Accessing the globaliD APIs

While some API endpoints are public, most of the globaliD APIs require you to have an access token before you can call them. There are currently two ways in which your website or app can obtain an access token: using globaliDConnect, or using GlobaliD's web-client. globaliDConnect requires the user to have the globaliD app installed on their phone, and to set up a globaliD identity which they then use to identify themselves to your app or site. Using GlobaliD's web client, the user can sign up and authenticate themselves directly within your web app, using the GlobaliD's web client SDK.

Whichever way you obtain an access token, the token will then be tied to the user's identity. The fact that you possess the access token means that the user has authenticated themselves with your system, and you can be sure that that user was the one who signed into your system. Depending on the OAuth2 scope associated with your access token, you may also be able to obtain private information about the user's identity, and/or perform actions on that user's behalf.