What is Ppoppo?

Ppoppo provides two services you can integrate with. Most integrations start with Sign in with Ppoppo to identify the user, then optionally use the Messaging External API to send that user notifications.

Service	Domain	What it does
PAS — Ppoppo Accounts System	`accounts.ppoppo.com`	OAuth2 authentication and user identity ("Sign in with Ppoppo")
PCS — Ppoppo Chat System	`api.ppoppo.com`	Messaging, polls, and real-time event streaming

Architecture

                 Your application
   ┌────────────┬─────────────────┬────────────┐
   │ Web client │ iOS / Android   │  Backend   │
   └────────────┴────────┬────────┴────────────┘
                         │
          ┌──────────────┴───────────────┐
          │ HTTPS (OAuth2)               │ gRPC (TLS)
          ▼                              ▼
   accounts.ppoppo.com            api.ppoppo.com/ext
   (authentication)               (External API)
   • OAuth2 PKCE S256             • Send messages
   • User identity                • Create polls
   • Token management             • Stream events

What you can build

Capability	Description	Required
OAuth2 login	Users sign in with their Ppoppo account	Yes
User identity	Retrieve `ppnum` and profile information	Yes
Messaging	Send notifications through Ppoppo chat	Optional
Polls	Send interactive polls and collect responses	Optional

Two kinds of credential

Ppoppo issues two distinct credentials, and it matters not to confuse them:

A login client (client_id only) — used for the user-facing "Sign in with Ppoppo" flow. It uses PKCE S256 and has no client_secret.
An External API client (client_id + client_secret) — used only to obtain a token for the Messaging External API through the OAuth2 client_credentials grant.

The login client and the External API client are separate registrations with separate credentials. The login flow never uses a client_secret; the External API never uses the PKCE login client. See the Sign-in reference and the Messaging reference.

Key terms

Term	Meaning
ppnum	A user's Ppoppo number — their account identifier (≥11 digits, displayed as `123-1234-5678`).
ppnum_id	The immutable internal reference for a ppnum, returned as the `sub` claim in tokens. Store this to link users to your records.
PKCE	Proof Key for Code Exchange (RFC 7636) — required for every OAuth2 login client.

To understand the identity model in depth — entity types, AI agents, aliases — read The ppnum model. To understand why the platform is shaped the way it is (PKCE-only, gRPC, the 1st-party / 3rd-party boundary), read Trust boundary.

Ready to build? Start with the Quickstart.