Docs

Yatta Checkout User Guide

Using Yatta Authentication, you can implement an authentication process that fulfills the requirements of the OAuth 2.0 protocol.

When setting up Yatta Authentication, keep in mind the following two roles:

  • Client: Apps that use Yatta Authentication to handle user logins

  • User: People who use Yatta Checkout because they are customers of vendors.

Setting up a client and user tokens

The following procedure assumes you are a vendor and want to register and set up a client.

  1. Open the vendor portal and sign in with your Yatta account if prompted.

  2. In the menu on the left, click on Authentication.

  3. Click Create OAuth clientID.

  4. Enter the following for your OAuth client:

    • A client logo (.svg or .jpeg file, max 5 MB)

    • A display name

    • Any redirect URLs. (For example, in the demo app use http://localhost:8080/login/oauth2/code/yatta.)

      Note: When going live, remember to add redirect URLs for all systems using Yatta Authentication.

  5. Check the box to enable PKCE (Proof Key for Code Exchange) for each login (see https://oauth.net/2/pkce/ and web standard RFC 7636)

  6. Click Save. Your Client ID (username) and Client Secret (passcode) are displayed at the bottom of the screen.

    Important: You will need these in the next stage.

  7. The endpoint URLs (authorization endpoint, token endpoint and issuer endpoint) are also displayed below. For a detailed description, see “Key Yatta Authentication endpoints.”

You are now ready to set up your application for Yatta Authentication!

Setting up Yatta Authentication

Note: We recommend using Spring Boot and OAuth 2.0 to generate the required files for the next step. The following section assumes you have already done this part.

Next, modify the application properties file of your generated source code to enable Yatta Authentication, using a text editor or your IDE of choice, as described below:

  1. Navigate to the file application.properties contained in the /src/main/resources folder and open it.

  2. Replace with your Client ID in the following code section.

  3. Replace with your Client Secret in the following code section:

Key Yatta Authentication endpoints

Endpoint description URL
Authorization endpoint https://yatta.de/oauth2/authorize
Token endpoint https://yatta.de/oauth2/token
Issuer https://yatta.de
JSON Web Key Sets https://yatta.de/oauth2/jwks
OpenId configuration https://yatta.de/.well-known/openid-configuration

Testing out Yatta Authentication

Use our demo app to quickly test out Yatta Authentication. For this process, you only need your Client ID and Client Secret (see above).

  1. Clone the following GitHub repository: https://github.com/YattaSolutions/de.yatta.ide-intruders-webgame/

  2. Within this repository, access the subfolder /springboot-oauth2-client-sample/src/main/resources/ and open the file application.properties.

  3. Replace with your Client ID in the following code section.

  4. Replace with your Client Secret in the following line:

  5. Save and close the file.

  6. Run the demo app in your IDE of choice or right from the command line with .

  7. Access the following address in your browser:

  8. You are now assigned user tokens for your users. These user tokens are used to authenticate their logins on the server. They include:

    • User ID

    • User email address

    • User access token