We recently added user account linking to our SaaS platform, which helps technical writers, researchers, and developers generate high-quality content, from code walkthroughs and white papers to research articles.
In this article, we share a high-level overview of the OAuth2 workflow we implemented using X’s API.
Along the way, we navigated authentication flows, token management, and made some thoughtful architectural decisions, and had a lot of fun doing it.
Here’s what the full social scheduling workflow looks like:
Press enter or click to view image in full size
User logs in and clicks “Connect X”
Application redirects the user to X’s authorization page.
User grants the application permission to access their account.
X redirects the user back to the application with an authorization code.
Application exchanges the authorization code for an access token and a refresh token.
Tokens are encrypted and stored in database.
The user selects a time slot from a calendar view.
Next, they provide input materials like keywords, URLs, plain text, or uploaded documents.
