This endpoint takes an authentication bearer token in the header, or as the query parameter “access_token”.
It uses “scoped=true” as a query parameter optionally. When “scoped=true” is given, the cookie created is be used to login to app scoped application. If “scoped=true” is not given, the cookie created is used to login to non-app scoped application.
It uses “redirect_url” as a query parameter as optionally. When “redirect_url” is given, the call will redirect to the redirect URL with the authenticated session.