Skip to content

OAuth Authorize

Starts OAuth authorization-code flow from OpenASA Provider side.

Method and path

  • Method: GET
  • Path: /oauth/authorize
  • Auth: browser session required

Query parameters

  • response_type: must be code
  • client_id
  • redirect_uri
  • scope
  • state
  • nonce
  • code_challenge
  • code_challenge_method: must be S256

Response

  • Success: 302 redirect to redirect_uri?code=...&state=...
  • Errors:
  • 401: no active browser session
  • 400: invalid request parameters

Example request

GET /oauth/authorize?response_type=code&client_id=shop_web&redirect_uri=https%3A%2F%2Fshop.example.com%2Foauth%2Fcallback&scope=openid%20profile%20email&state=s_8chars_min&nonce=n_8chars_min&code_challenge=abc123&code_challenge_method=S256

Example success redirect

https://shop.example.com/oauth/callback?code=<authorization_code>&state=s_8chars_min