The vision for Money Button is to be the the world’s simplest payment system for websites and apps. It is easy for developers to install and easy for consumers to make payments.
Central to this notion is the ability for users to be able to “log in with Money Button” into websites and apps. This is important to allow user actions to be remembered by the app. For instance, an article purchased by a user inside an app will be available to the user on any device where the user logs in. The user does not have to purchase the article again on a new device.
Since the beginning, we have had an OAuth system built into Money Button that allows users to “log in with Money Button.” After listening to feedback from app developers, we have expanded the OAuth system in some important ways to enable new features for apps.
We have made three key improvements to the OAuth system:
1. More scopes, including the ability to query a user’s paymail or balance information with their permission.
2. A server-side API enabling the app to “log in as an app” to query for payments made to or for that app.
3. Expanded documentation.
We have created new scopes that allow developers to ask permission for more information for each user. Similar to the permission system used by smartphones, the user is asked if they agree to give access to certain information to the app.
The new information we now allow to be queried are the user’s primary paymail, avatar, balance information, and other information related to the public or private profile of that user.
When the user logs into an app, a window is presented to the user that looks like this, depending on which scopes the app requesting permission for:
Server-Side Log In As App
Often, apps want the ability to log in from a server with permission to query payments for that app. They wish to be able to do this without exposing their user account private key (and associated wallet) to the server.
We have enabled this functionality with the new ability to “log in as an app”, along with methods to query payments associated with that app:
In addition to the above features, we have expanded the documentation for OAuth.
We have documentation on how to query the user’s identity, public profile information, including paymail and avatar, and balance.
We have significantly expanded the abilities and documentation for our OAuth system based on developer and user feedback. We are interested in your thoughts on how to continue to expand our OAuth system. Please send feedback to firstname.lastname@example.org or join our Telegram group at t.me/moneybuttonhelp.