Latest library version: 3.1.8

Front end:

Include the library SDK:

var el = document.createElement("script");
el.async = true;
el.defer = true;
el.src = "https://cdn.jsdelivr.net/npm/[email protected]${version}/dist/oneaccount.min.js";

Or just include the script in your HTML (at the end of your body tag):

<script defer async src="https://cdn.jsdelivr.net/npm/[email protected]<version>/dist/oneaccount.min.js"></script>

Initialize the library:

if (window.oneaccount) {
} else {
document.addEventListener("oneaccount-loaded", initOneaccount);
// init the library
function initOneaccount() {
window.oneaccount.init("your external id", {
// NOTE: Please check the Library options page for more customisations
iOSRedirectURL: "/user", // required
callbackURL: "/oneaccountauth", // required

Add the button:

<!-- NOTE: the classes are important for the library to attach the click bindings -->
<button class="oneaccount-button oneaccount-show">Sign in/up using One account</button>
document.addEventListener("oneaccount-authenticated", function(event) {
// data contains any data you have returned from the backend
var data = event.detail;
// your business logic here


Setup the library:

package main
import (
func main() {
var redisClient = redis.NewClient(&redis.Options{})
oa := oneaccount.New(
// If engine setter and getter are not set an in-memory engine will be used.
// For production it is recommended to provide an engine setter and getter:
// for this example we will use redis but any other storage could be used
oneaccount.SetEngineSetter(func(ctx context.Context, k string, v []byte) error {
return redisClient.Set(ctx, k, v, 3 * time.Minute).Err()
oneaccount.SetEngineGetter(func(ctx context.Context, k string) ([]byte, error) {
v, err := redisClient.Get(ctx, k).Result()
if err != nil {
return nil, err
return []byte(v), redisClient.Del(ctx, k).Err()
// The route URL is the callback URL you have set when you created One account app.
http.Handle("/oneaccountauth", oa.Auth(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// NOTE: never return code 200 if a user is not authenticated
if !oneaccount.IsAuthenticated(r) {
http.Error(w, "something went wrong while authenticating, please try again later", http.StatusInternalServerError)
// a user is authenticated and you can implement any logic your application
// needs. oneaccount.Data(r) returns the data sent by the user
// after successful authentication.
// since One account doesn't differentiate between sign up and sign in,
// you can use userId to check if the user signed up c on your website or not.
// the same way you can access any other data you requested from the user:
type User struct {
FirstName string `json:"firstName"`
UserID int `json:"userId"`
var data = user{}
if err := json.Unmarshal(oneaccount.Data(r), &data); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
// any data returned here would be sent to oneaccount-authenticated event on front-end e.g.:
w.Header().Set("Content-Type", "application/json; charset=utf-8")
// NOTE: handle the error

For more options of authentication please check the library documentation: https://github.com/oilastudio/oneaccount-go