Best practices for OAuth

Learn some best practices for using OAuth in your extension to ensure your users have a seamless experience.

Availability for unauthenticated users

Make sure you don’t add conditions to the extension logic that prevent unauthenticated users from finding and being able to configure your extension.

One way to ensure this is to avoid calling your third-party application with the OAuth token in the onLoad method. Instead, try to store any data that’s needed to render the initial configuration UI in the extension configuration.

Avoid cleaning up configuration when users disconnect

When a user disconnects an extension, it’s important to avoid cleaning up the extension’s configuration. It’s better to allow users to switch between different accounts and keep the configuration in place.

Did you find this doc useful?

Your feedback helps us improve our docs.

Don’t fill this out if you’re human:

Send

Got it!

Your feedback helps us improve our docs.

• Netlify
• Careers
• Blog
• Terms
• Privacy

© 2023 Netlify