POST /v1/auth/sso/loopbio
Service: identity · operationId: (none)
Exchange the caller’s Loop WorkOS session for a short-lived JWT that LoopBio accepts at /auth/loop.
Required scopes
(no scope declared — review service config)
Responses
200 SSO token issued
{
"type": "object",
"properties": {
"token": {
"type": "string",
"description": "Signed HS256 JWT scoped to the LoopBio audience"
},
"expires_in": {
"type": "integer",
"description": "Token lifetime in seconds"
},
"audience": {
"type": "string",
"description": "JWT audience claim"
},
"redirect_url": {
"type": "string",
"format": "uri",
"description": "Convenience URL to redirect the member to"
}
},
"required": [
"token",
"expires_in",
"audience",
"redirect_url"
]
}401 Missing or invalid Loop session
{
"type": "object",
"properties": {
"error": {
"type": "string"
},
"message": {
"type": "string"
}
},
"required": [
"error",
"message"
]
}500 Token signing failed
{
"type": "object",
"properties": {
"error": {
"type": "string"
},
"message": {
"type": "string"
}
},
"required": [
"error",
"message"
]
}Example
curl -X POST https://identity.platform.loop.health/v1/auth/sso/loopbio \
-H "Authorization: Bearer $ACCESS_TOKEN"Related
services/identity— service overview- All endpoints — directory across services
- Auth model — how scopes are enforced