Finalize an Auth Request and get the callback URL.

POST 
/v2/oidc/auth_requests/:authRequestId

Finalize an Auth Request and get the callback URL for success or failure. The user must be redirected to the URL in order to inform the application about the success or failure. On success, the URL contains details for the application to obtain the tokens. This method can only be called once for an Auth request.

Request

Path Parameters

authRequestId stringrequired

Set this field when the authorization flow failed. It creates a callback URL to the application, with the error details set.

application/json

Body

required

session

object

sessionId string

Possible values: non-empty and <= 200 characters

ID of the session, used to login the user. Connects the session to the Auth Request.

sessionToken string

Possible values: non-empty and <= 200 characters

Token to verify the session is valid

error

object

Set this field when the authorization flow failed. It creates a callback URL to the application, with the error details set.

error - ERROR_REASON_INVALID_REQUEST: Error states from https://datatracker.ietf.org/doc/html/rfc6749#section-4.2.2.1 - ERROR_REASON_INTERACTION_REQUIRED: Error states from https://openid.net/specs/openid-connect-core-1_0.html#AuthError (string)

Possible values: [ERROR_REASON_UNSPECIFIED, ERROR_REASON_INVALID_REQUEST, ERROR_REASON_UNAUTHORIZED_CLIENT, ERROR_REASON_ACCESS_DENIED, ERROR_REASON_UNSUPPORTED_RESPONSE_TYPE, ERROR_REASON_INVALID_SCOPE, ERROR_REASON_SERVER_ERROR, ERROR_REASON_TEMPORARY_UNAVAILABLE, ERROR_REASON_INTERACTION_REQUIRED, ERROR_REASON_LOGIN_REQUIRED, ERROR_REASON_ACCOUNT_SELECTION_REQUIRED, ERROR_REASON_CONSENT_REQUIRED, ERROR_REASON_INVALID_REQUEST_URI, ERROR_REASON_INVALID_REQUEST_OBJECT, ERROR_REASON_REQUEST_NOT_SUPPORTED, ERROR_REASON_REQUEST_URI_NOT_SUPPORTED, ERROR_REASON_REGISTRATION_NOT_SUPPORTED]

Default value: ERROR_REASON_UNSPECIFIED

errorDescription string

errorUri string

application/grpc

Body

required

session

object

sessionId string

Possible values: non-empty and <= 200 characters

ID of the session, used to login the user. Connects the session to the Auth Request.

sessionToken string

Possible values: non-empty and <= 200 characters

Token to verify the session is valid

error

object

Set this field when the authorization flow failed. It creates a callback URL to the application, with the error details set.

error - ERROR_REASON_INVALID_REQUEST: Error states from https://datatracker.ietf.org/doc/html/rfc6749#section-4.2.2.1 - ERROR_REASON_INTERACTION_REQUIRED: Error states from https://openid.net/specs/openid-connect-core-1_0.html#AuthError (string)

Possible values: [ERROR_REASON_UNSPECIFIED, ERROR_REASON_INVALID_REQUEST, ERROR_REASON_UNAUTHORIZED_CLIENT, ERROR_REASON_ACCESS_DENIED, ERROR_REASON_UNSUPPORTED_RESPONSE_TYPE, ERROR_REASON_INVALID_SCOPE, ERROR_REASON_SERVER_ERROR, ERROR_REASON_TEMPORARY_UNAVAILABLE, ERROR_REASON_INTERACTION_REQUIRED, ERROR_REASON_LOGIN_REQUIRED, ERROR_REASON_ACCOUNT_SELECTION_REQUIRED, ERROR_REASON_CONSENT_REQUIRED, ERROR_REASON_INVALID_REQUEST_URI, ERROR_REASON_INVALID_REQUEST_OBJECT, ERROR_REASON_REQUEST_NOT_SUPPORTED, ERROR_REASON_REQUEST_URI_NOT_SUPPORTED, ERROR_REASON_REGISTRATION_NOT_SUPPORTED]

Default value: ERROR_REASON_UNSPECIFIED

errorDescription string

errorUri string

application/grpc-web+proto

Body

required

session

object

sessionId string

Possible values: non-empty and <= 200 characters

ID of the session, used to login the user. Connects the session to the Auth Request.

