This endpoint takes an authentication bearer token in the header, or as the query parameter “access_token”. However, for security purposes, it is recommended that the token is passed in by using the POST API call.
It uses “scoped=true” as a query parameter optionally. When “scoped=true” is given, the cookie created is be used to login to app scoped application. If “scoped=true” is not given, the cookie created is used to login to non-app scoped application.
It uses “redirect_url” as a query parameter as optionally. When “redirect_url” is given, the call will redirect to the redirect URL with the authenticated session.
201An access token was successfully exchanged for an IBM Security Verify session credential.
302Returned when the "redirect_url" parameter is passed in. After a successful token exchange the browser will be redirected to the redirect_url