DEV Community

Cover image for Handshake: Next.js boilerplate for OAuth with 200+ APIs
Felipe Aragão
Felipe Aragão

Posted on • Originally published at fiber.dev

Handshake: Next.js boilerplate for OAuth with 200+ APIs

Today, we're excited to announce Handshake.

Handshake is a new open-source project that helps developers obtain access tokens to popular APIs. It abstracts away the complexities of OAuth for over 200 apps while giving teams the flexibility and observability they need.

How it works

Handshake is a Next.js app that you can set up and deploy to Vercel within minutes. Just clone our repo and modify the app/options.ts file to configure the OAuth providers you need.

// app/options.ts
import { Salesforce, HandshakeOptions } from "handshake"

const options: HandshakeOptions = {
    // ...
    handlers: [
        Salesforce({
            clientId: "YOUR_CLIENT_ID",
            clientSecret: "YOUR_CLIENT_SECRET",
            scopes: [...]
        })
    ],
}

export default options
Enter fullscreen mode Exit fullscreen mode

Then, deploy your Handshake instance to a subdomain such as handshake.yourdomain.com. Finally, to request access tokens for an API (eg. Salesforce) from a user, redirect them to /auth/salesforce/redirect and let Handshake handle the rest.

Why we built this

Our goal at Fiber is to help developers build delightful integrations. To that end, we've been handling OAuth for some clients since our very first week as a company. As of today, we've taken thousands of end users through the process, and learned quite a bit on the way. Handshake is the product of that learning.

We didn't originally plan on offering something like Handshake. Personally, I didn't believe the pain was big enough to justify our attention. So we continued to handle OAuth for some clients as an bonus feature, without advertising it anywhere.

As time went on, we noticed a good amount of inbound interest in Fiber came from companies only looking for help with OAuth. Whenever we politely turned away these customers, we tried to point them towards good open-source solutions but couldn't find anything worth recommending. The projects we found usually fell into two categories: stale or bloated. The latter included projects that had moved beyond handling OAuth to incorporate lots of extra integration features. In the process, they lost flexibility and harmed developer experience.

Our plan

Our plan for Handshake is this to keep it open and to keep it simple. The goal is to help developers get access to their users' third-party accounts. We won't try to pack unrelated features into it, or offer an enterprise version to make money. (Fiber is how we make money ;).

That's it. We hope Handshake is useful to you. We're committed to keeping improving this project around for years to come.

Check out our documentation at handshake.cook and take us for a spin on Github. We'll love to hear your thoughts.

Top comments (1)

Collapse
 
fpaghar profile image
Fatemeh Paghar

It's fascinating to learn about the origins of Handshake, born out of the practical experiences and challenges faced while handling OAuth for clients at Fiber. The decision to keep Handshake open and focused on its core goal, without bloating it with unrelated features, is a commendable approach. It's great to see a project designed with simplicity and developer experience in mind.