Skip to main content
GET
/
oauth
/
authorize
curl --request GET \
  --url "https://api.example.com/oauth/authorize?client_id=your_client_id&redirect_uri=https://your-app.com/callback&response_type=code&scope=read write&state=random_state_string&code_challenge=challenge&code_challenge_method=S256" \
  --header 'Accept: application/json'

{
  "error": "invalid_request",
  "error_description": "Client authentication failed or missing parameters"
}
Initiate the OAuth 2.0 authorization code flow. This endpoint is used for web applications that need to authenticate users.

Query Parameters

client_id
string
required
Your application’s client ID
redirect_uri
string
required
The URI to redirect to after authorization (must match registered URIs)
response_type
string
required
Must be “code”
scope
string
Space-separated list of requested scopes
state
string
Random string to prevent CSRF attacks
code_challenge
string
PKCE code challenge (recommended)
code_challenge_method
string
PKCE challenge method (e.g. “S256”)

Response

Upon successful authorization, the user will be redirected to the redirect_uri with:
  • An authorization code (code) parameter
  • The original state parameter (if provided)
curl --request GET \
  --url "https://api.example.com/oauth/authorize?client_id=your_client_id&redirect_uri=https://your-app.com/callback&response_type=code&scope=read write&state=random_state_string&code_challenge=challenge&code_challenge_method=S256" \
  --header 'Accept: application/json'

{
  "error": "invalid_request",
  "error_description": "Client authentication failed or missing parameters"
}