Notice: Your site will use Java, PHP, or .Net technology? Have a look at our SDK´s in order to have a rich set of fetures for accessing these APIs.  By removing the need to manage access tokens manually, the SDK greatly simplifies the process of authentication and authorizing users and apps for your project.


Your instance of DRUID is designed to be able to integrate a large number of your different applications and websites of your digital ecosystem, and like so many others, you need the maximum integrity and security of these systems. We place our trust in the OAuth 2 protocol, because it is used worldwide among services with a high number of concurrences, and therefore there is an infinite amount of documentation in this respect. DRUID is our implementation of OAuth2 – draft 15 for with all the additional functions needed have been added.

Therefore, access by a web client to DRUID is done through this protocol. The authentication/authorization server will validate the credentials of the web client. This way we take this responsibility off the shoulders of the applications and websites, simplifying their development.


Login / Register/ Reauthorize
Obtain access token/oauth2/tokenPOST
Logged user
Edit account flow/register/edit_account_inputGET
Complete account flow/register/complete_account_inputGET
Manage tokens
Obtain client token/oauth2/tokenPOST
Refresh access token/oauth2/tokenPOST
Revoke token/oauth2/revokePOST
Exchange session/oauth2/tokenPOST
Validate tokens/oauth2/tokenPOST
Challenge Code Token flow
Obtain Challenge Code Token/oauth2/tokenPOST
Opt Out outside edit account/register/optoutGET
Opt In outside edit account/register/optinGET