Step 12: Send an authorization request
GET {{authPath}}/{{envID}}/as/authorize?response_type=code&client_id={{customResourceAppID}}&redirect_uri=https://www.google.com&scope={{customResourceScopeName}}
The PingOne authorization endpoint /{{envID}}/as/authorize is used to interact with the resource owner and obtain an authorization grant. The authorization request must include values for the following properties:
client_id
A string that specifies the application's UUID, which was returned in Step 1.
response_type
A string that specifies the code or token type returned by an authorization request. For this activity, the value is code.
redirect_uri
A string that specifies the URL that specifies the return entry point of the application. The redirect_uri property value is defined in Step 1.
scope
A string that specifies permissions that determine the resources that the application can access. In this use case, the custom scope name is returned in Step 4.
The response returns a 302 message with a flowID embedded in the Location header, which specifies that a call should be made to another resource to continue the authentication flow. The Location header looks like this:
Location: https://apps.pingone.com/5caa81af-ec05-41ff-a709-c7378007a99c/signon/?flowId=72df1cd2-3b99-4225-a1fa-6dc9ec0f78fc
Information from the URL in the Location header will be used in the following steps of this workflow. You do not need to do anything with the Location data.
Note: If this call fails to return a 302 HTTP Status, for a possible solution see Configuring and managing Qodex.
Request Params
| Key | Datatype | Required | Description |
|---|---|---|---|
response_type | string | ||
client_id | string | ||
redirect_uri | string | ||
scope | string |