Last updated 01/06/2023
The Bread & Butter API acts as a broker for identity providers. To initiate a login request you simply post to our authorization interface with the required information.
For GetAuthentication you need to pass your app_id and app_secret for authentication. These can be found at App Settings and App Secrets.
Bread & Butter uses HTTP response codes to indicate the success or failure of a request.
HTTP Status Descriptions Code Meaning 200 - OK All good. 302 - Redirect Used by the browser during the redirection workflows for authentication. 400 - Bad Request Bad request or invalid application configuration. 401 - Unauthorized Request not authorized. 404 - Not Found Could not find requested resource. 500 - Internal Server Error Error with the LogonLabs service.
After redirecting the user to the desired Identity Provider, the Callback URL is used to transfer control from BreadButter back to your system.
Once a user has authenticated with an Identity Provider, BreadButter will invoke your Callback URL with an ‘app_id’ and ‘authentication_token’ as query string parameters. Your system will need to implement code that gets the ‘authentication_token’ from the query string and then calls ‘GetAuthentciation’ to determine if the login attempt was a success. After checking the results of ‘GetAuthentication’, the normal user authentication workflow can resume (ie. creating the user’s session, creating cookies, redirecting to a default page, etc).
Add authentication & API event tracking to your website/app with a script tag & configuration