Before making any API calls you will want to check if there is an existing token. To do this you can use NIKEPLUS.getAuthData. The only argument is a callback that is passed a status of the token, and if there is a token a second property that includes the auth data, including an expires_in property that is how many seconds until the token expires. The following is an example of how you could check for an access token and if you don't find one, show the login button, and if you do have a token, make an api call.
To start the login flow you can call NIKEPLUS.login. It takes one optional argument which is the element where the login button will be appended. If no arguments are added to login the button will be appended to the body of your page. When the user clicks the button they will be shown the Nike Plus login page. Once the user has successfully logged in the window will be redirected to the redirect_uri. If the response type is token the auth params will be in the hash of the redirect URI and the SDK will parse that data and pass it to the authSuccess function. If the response type is code the auth params will be in the query string and the sdk will not do anything with the data.
When using a response type of token (implicit flow), the code served at the redirect URI should be very simple. By using the authSuccess method the page should just redirect the user to where in the app they need to be once logged in. The sdk will store all the auth data for use later and will keep track of the tokens expiration, but if you would like to store any of the auth data for your own use it will be returned to the authSuccess function. Here is an example redirect page:
When using a response type of code (auth code flow), the redirect URI should have server side code that reads the auth params from the query string. The sdk does not do anything at redirect time when using the auth code flow. If you would like to use the SDK with a token retrieved via the auth code flow you can pass it in to the SDK using NIKEPLUS.setAuthData with the token and the expires_in property being required.
Calling NIKEPLUS.logout will clear any information about the current user that the SDK has stored.