Loading...
Back to Console

Sign in with Heavstal Tech™

Integrate the Heavstal Identity ecosystem into your applications. We support standard OAuth 2.0 and OpenID Connect protocols.

1. Configuration Endpoints

Authorizationhttps://accounts-heavstal.vercel.app/oauth/authorize
Tokenhttps://accounts-heavstal.vercel.app/api/oauth/token
User Infohttps://accounts-heavstal.vercel.app/api/oauth/userinfo

2. Button Branding

Use the official Heavstal icon for your sign-in buttons.

html

<!-- HTML / Tailwind CSS -->
<button class="flex items-center gap-3 bg-[#050507] text-white px-4 py-2 rounded-md font-medium hover:bg-black transition">
  <img src="https://heavstal-tech.vercel.app/ht_icon.svg" width="20" height="20" alt="Heavstal" />
  <span>Sign in with Heavstal</span>
</button>

3. Next.js Integration

v1.0.1

Use our official NPM package to integrate quickly with NextAuth.js.

$ npm install heavstal-auth

Usage in Auth.js / NextAuth

Import the provider and add it to your configuration.

typescript

import NextAuth from "next-auth";
import HeavstalProvider from "heavstal-auth";

export const authOptions = {
  providers: [
    HeavstalProvider({
      clientId: process.env.HEAVSTAL_CLIENT_ID!,
      clientSecret: process.env.HEAVSTAL_CLIENT_SECRET!,
    })
  ]
};

4. Node.js (Raw Fetch)

For standard Node.js backends (Express, Fastify) not using NextAuth.

javascript

const exchangeCodeForToken = async (code) => {
  const params = new URLSearchParams();
  params.append('client_id', 'YOUR_CLIENT_ID');
  params.append('client_secret', 'YOUR_CLIENT_SECRET');
  params.append('code', code);
  params.append('redirect_uri', 'YOUR_REDIRECT_URI');
  params.append('grant_type', 'authorization_code');

  const response = await fetch('https://accounts-heavstal.vercel.app/api/oauth/token', {
    method: 'POST',
    headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
    body: params
  });

  const data = await response.json();
  return data.access_token;
};

5. Python (Requests)

python

import requests

def get_heavstal_token(auth_code):
    url = "https://accounts-heavstal.vercel.app/api/oauth/token"
    payload = {
        'client_id': 'YOUR_CLIENT_ID',
        'client_secret': 'YOUR_CLIENT_SECRET',
        'code': auth_code,
        'redirect_uri': 'YOUR_REDIRECT_URI',
        'grant_type': 'authorization_code'
    }
    
    response = requests.post(url, data=payload)
    return response.json()

6. PHP (cURL)

php
<?php
$ch = curl_init("https://accounts-heavstal.vercel.app/api/oauth/token");

$data = http_build_query([
  "client_id" => "YOUR_CLIENT_ID",
  "client_secret" => "YOUR_CLIENT_SECRET",
  "code" => $_GET["code"],
  "redirect_uri" => "YOUR_REDIRECT_URI",
  "grant_type" => "authorization_code"
]);

curl_setopt_array($ch, [
  CURLOPT_POST => true,
  CURLOPT_POSTFIELDS => $data,
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_HTTPHEADER => [
    "Content-Type: application/x-www-form-urlencoded"
  ]
]);

$response = curl_exec($ch);
curl_close($ch);

echo $response;
?>

7. Go (net/http)

go

package main

import (
  "bytes"
  "net/http"
  "io/ioutil"
)

func exchangeCode(code string) ([]byte, error) {
  data := []byte("client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET&code=" + code + "&redirect_uri=YOUR_REDIRECT_URI&grant_type=authorization_code")

  req, _ := http.NewRequest("POST", "https://accounts-heavstal.vercel.app/api/oauth/token", bytes.NewBuffer(data))
  req.Header.Add("Content-Type", "application/x-www-form-urlencoded")

  client := &http.Client{}
  res, err := client.Do(req)
  if err != nil {
    return nil, err
  }

  body, _ := ioutil.ReadAll(res.Body)
  return body, nil
}

8. Java (OkHttp)

java

OkHttpClient client = new OkHttpClient();

RequestBody body = new FormBody.Builder()
  .add("client_id", "YOUR_CLIENT_ID")
  .add("client_secret", "YOUR_CLIENT_SECRET")
  .add("code", authCode)
  .add("redirect_uri", "YOUR_REDIRECT_URI")
  .add("grant_type", "authorization_code")
  .build();

Request request = new Request.Builder()
  .url("https://accounts-heavstal.vercel.app/api/oauth/token")
  .post(body)
  .build();

Response response = client.newCall(request).execute();
System.out.println(response.body().string());

9. C# (.NET)

csharp

var values = new Dictionary<string, string>
{
  { "client_id", "YOUR_CLIENT_ID" },
  { "client_secret", "YOUR_CLIENT_SECRET" },
  { "code", authCode },
  { "redirect_uri", "YOUR_REDIRECT_URI" },
  { "grant_type", "authorization_code" }
};

var content = new FormUrlEncodedContent(values);
var client = new HttpClient();
var response = await client.PostAsync("https://accounts-heavstal.vercel.app/api/oauth/token", content);

var json = await response.Content.ReadAsStringAsync();

10. Ruby

ruby

require 'net/http'
require 'uri'

uri = URI("https://accounts-heavstal.vercel.app/api/oauth/token")
response = Net::HTTP.post_form(uri, {
  client_id: "YOUR_CLIENT_ID",
  client_secret: "YOUR_CLIENT_SECRET",
  code: auth_code,
  redirect_uri: "YOUR_REDIRECT_URI",
  grant_type: "authorization_code"
})

puts response.body

11. cURL (Universal)

bash

curl -X POST https://accounts-heavstal.vercel.app/api/oauth/token \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "client_id=YOUR_CLIENT_ID" \
  -d "client_secret=YOUR_CLIENT_SECRET" \
  -d "code=AUTH_CODE" \
  -d "redirect_uri=YOUR_REDIRECT_URI" \
  -d "grant_type=authorization_code"