The Mini Apps platform requires merchants to mandatorily integrate the login flow for Mini Apps. Essentially a merchant cannot have a manual sign-in process for the user i.e. whenever a Mini Apps requires user credentials, the only method allowed is via the Login Flow
Note: Essentially merchants can not have a manual sign-in process for the user i.e. whenever a Mini Apps requires user credentials, the only method allowed is via the Paytm Login Flow.
The login flow for Mini Apps works like this:
- User clicks on the Mini App icon on the Paytm Mini App Store, Paytm opens the merchant's Mini App
- User browses the catalog / adds items to their cart
- When the merchant’s Mini App flow requires to login the user, user is shown a popup asking permission to share their credentials with the merchant
- Once a user taps on "Allow", they are seamlessly logged in to the merchant Mini App
Note: The consent will only come once and for returning users, the merchant can seamlessly access user details to facilitate login. Detailed Login steps can be found here.
Integrating Login flow in Mini Apps involves the following steps:
Step 1: Call paytmFetchAuthCode JS API at client end to get the Auth Code
Step 2: Call getAccessToken API from backend (S2S) to get Auth Token using the Auth Code received in Step 1
Step 3: Call getUserInfo API from backend (S2S) to get user details of Paytm users and seamlessly login the user
Note: Please ensure the client secret shared during your app onboarding is never passed to your frontend/ m-web in the flow.
Please watch this tutorial to understand the login integration process in more detail