Skip to main content
POST
/
oauth
/
connect
/
{provider}
JavaScript
import Cerca from '@cerca-dev/sdk';

const client = new Cerca({
  apiKey: process.env['CERCA_API_KEY'], // This is the default and can be omitted
});

const oauthConnectResponse = await client.oauth.connect('google', {
  owner: { type: 'organization' },
  returnOrigin: 'https://app.example.com',
});

console.log(oauthConnectResponse.authorizationUrl);
{
  "authorizationUrl": "https://accounts.google.com/o/oauth2/v2/auth?...",
  "callbackOrigin": "https://app.cerca.dev",
  "expiresAt": "2026-04-15T12:00:00.000Z",
  "stateNonce": "nonce_abc123"
}

Documentation Index

Fetch the complete documentation index at: https://docs.cerca.dev/llms.txt

Use this file to discover all available pages before exploring further.

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

provider
string
required
Minimum string length: 1
Example:

"google"

Body

application/json
owner
OrganizationConnectionOwner · object
required

Public owner for a reusable connection. Organization owners use the authenticated organization; fleet owners add a fleetId.

returnOrigin
string
required

HTTP(S) origin that receives the OAuth completion message.

Example:

"https://app.example.com"

scopes
string[]

Provider-specific OAuth scopes. Empty entries are ignored after trimming.

Example:
["email", "profile"]

Response

OAuth authorization start details.

authorizationUrl
string
required

Provider authorization URL that the client should open.

Example:

"https://accounts.google.com/o/oauth2/v2/auth?..."

callbackOrigin
string
required

Origin hosting the OAuth callback endpoint.

Example:

"https://app.cerca.dev"

expiresAt
string

OAuth state expiration timestamp, when returned.

Example:

"2026-04-15T12:00:00.000Z"

stateNonce
string

OAuth state nonce, when returned.

Example:

"nonce_abc123"