Skip to main content
POST
OAuth 2.1 PKCE authorize

Body

application/json
data
object
required

Authorization request body. The approval page posts this on the user's behalf after they sign in and approve. The server validates the loopback redirect URI and PKCE code challenge, then mints a one-shot authorization code bound to the active session.

Response

The request has succeeded.

data
object
required

Authorization response. The browser is redirected to redirect_url to hand the code back to the client's loopback listener.