The embedded Journey is designed so that your application has minimal integration work. You load the component bundle, initialize the SDK, insert <sty-login> into your page, and listen for one event. The component handles the entire authentication flow internally: OIDC, PKCE, session management, screen transitions, and token exchange are all managed for you.

📘

For full setup details and configuration options, see the Embedded journey overview page.

🚧

Prerequisites

Before starting, your Strivacity application must have a client of the OIDC (using the Journey Flow API) type. See the Application clients documentation for setup instructions.

What your application does

1. Load the bundle: Import the component bundle once from your Strivacity cluster at application startup.
2. Initialize the SDK: Call initFlow() with mode: 'embedded' and your client configuration.
3. Place the component: Insert <sty-login> into the HTML of your login page.
4. Handle the login event: When the user completes authentication, the component fires a login event. Navigate the user to the protected part of your application.

That is the full integration surface. Everything else (the OIDC authorization request, session token management, screen rendering, form submission, and token exchange) happens inside the component.

What the component does internally

When <sty-login> connects to the DOM, it:

1. Initiates an OAuth 2.0 PKCE authorization flow against your Strivacity tenant.
2. Receives a session token and uses it to fetch the initial screen.
3. Renders each screen's widgets inline in your page using the Strivacity no-code components.
4. Submits form data on behalf of the user as they progress through the flow.
5. When the journey is complete, it follows the finalizeUrl to obtain an authorization code.
6. Exchanges the authorization code for tokens (POST /oauth2/token).
7. Fires the login event on the element so your application can react.

Your application code is not involved in any of these steps.