joplin/docs/spec/clipper_auth/index.html

<!DOCTYPE html>
<html lang="en">

<!--

!!! WARNING !!!

This file was auto-generated from readme/spec/clipper_auth.md and any manual change
made to it will be overwritten. To make a change to this file please modify
the source Markdown file:

https://github.com/laurent22/joplin/blob/dev/readme/spec/clipper_auth.md

-->

	<head>
<!-- Donate button A/B testing -->
<script async src="https://www.googleoptimize.com/optimize.js?id=OPT-PW3ZPK3"></script>		<meta
			charset="utf-8"
			http-equiv="X-UA-Compatible"
			content="IE=edge,chrome=1"
		/>
		<link rel="icon" href="&#x2F;images/favicon.png" />
		<meta name="viewport" content="width=device-width, initial-scale=1" />
		<meta name="theme-color" content="#000000" />
		<meta name="description" content="Joplin, the open source note-taking application" />
		<link
			rel="stylesheet"
			href="&#x2F;css/bootstrap5.0.2.min.css"
			as="style"
		/>
		<link rel="stylesheet" href="&#x2F;css/fontawesome-all.min.css?t=1628511531165">
		<link
			href="https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&display=swap"
			rel="stylesheet"
			as="style"
			media="all"
			onload="this.media='all'; this.onload = null"
		/>
		<link rel="stylesheet" href="&#x2F;css/site.css?t=1628511531165" as="style" />
		<title>Clipper authorisation mechanism | Joplin</title>

		<script
			src="&#x2F;js/jquery-3.6.0.min.js"
			rel="preload"
			as="script"
		></script>
	</head>
	<body class="website-env-prod">
		<div class="container-fluid generic-template -page" id="main-container">

<div class=" navbar-main white-bg" id="nav-section">
	<div class="container">
		<div class="row">
			<div class="col-3">
				<a href="/">
					<img
						src="&#x2F;images/logo-text-blue.svg"
						alt=""
						id="top-logo"
						width="180"
					/>
				</a>
			</div>
			<div class="col-9 text-right d-none d-md-block">
				<a href="/help/" class="fw500">Help</a>
				<a href="https:&#x2F;&#x2F;discourse.joplinapp.org&#x2F;" class="fw500">Forum</a>
<a href="/plans/" class="button-link btn-trans plans-button">Joplin Cloud</a><a class="button-link btn-blue sponsor-button" href="/donate">
	<i class="fas fa-heart heart-full"></i><i class="far fa-heart heart-line"></i>&nbsp;Support us
</a>			</div>
			<div class="col-9 text-right d-block d-md-none">
				<span class="pointer"
					><img
						src="&#x2F;images/mobile-menu-black-open-icon.png"
						id="open-menu-mobile"
						alt=""
				/></span>
				&nbsp;&nbsp;

				<div id="menu-mobile">
					<div>
						<div class="text-right">
							<img
								src="&#x2F;images/close-icon.png"
								alt=""
								class="pointer"
								id="close-menu-mobile"
							/>
						</div>

						<div class="text-center menu-mobile-top">
							<a href="https:&#x2F;&#x2F;discourse.joplinapp.org&#x2F;" class="fw500 mobile-menu-link">Forum</a>
							<a href="/help/" class="fw500 mobile-menu-link">Help</a>
						</div>

						<div class="menu-mobile-buttons">
<a href="/plans/" class="button-link btn-trans plans-button">Joplin Cloud</a><a class="button-link btn-blue sponsor-button" href="/donate">
	<i class="fas fa-heart heart-full"></i><i class="far fa-heart heart-line"></i>&nbsp;Support us
</a>						</div>
					</div>

