Security enhancements to IP Vault and new Gemini 3.1 Flash Live STS model for Convo mode
API Documentation
Runtime API
- GETInitiate SSO login
- POSTSSO callback
- POSTGitHub Marketplace webhook receiver
- GETStart the Google Services (per-user) OAuth consent flow
- GETGoogle Services OAuth callback
- GETValidate the caller's stored Google Services token
- DELRevoke the caller's stored Google Services token
- GETStart the Google OAuth flow for an institution-level token
- GETValidate an institution's stored Google token
- DELRevoke an institution's stored Google token
- GETComplete the Canvas LMS API authorization handoff
Administrator API
- GETInitiate SSO login
- POSTSSO callback
- POSTGitHub Marketplace webhook receiver
- GETStart the Google Services (per-user) OAuth consent flow
- GETGoogle Services OAuth callback
- GETValidate the caller's stored Google Services token
- DELRevoke the caller's stored Google Services token
- GETStart the Google OAuth flow for an institution-level token
- GETValidate an institution's stored Google token
- DELRevoke an institution's stored Google token
- GETComplete the Canvas LMS API authorization handoff
curl --request GET \
--url https://pria.praxislxp.com/api/auth/google/services/callbackGoogle Services OAuth callback
Google redirects here after the user accepts (or rejects) the consent screen.
Validates the CSRF state against req.session.oauth_state, exchanges the
authorization code for tokens, then stores them on UserInstitution.googleLoginToken
or User.googleLoginToken depending on the institution context captured at
authorize time.
On success the user is redirected to ${PRIA_URL}/my-profile/me?oauth=google&status=success
(profile origin) or ${PRIA_URL}/pria/personal/qanda (chat origin). On failure the user
is redirected to ${PRIA_URL}/oauth/success?error=<code> where the SPA renders the
error. This callback is not a JWT-protected endpoint — auth is proven by the
session-bound CSRF state, identical to the public OAuth login callbacks.
curl --request GET \
--url https://pria.praxislxp.com/api/auth/google/services/callbackDocumentation Index
Fetch the complete documentation index at: https://docs.praxis-ai.com/llms.txt
Use this file to discover all available pages before exploring further.
Query Parameters
Authorization code returned by Google. Required on success.
CSRF state to compare against req.session.oauth_state.value.
Set by Google when the user denies consent or the request is malformed.
Response
Always a redirect. On success → profile or chat page (per the captured origin).
On any failure (missing code, state mismatch, token exchange error) →
${PRIA_URL}/oauth/success?error=<code>.
Was this page helpful?