In this guide, you’ll create a and to link your users’ accounts to Anon via your existing web and mobile apps. Let’s get started!

First, you’ll need an and account to authenticate with our APIs.

Let’s store the ID and session_token in environmental variables ANON_ORG_ID and ANON_SESSION_TOKEN for easy reference.

Connecting your Users

To allow your users to connect to Anon’s API from within your application (e.g. a web app, a mobile app, or browser extension), you’ll need to create a which tells Anon how to authenticate your users with our APIs.

You’ll need to have a valid session_token to make the request to create a , so follow the same steps to get a new session_token if your current one has expired.

Getting your JSON Web Key Set (JWKS) Public URL

🚧 Instructions for other OAuth providers COMING SOON 🚧

For this guide, we’ll create a that uses a JSON Web Key Set to authenticate your users with Anon’s APIs using their existing id_token from your OAuth Authorization Server.

For illustration, we’ll assume you’re using AWS Cognito to authenticate your users with your own services.

Anon can support any OAuth provider (such as Auth0 or Stytch) that uses JSON Web Key Sets for verifying signatures of an OIDC JWT id_token.

Using the AWS CLI, you can retrieve your Cognito User Pool information:

aws cognito-idp list-user-pools --max-results 10 —-output json

You should see a response like:

{
  "UserPools": [
      {
         "CreationDate": 1547763720.822,
         "LastModifiedDate": 1547763720.822,
         "LambdaConfig": {},
         "Id": "<region>_<userPoolId>",
         "Name": "MyUserPool"
      }
  ]
}

The JWKS public url is just https://cognito-idp.<region>.amazonaws.com/<userPoolId>/.well-known/jwks.json. For the next steps, we’ll use environment variables to save configuration data we create along the way.

We’ll start with this url, set ANON_JWKS_PUBLIC_URL=https://cognito-idp.<region>.amazonaws.com/<userPoolId>/.well-known/jwks.json

Creating a UserPool

Now that you have the JWKS public url for verifying an id_token from your OAuth provider, you’re ready to create a .

Create a file called userPool.json following this schema (replace the placeholders with your env variables):

{
  "name": "WebAppUsers",
  "description": "Users of coolkid.ai's web app.",
  "authorization": {
    "jwksUri": "${ANON_JWKS_PUBLIC_URL}"
  },
  "organizationId": "${ANON_ORG_ID}"
}

Send off the request to create a !

cat userPool.json | curl --request POST \
  --url https://svc.sandbox.anon.com/org/userPool \
  --header "Authorization: Bearer $ANON_SESSION_TOKEN" \
  --header 'Content-Type: application/json' \
  --data @-

You should see a response like:

{
  "id": "fb874282-e83b-4939-83a2-e8530d31475e",
  "name": "WebAppUsers",
  "description": "Users of coolkid.ai's web app.",
  "authorization": {
    "jwksUri": "<jwks_url>",
    "idClaim": "sub"
  },
  "organizationId": "<your-org-id>"
}

Now, set your env var ANON_USER_POOL_ID.

Create an SdkClient for your UserPool

Create a file called link_sdkclient.json following this schema (replace the placeholders with your env variables):

{
  "organizationId": "${ANON_ORG_ID}",
  "name": "CoolService",
  "kind": {
    "application": {
      "userPoolId": "${ANON_USER_POOL_ID}"
    }
  },
  "description": "CoolService connected to UserPool"
}

Send off the request to create the !

cat link_sdkclient.json | curl --request POST \
  --url https://svc.sandbox.anon.com/org/sdkClient \
  --header "Authorization: Bearer $ANON_SESSION_TOKEN" \
  --header 'Content-Type: application/json' \
  --data @-

You’ll receive a response like the following:

{
  "id": "<sdk-client-id>",
  "name": "CoolService",
  "description": "CoolService connected to UserPool",
  "organizationId": "${ANON_ORG_ID}",
  "auth": {
    "type": "userPool",
    "userPoolId": "${ANON_USER_POOL_ID}"
  }
}

Next Steps

Nailed it!

You’ve created an , your own account, a , and finally an to get your users integrated with Anon.

Next, you’ll learn how to integrate with our SDKs in your web apps, mobile apps (iOS, Android coming soon), and backend services to start accessing your users’ accounts on their behalf.

Select your platform below to continue:

🚧 Android coming soon! 🚧