						<div id="toc-mobile"><div><ul>
<li>
<p>Applications</p>
<ul>
<li><a href="/desktop/">Desktop application</a></li>
<li><a href="/mobile/">Mobile applications</a></li>
<li><a href="/terminal/">Terminal application</a></li>
<li><a href="/clipper/">Web Clipper</a></li>
</ul>
</li>
<li>
<p>Support</p>
<ul>
<li><a href="https://discourse.joplinapp.org">Joplin Forum</a></li>
<li><a href="/markdown/">Markdown Guide</a></li>
<li><a href="/e2ee/">How to enable end-to-end encryption</a></li>
<li><a href="/conflict/">What is a conflict?</a></li>
<li><a href="/debugging/">How to enable debug mode</a></li>
<li><a href="/rich_text_editor/">About the Rich Text editor limitations</a></li>
<li><a href="/faq/">FAQ</a></li>
</ul>
</li>
<li>
<p>Joplin Cloud</p>
<ul>
<li><a href="/share_notebook/">Sharing a notebook</a></li>
<li><a href="/publish_note/">Publishing a note</a></li>
</ul>
</li>
<li>
<p>Joplin API - Get Started</p>
<ul>
<li><a href="/api/overview/">Joplin API Overview</a></li>
<li><a href="/api/get_started/plugins/">Plugin development</a></li>
<li><a href="/api/tutorials/toc_plugin/">Plugin tutorial</a></li>
</ul>
</li>
<li>
<p>Joplin API - References</p>
<ul>
<li><a href="https://joplinapp.org/api/references/plugin_api/classes/joplin.html">Plugin API</a></li>
<li><a href="/api/references/rest_api/">Data API</a></li>
<li><a href="/api/references/plugin_manifest/">Plugin manifest</a></li>
<li><a href="/api/references/plugin_loading_rules/">Plugin loading rules</a></li>
<li><a href="/api/references/plugin_theming/">Plugin theming</a></li>
</ul>
</li>
<li>
<p>Development</p>
<ul>
<li><a href="https://github.com/laurent22/joplin/blob/dev/BUILD.md">How to build the apps</a></li>
<li><a href="/spec/e2ee/">End-to-end encryption spec</a></li>
<li><a href="/spec/history/">Note History spec</a></li>
<li><a href="/spec/sync_lock/">Sync Lock spec</a></li>
<li><a href="/spec/plugins/">Plugin Architecture spec</a></li>
<li><a href="/spec/search_sorting/">Search Sorting spec</a></li>
<li><a href="/spec/server_file_url_format/">Server: File URL Format</a></li>
<li><a href="/spec/server_delta_sync/">Server: Delta Sync</a></li>
<li><a href="/spec/server_sharing/">Server: Sharing</a></li>
</ul>
</li>
<li>
<p>Google Summer of Code 2021</p>
<ul>
<li><a href="/gsoc2021/index/">Google Summer of Code 2021</a></li>
<li><a href="/gsoc2021/pull_request_guidelines/">How to submit a GSoC pull request</a></li>
<li><a href="/gsoc2021/ideas/">Project Ideas</a></li>
</ul>
</li>
<li>
<p>About</p>
<ul>
<li><a href="/changelog/">Changelog (Desktop App)</a></li>
<li><a href="/changelog_cli/">Changelog (CLI App)</a></li>
<li><a href="/changelog_server/">Changelog (Server)</a></li>
<li><a href="/stats/">Stats</a></li>
<li><a href="/donate/">Donate</a></li>
</ul>
</li>
</ul>
</div></div>
					
