Worldcoin

Sign In with Worldcoin

Integration

This guide assumes you have already completed the steps to set up the Developer Portal.

World ID can be used as an authentication mechanism. If you already have an OIDC-compatible authentication engine, you can integrate Sign In with Worldcoin using the steps below.

Typical OIDC-compatible authentication engines include Auth0, AWS Cognito, CloudFlare Access, OneLogin and many more. Most languages and frameworks have simple open source packages for this.

Follow our guides for Auth0 and NextAuth.js in the Sign In Quick Start section.

If you don't have an authentication engine, you can implement OIDC flows yourself. See the OIDC Explainer and Sign In Reference for details.

Configure your auth engine

Configure your OIDC authentication engine to use World ID as an Identity Provider (IdP), you will need the following information:

  • Discovery endpoint: https://id.worldcoin.org/.well-known/openid-configuration (if supported by your OIDC client engine, this will set everything automatically, continue below otherwise)

Required inputs

  • Client ID: your app id from the Developer Portal (e.g. app_GBkZ1KlVUdFTjeMXskrX).
  • Client secret: app secret, obtained from the "Sign In" tab in the Developer Portal (e.g. sk_6f07e1566ee4b765fe23d8c8).
  • Authorize endpoint: https://id.worldcoin.org/authorize
  • Response type: depends on how you want to authenticate, follow the recommendations of your engine. We recommend auth code flow for server-side apps and implicit flow for client-side apps
    • Supported response types: code (authorization flow), id_token (implicit flow), token, or a combination of them (hybrid flow).

Optional inputs

  • (Optional for implicit flow). Token endpoint: https://id.worldcoin.org/token
  • (Optional). User info endpoint: https://id.worldcoin.org/userinfo
  • (Optional). Introspect endpoint: https://id.worldcoin.org/introspect

Once you have configured this, you can start the authentication flow from your app or authentication engine.

This will use the default World ID login page. If you instead want to build your own authentication page, check out the Sign In Widget page in the Advanced Use Cases section.