Step 6: Send the authorization request
GET {{authPath}}/{{envID}}/as/authorize?response_type=code&redirect_uri=https://www.example.com&scope=openid profile&client_id={{RegistrationAppID}}
The PingOne authorization endpoint /{{envID}}/as/authorize is used to interact with the resource owner and obtain an authorization grant. The authorization request must include values for the following properties:
client_id
A string that specifies the application's UUID, which was returned in Step 1.
response_type
A string that specifies the code or token type returned by an authorization request. For this activity, the value is code.
redirect_uri
A string that specifies the URL that specifies the return entry point of the application. The redirect_uri property value defined in Step 1 is https://example.com.
scope
A string that specifies permissions that determine the resources that the application can access. This activity specifies the openid and profile OIDC scopes.
The response returns a 302 message with a flowID embedded in the Location header, which specifies that a call should be made to another resource to continue the authentication flow. The Location header looks like this:
Location: https://apps.pingone.com/5caa81af-ec05-41ff-a709-c7378007a99c/signon/?flowId=72df1cd2-3b99-4225-a1fa-6dc9ec0f78fc
Note: If this call fails to return a 302 HTTP Status, for a possible solution see Configuring and managing Qodex.
Request Params
| Key | Datatype | Required | Description |
|---|---|---|---|
response_type | string | Required | |
max_age | number | Optional - uses seconds | |
redirect_uri | string | ||
scope | string | ||
login_hint | string | ||
client_id | string |