Use this endpoint to trigger authorization request

get https://{pointofcontact}/oauth2/authorize

The authorization endpoint is used to interact with the resource owner
and obtain an authorization grant. The authorization server MUST first
verify the identity of the resource owner.

time	status	user agent
Retrieving recent requests…

Loading…

Query Params

request

string

Request object, signed and/or encrypted JWT.
When used, it may contain all the properties below. For FAPI, besides parameters
used by client authentication, all the other parameters should be inside
the request object. Based on OIDC specification, it is possible to have
the same parameters inside and outside request object, but the one inside the
request object will supercede the one outside.

request_uri

string

A URI pointing to request object. Upon receiving this, the OIDC Provider is
expected to fetch the request object first. In the case of Pushed Authorize
scenario, the request_uri points to a location known by OIDC Provider.

client_id

string

required

OAuth 2.0 Client identifier

response_type

string

OAuth 2.0 response_type value that determines the
authorization processing flow to be used

response_mode

string

Mechanism to be used for returning parameters from the
Authorization Endpoint

redirect_uri

string

Redirection URI to which the response will be sent. This URI MUST
exactly match one of the Redirection URI values for the Client
pre-registered at the OIDC Provider

state

string

Opaque value used to maintain state between the request and the callback.

nonce

string

Value used to associate a Client session with an ID Token to mitigate replay attacks

prompt

string

Space-delimited string that specifies whether the Authorization Server
prompts the End-User for reauthentication and consent.

max_age

number

Maximum Authentication Age. Specifies the allowable elapsed time in seconds
since the last time the End-User was actively authenticated by the OIDC Provider.
If the elapsed time is greater than this value, the OIDC Provider MUST attempt to
actively re-authenticate the End-User.

code_challenge

string

Code challenge used as proof for code exchange

code_challenge_method

string

Method used to calculate the code challenge

scope

string

Space-delimited string indicating the OAuth 2.0 scope requested.
OpenID Connect requests MUST contain the openid scope value.

claims

string

JSON string that contains individual claims requested.

login_hint

string

Hint to the Authorization Server about the login identifier the End-User might
use to log in (if necessary)

Responses

400

OAuth error page

500

OAuth error page

Language

URL


xxxxxxxxxx
1
curl --request GET \
2
     --url https://pointofcontact/oauth2/authorize \
3
     --header 'accept: text/html'

Click Try It! to start a request and see the response here! Or choose an example:

*/*

200Authorization page response

302Authorization redirection response