> ## Documentation Index
> Fetch the complete documentation index at: https://docs.harmonyforstaffing.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Authorize

> Initiate OAuth 2.0 authorization flow

Initiate the OAuth 2.0 authorization code flow. This endpoint is used for web applications that need to authenticate users.

### Query Parameters

<ParamField query="client_id" type="string" required>
  Your application's client ID
</ParamField>

<ParamField query="redirect_uri" type="string" required>
  The URI to redirect to after authorization (must match registered URIs)
</ParamField>

<ParamField query="response_type" type="string" required>
  Must be "code"
</ParamField>

<ParamField query="scope" type="string">
  Space-separated list of requested scopes
</ParamField>

<ParamField query="state" type="string">
  Random string to prevent CSRF attacks
</ParamField>

<ParamField query="code_challenge" type="string">
  PKCE code challenge (recommended)
</ParamField>

<ParamField query="code_challenge_method" type="string">
  PKCE challenge method (e.g. "S256")
</ParamField>

### Response

Upon successful authorization, the user will be redirected to the `redirect_uri` with:

* An authorization code (`code`) parameter
* The original `state` parameter (if provided)

<RequestExample>
  ```bash theme={null}
  curl --request GET \
    --url "https://api.example.com/oauth/authorize?client_id=your_client_id&redirect_uri=https://your-app.com/callback&response_type=code&scope=read write&state=random_state_string&code_challenge=challenge&code_challenge_method=S256" \
    --header 'Accept: application/json'
  ```
</RequestExample>

<ResponseExample>
  ```json theme={null}
  {
    "error": "invalid_request",
    "error_description": "Client authentication failed or missing parameters"
  }
  ```
</ResponseExample>