sessionToken string

Possible values: non-empty and <= 200 characters

Token to verify the session is valid

error

object

Set this field when the authorization flow failed. It creates a callback URL to the application, with the error details set.

error - ERROR_REASON_INVALID_REQUEST: Error states from https://datatracker.ietf.org/doc/html/rfc6749#section-4.2.2.1 - ERROR_REASON_INTERACTION_REQUIRED: Error states from https://openid.net/specs/openid-connect-core-1_0.html#AuthError (string)

Possible values: [ERROR_REASON_UNSPECIFIED, ERROR_REASON_INVALID_REQUEST, ERROR_REASON_UNAUTHORIZED_CLIENT, ERROR_REASON_ACCESS_DENIED, ERROR_REASON_UNSUPPORTED_RESPONSE_TYPE, ERROR_REASON_INVALID_SCOPE, ERROR_REASON_SERVER_ERROR, ERROR_REASON_TEMPORARY_UNAVAILABLE, ERROR_REASON_INTERACTION_REQUIRED, ERROR_REASON_LOGIN_REQUIRED, ERROR_REASON_ACCOUNT_SELECTION_REQUIRED, ERROR_REASON_CONSENT_REQUIRED, ERROR_REASON_INVALID_REQUEST_URI, ERROR_REASON_INVALID_REQUEST_OBJECT, ERROR_REASON_REQUEST_NOT_SUPPORTED, ERROR_REASON_REQUEST_URI_NOT_SUPPORTED, ERROR_REASON_REGISTRATION_NOT_SUPPORTED]

Default value: ERROR_REASON_UNSPECIFIED

errorDescription string

errorUri string

Responses

200

OK

application/json

Schema

Schema

details

object

sequence uint64

on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation

changeDate date-time

on read: the timestamp of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation

resourceOwner resource_owner is the organization or instance_id an object belongs to (string)
callbackUrl string

Callback URL where the user should be redirected, using a "302 FOUND" status. Contains details for the application to obtain the tokens on success, or error details on failure. Note that this field must be treated as credentials, as the contained code can be used to obtain tokens on behalve of the user.

Example (from schema)

{
  "details": {
    "sequence": "2",
    "changeDate": "2024-11-22T09:27:09.517Z",
    "resourceOwner": "69629023906488334"
  },
  "callbackUrl": "https://client.example.org/cb?code=SplxlOBeZQQYbYS6WxSbIA&state=af0ifjsldkj"
}

application/grpc

Schema

Schema

details

object

sequence uint64

on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation

changeDate date-time

on read: the timestamp of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation

resourceOwner resource_owner is the organization or instance_id an object belongs to (string)
callbackUrl string

Callback URL where the user should be redirected, using a "302 FOUND" status. Contains details for the application to obtain the tokens on success, or error details on failure. Note that this field must be treated as credentials, as the contained code can be used to obtain tokens on behalve of the user.

Example (from schema)

{
  "details": {
    "sequence": "2",
    "changeDate": "2024-11-22T09:27:09.517Z",
    "resourceOwner": "69629023906488334"
  },
  "callbackUrl": "https://client.example.org/cb?code=SplxlOBeZQQYbYS6WxSbIA&state=af0ifjsldkj"
}

application/grpc-web+proto

Schema

Schema

details

object

sequence uint64

on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation

changeDate date-time

on read: the timestamp of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation

resourceOwner resource_owner is the organization or instance_id an object belongs to (string)
callbackUrl string

Callback URL where the user should be redirected, using a "302 FOUND" status. Contains details for the application to obtain the tokens on success, or error details on failure. Note that this field must be treated as credentials, as the contained code can be used to obtain tokens on behalve of the user.

Example (from schema)

{
  "details": {
    "sequence": "2",
    "changeDate": "2024-11-22T09:27:09.517Z",
    "resourceOwner": "69629023906488334"
  },
  "callbackUrl": "https://client.example.org/cb?code=SplxlOBeZQQYbYS6WxSbIA&state=af0ifjsldkj"
}

403

Returned when the user does not have permission to access the resource.

application/json

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

application/grpc

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

application/grpc-web+proto

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

404

Returned when the resource does not exist.

application/json

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

application/grpc

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

application/grpc-web+proto

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

default

An unexpected error response.

application/json

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

application/grpc

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

application/grpc-web+proto

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Loading...