Generate Authorization Code and Identity Token (3-legged OAuth Flow)

get

/oauth2/v1/authorize

Request

Query Parameters
Header Parameters
Back to Top

Response

Supported Media Types

200 Response

Authorization Code generated

400 Response

Invalid request
Body ()
Root Schema : error
Type: object
Error message that appears during Device Code and User Code generation
Show Source

401 Response

Unauthorized client
Body ()
Root Schema : error
Type: object
Error message that appears during Device Code and User Code generation
Show Source

500 Response

Internal Server Error
Body ()
Root Schema : error
Type: object
Error message that appears during Device Code and User Code generation
Show Source
Back to Top

Examples

The following example shows how to generate an authorization code and an identity token (3-legged OAuth flow) by submitting a GET request on the REST resource using the browser.

Example requests and responses for the next step in this 3-legged OAuth flow (obtaining the access token) can be found on the Examples tab for the oauth2/v1/token endpoint.

See the Authorization section for more information on grant types.

Authorization Code Request and Response Examples

Note:

The command in this example uses the URL structure https://tenant-base-url/resource-path, where tenant-base-url represents the Identity Service URL, and the resource path represents the Identity Service API. See Send Requests for the appropriate URL structure to use.

Request Example: Confidential/Trusted Client

The following shows an example request when a confidential/trusted client requests an Authorization Code.

GET https://tenant-base-url/oauth2/v1/authorize?client_id=<client-id>&response_type=code&redirect_uri=<client-redirect-uri>&scope=openid&nonce=<nonce-value>&state=1234 

Request Example: Public Client

The following shows an example request when a public client requests an Authorization Code.

GET https://tenant-base-url/oauth2/v1/authorize?client_id=<client-id>&response_type=id_token&redirect_uri=<client-redirect-uri>&scope=openid&nonce=<nonce-value>&state=1234

Response Example

The following example shows the contents of the response body in JSON format:

{
    "value": "http://tenant-base-url/IDCSPlayground/#code=AQIDBAWQKKqQbTCuMCFRVvAU_DUXq32f2Yvcp_0YIxm9u1JoHbzVDZf90TduCFhLGin0z5vv0IXdoVqsCMqKv4IravM8MTEgRU5DUllQVElPTl9LRVkxNCB7djF9NCA=&id_token=eyJ4NXQjUzI1NiI6Ijg1a3E1MFVBVmNSRDJOUTR6WVZMVDZXbndUZmVidjBhNGV2YUJGMjFqbU0iLCJ4NXQiOiJNMm1hRm0zVllsTUJPbjNHZXRWV0dYa3JLcmsiLCJraWQiOiJTSUdOSU5HX0tFWSIsImFsZyI6IlJTMjU2In0.eyJ1c2VyX3R6IjoiQW1lcmljYVwvQ2hpY2FnbyIsInN1YiI6ImFkbWluQG9yYWNsZS5jb20iLCJ1c2VyX2xvY2FsZSI6ImVuIiwidXNlcl9kaXNwbGF5bmFtZSI6ImFkbWluIG9wYyIsImNzciI6ImZhbHNlIiwic3ViX21hcHBpbmdhdHRyIjoidXNlck5hbWUiLCJpc3MiOiJodHRwczpcL1wvaWRlbnRpdHkub3JhY2xlY2xvdWQuY29tXC8iLCJ0b2tfdHlwZSI6IklUIiwidXNlcl90ZW5hbnRuYW1lIjoidGVuYW50MSIsImNsaWVudF9pZCI6IjFlMzQ5MDlkMjQ4OTQ1Y2U5NmZlMzgzY2Y3MDE2ZTc0Iiwic2lkIjoiM2UxNThkODQtMDM2Yi00YzIzLWExMDItZTk3YWYxOTMwOWEzIiwiYXVkIjpbImh0dHBzOlwvXC9pZGVudGl0eS5vcmFjbGVjbG91ZC5jb21cLyIsIjFlMzQ5MDlkMjQ4OTQ1Y2U5NmZlMzgzY2Y3MDE2ZTc0Il0sInVzZXJfaWQiOiIzZTFjY2Q3NTc2YWQ0MjlkYjBmMTEwZjVjOTVlMjBhNiIsImF1dGhuX3N0cmVuZ3RoIjoyLCJhdXRoX3RpbWUiOjE0NjQ4MjgxNzYsInNlc3Npb25fZXhwIjoxNDY0ODU2OTc2LCJ1c2VyX2xhbmciOiJlbiIsImV4cCI6MTQ2NDg1Njk3NiwiaWF0IjoxNDY0ODMxNTAxLCJqdGkiOiI4NGYxNjUwNi0zZGNiLTQ1NTItODk4OC03NWNlYzcxMzA3NzEifQ.O-nkZ0D_EXlvlJKBOMaSL42Xr7uufi5jSIMcvQ95fm9LZ9cRcToxkzpb8fyh4GKwWgCTfbwQPbf36lIz3zZqPUCb6irzLi9KxAFWs0eXtqOOZhR7QTV3S5Hm6d9IApyA5S_zf3hNLM64-b8DhOLAcaI1-_pFfe_wvDRzvi0Mo3c"
  }
Back to Top