					<div>
						<p class="light-blue mobile-menu-link-bottom text-center">
							Copyright &copy; 2016-2021 Laurent&nbsp;Cozic
							<br/>
							<a href="/privacy/" class="fw500">Privacy Policy</a>
						</p>
					</div>
				</div>
			</div>
		</div>
	</div>
</div>
			<div class="help-page-container page-clipper_auth">
				<div class="container">
					<div class="row content-wrapper">
						<div id="toc"><div><ul>
<li>
<p>Applications</p>
<ul>
<li><a href="/desktop/">Desktop application</a></li>
<li><a href="/mobile/">Mobile applications</a></li>
<li><a href="/terminal/">Terminal application</a></li>
<li><a href="/clipper/">Web Clipper</a></li>
</ul>
</li>
<li>
<p>Support</p>
<ul>
<li><a href="https://discourse.joplinapp.org">Joplin Forum</a></li>
<li><a href="/markdown/">Markdown Guide</a></li>
<li><a href="/e2ee/">How to enable end-to-end encryption</a></li>
<li><a href="/conflict/">What is a conflict?</a></li>
<li><a href="/debugging/">How to enable debug mode</a></li>
<li><a href="/rich_text_editor/">About the Rich Text editor limitations</a></li>
<li><a href="/faq/">FAQ</a></li>
</ul>
</li>
<li>
<p>Joplin Cloud</p>
<ul>
<li><a href="/share_notebook/">Sharing a notebook</a></li>
<li><a href="/publish_note/">Publishing a note</a></li>
</ul>
</li>
<li>
<p>Joplin API - Get Started</p>
<ul>
<li><a href="/api/overview/">Joplin API Overview</a></li>
<li><a href="/api/get_started/plugins/">Plugin development</a></li>
<li><a href="/api/tutorials/toc_plugin/">Plugin tutorial</a></li>
</ul>
</li>
<li>
<p>Joplin API - References</p>
<ul>
<li><a href="https://joplinapp.org/api/references/plugin_api/classes/joplin.html">Plugin API</a></li>
<li><a href="/api/references/rest_api/">Data API</a></li>
<li><a href="/api/references/plugin_manifest/">Plugin manifest</a></li>
<li><a href="/api/references/plugin_loading_rules/">Plugin loading rules</a></li>
<li><a href="/api/references/plugin_theming/">Plugin theming</a></li>
</ul>
</li>
<li>
<p>Development</p>
<ul>
<li><a href="https://github.com/laurent22/joplin/blob/dev/BUILD.md">How to build the apps</a></li>
<li><a href="/spec/e2ee/">End-to-end encryption spec</a></li>
<li><a href="/spec/history/">Note History spec</a></li>
<li><a href="/spec/sync_lock/">Sync Lock spec</a></li>
<li><a href="/spec/plugins/">Plugin Architecture spec</a></li>
<li><a href="/spec/search_sorting/">Search Sorting spec</a></li>
<li><a href="/spec/server_file_url_format/">Server: File URL Format</a></li>
<li><a href="/spec/server_delta_sync/">Server: Delta Sync</a></li>
<li><a href="/spec/server_sharing/">Server: Sharing</a></li>
</ul>
</li>
<li>
<p>Google Summer of Code 2021</p>
<ul>
<li><a href="/gsoc2021/index/">Google Summer of Code 2021</a></li>
<li><a href="/gsoc2021/pull_request_guidelines/">How to submit a GSoC pull request</a></li>
<li><a href="/gsoc2021/ideas/">Project Ideas</a></li>
</ul>
</li>
<li>
<p>About</p>
<ul>
<li><a href="/changelog/">Changelog (Desktop App)</a></li>
<li><a href="/changelog_cli/">Changelog (CLI App)</a></li>
<li><a href="/changelog_server/">Changelog (Server)</a></li>
<li><a href="/stats/">Stats</a></li>
<li><a href="/donate/">Donate</a></li>
</ul>
</li>
</ul>
</div></div>

