Simple TypeScript example for the full insERT OAuth flow and a first Subiekt123 API smoke test.
- Node.js 18+
- yarn
yarn installSet environment variables:
export CLIENT_ID="your-client-id"
export CLIENT_SECRET="your-client-secret"
export SUBSCRIPTION_KEY="your-subscription-key"The non-secret defaults are hard-coded at the top of src/cli.ts.
Run the full flow:
yarn dev- Generates PKCE
- Opens the login page
- Waits for the local callback
- Exchanges the code for a token
- Saves the token to
.insert-token.json - Calls the documents endpoint and prints the JSON
.envand.insert-token.jsonare ignored by git- secrets should stay in environment variables
Fix the OAuth setup and/or the CLI tool so that the entire flow runs successfully once, from start to finish:
yarn devShould complete without errors and return:
- A valid access token saved to
.insert-token.json - A successful API response with the documents list printed as JSON
When a user follows the authorization link, logs in, and clicks "authorize", an internal server error occurs instead of redirecting back to the local callback endpoint with an authorization code.
The application is configured with:
- OAuth app client ID and secret
- Callback URL set to
https://localhost:9876/callback - All required scopes
See Screenshot 1 for the OAuth application configuration:
After successful login and authorization consent, the browser shows an internal server error instead of redirecting to the callback endpoint.
See Screenshot 2 for the error that occurs:
- User clicks the authorization link printed by the CLI
- Browser opens the identity server login page
- User logs in and grants consent
- Browser redirects to
https://localhost:9876/callback?code=<auth_code>&state=<state> - The local callback server captures the code
- The CLI exchanges the code for a token
- The CLI calls the documents API and prints the result