Exchange a valid bearer token for an authenticated browser session

This endpoint takes an authentication bearer token that is provided in the body of "x-www-form-urlencoded" POST request”.

It uses “scoped=true” as a query parameter optionally. When “scoped=true” is given, the cookie that is created is used to login to an app-scoped application. If “scoped=true” is not given, the cookie that created is used to log in to a nonapp-scoped application.

It uses “redirect_url” as an optional query parameter. When “redirect_url” is given, the call redirects to the redirect URL with the authenticated session.

Query Params
boolean

If true, it creates a session for app-scoped application login. If false, it creates a session for nonapp-scoped application login.

string

The URL where the request is redirected after the session is created. The URL must be URL encoded or the authenticated redirect might fail. An error is returned if the URL is not allowed.
A valid URL must match one of these conditions:
- Starts with the tenant name, "https://tenantname.com"
- Is a relative path, it starts with "/"
- It matches one of the URLs in the list of allowed URL in the Session Exchange management API

Form Data
string

The access token that is used to create the authenticated browser session that is sent as "x-www-form-urlencoded" form parameter

Responses
201

An access token was successfully exchanged for an IBM Security Verify session credential.

302

Returned when the "redirect_url" parameter is passed in. After a successful token exchange the browser is redirected to the redirect_url.

Language
URL
Choose an example:
*/*