						<div class="main-content">
							<div class="alert alert-danger alert-env-dev" role="alert">
								Running in prod mode!
							</div>
							<div class="donate-links">
<p><a href="https://www.paypal.com/cgi-bin/webscr?cmd=_donations&amp;business=E8JMYD2LQ8MMA&amp;lc=GB&amp;item_name=Joplin+Development&amp;currency_code=EUR&amp;bn=PP%2dDonationsBF%3abtn_donateCC_LG%2egif%3aNonHosted"><img src="https://raw.githubusercontent.com/laurent22/joplin/dev/Assets/WebsiteAssets/images/badges/Donate-PayPal-green.svg" alt="Donate using PayPal"></a> <a href="https://github.com/sponsors/laurent22/"><img src="https://raw.githubusercontent.com/laurent22/joplin/dev/Assets/WebsiteAssets/images/badges/GitHub-Badge.svg" alt="Sponsor on GitHub"></a> <a href="https://www.patreon.com/joplin"><img src="https://raw.githubusercontent.com/laurent22/joplin/dev/Assets/WebsiteAssets/images/badges/Patreon-Badge.svg" alt="Become a patron"></a> <a href="https://joplinapp.org/donate/#donations"><img src="https://raw.githubusercontent.com/laurent22/joplin/dev/Assets/WebsiteAssets/images/badges/Donate-IBAN.svg" alt="Donate using IBAN"></a></p>
</div>
<h1>Clipper authorisation mechanism<a name="clipper-authorisation-mechanism" href="#clipper-authorisation-mechanism" class="heading-anchor">🔗</a></h1>
<p>In order to access the clipper API, the client must use a token, which is a random string generated by the application.</p>
<p>There are two ways for applications to obtain this token:</p>
<h2>Get it from the user<a name="get-it-from-the-user" href="#get-it-from-the-user" class="heading-anchor">🔗</a></h2>
<p>The user can copy the token in the Clipper configuration page and provide it directly to the application. This is the simplest method.</p>
<h2>Request it programmatically<a name="request-it-programmatically" href="#request-it-programmatically" class="heading-anchor">🔗</a></h2>
<p>The token can also be requested programmatically, as is done for the web clipper extension. It works as below:</p>
<ul>
<li>
<p>The client calls <code>POST /auth</code>. The server responds with <code>{ auth_token: &quot;AUTH_TOKEN&quot; }</code>. This <code>auth_token</code> is different from the regular token - it is just used to authentify the client.</p>
</li>
<li>
<p>The application displays a message asking the user to Accept or Reject the access request.</p>
</li>
<li>
<p>The clients calls <code>GET /auth/check?auth_token=AUTH_TOKEN</code> at regular intervals. Initially the server responds with <code>{ status: &quot;waiting&quot; }</code>, since we are waiting for the user to confirm or reject.</p>
</li>
<li>
<p>Once the user accepts the request in the application, the server returns <code>{ status: &quot;accepted&quot;, token: &quot;API_TOKEN&quot; }</code>.</p>
</li>
<li>
<p>The client can now use this <code>API_TOKEN</code> to make requests.</p>
</li>
<li>
<p>If the users rejects the request, the server returns <code>{ status: &quot;rejected&quot; }</code>, and the client can display an error message.</p>
</li>
</ul>

								<div class="bottom-links">
									<a href="https://github.com/laurent22/joplin/blob/dev/readme/spec/clipper_auth.md">
										<i class="fab fa-github"></i> Improve this doc
									</a>
								</div>
						</div>
					</div>
				</div>
			</div>

			<footer class="darkblue-bg">
				<div class="container">
					<div class="row">
						<div class="col-3 d-none d-md-block">
							<img src="&#x2F;images/logo-text.svg" alt="" width="150" />
						</div>
					</div>
					<div class="row">
						<div class="col-12">
							<hr />
						</div>
					</div>
					<div class="row">
						<div class="col-12 col-md-6">
							<img
								src="&#x2F;images/logo-text.svg"
								width="120"
								class="img-center d-block d-md-none"
								alt=""
							/>
							<br class="d-block d-md-none" />
							<p class="text-center-sm">Copyright &copy; 2016-2021 Laurent Cozic</p>
						</div>
						<div class="col-12 col-md-6 right-links">
							<p class="text-right text-center-sm">
								<a href="https://github.com/laurent22/joplin/" class="github-link"><i class="fab fa-github"></i> GitHub Repository</a>
								<a href="/privacy/">Privacy Policy</a>
							</p>
						</div>
					</div>
				</div>
			</footer>
		</div>

		<script src="&#x2F;js/script.js?t=1628511531165"></script>

<script>
	if (window.location.hostname !== 'localhost') {
		(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
		(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
		m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
		})(window,document,'script','https://www.google-analytics.com/analytics.js','ga');
		ga('create', 'UA-103586105-1', 'auto');
		ga('send', 'pageview');
	}
</script>	</body>
</html>