---|---|
| Authorize URI | https://auth.spacetimedb.com/oidc/auth |
| Client ID | Your SpacetimeAuth client ID |
| Scope | openid profile email (or a subset) |
| Use PKCE? | Checked |
| Token URI | https://auth.spacetimedb.com/oidc/token |
:::warning You do not need to enter the client secret here since the tool runs in the browser. :::
Depending on the scopes you requested, you should receive an ID token like this:
You can decode the ID token using any JWT decoder (e.g. jwt.io) to see the claims included. For example:
{
"sub": "user_ergqg1q5eg15fdd54",
"project_id": "project_xyz123",
"email": "[email protected]",
"email_verified": true,
"preferred_username": "exampleuser",
"first_name": "Example",
"last_name": "User",
"name": "Example User"
}