Custom login using the API

This article describes how to login the user in the browser by using the Ideanote API. This technique can be used when JWT, SAML or OpenID isn't an option. In order to log in the user, you will have to follow these steps:

  1. Create or update the user and obtain the user's session token.
  2. Generate a link using the session token that can be used to automatically log in the user in the browser.

1. Create or update the user and obtain the user's session token.

The following JSON endpoint will automatically create the user if it doesn't exist or update the user if it already exists. The endpoint returns a session object with a sessionToken.


Body parameters:




The ID of your workspace


This key needs to always be set to the value: CUSTOM


A data object describing the user details



email (required)

The email of the user. We determine if there already exists a user on the workspace by finding an existing user with this email address.

apiToken (required)

The API token of an owner account on your workspace. This API token can be obtained from /settings/profile in the Ideanote webapp


Optionally unique ID that will be used to find an existing user on the Ideanote workspace. If sub isn't provided, email will be used to find an existing user instead.


The name of the user


A link to an image that should be used as avatar image for this user.


A team name that the user should be added to. The team will be created if it doesn't exists.


The locale of the user

Example Request:
curl ",,sessionToken" \
-H "Content-Type: application/json" \
-d '{
"spaceId": "b06f0a9a-4813-4515-81a0-29e8f2d193ec",
"kind": "CUSTOM",
"data": {
"email": "",
"apiToken": "f2dacce1fe557c7f140a3f7e85",
"name": "John Doe",
"avatarUrl": ""

Example Result:
"user": ...

After obtaining the sessionToken of the user, you can generate a link that can be used to log in the user directly in the browser.



First you will have to get a widget link. This can be found by sharing a mission, editting the embed code and getting a "full page" widget link.

Afterwards you will have to extend the URL with the query parameter: &auth.sessionToken={{SESSION_TOKEN}}.{{WIDGET_ID}}&auth.sessionToken={{SESSION_TOKEN}}


How did we do?

Powered by HelpDocs (opens in a new tab)