-
Notifications
You must be signed in to change notification settings - Fork 29
/
Copy pathV1_oauth_authorize_code.yml
51 lines (51 loc) · 2.4 KB
/
V1_oauth_authorize_code.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
swagger: '2.0'
info:
x-copyright: 'Copyright IBM Corp. 2017'
title: Authorize on behalf of a user
description: "Request authorization code to authorize on behalf of a user."
version: 1.0.0
host: api.watsonwork.ibm.com
schemes:
- https
paths:
'/oauth/authorize':
get:
summary: Authorize as a user with the authorization code grant flow
description: "Standard OAuth2 endpoint for authorizing users via OAuth2. This endpoint returns an Authorization Code\n\n More Information in [Section 4.1 of RFC 6749](https://tools.ietf.org/html/rfc6749#section-4.1)\n\nExample: https://api.watsonwork.ibm.com/oauth/authorize?response_type=code&client_id=123456789&redirect_uri=example.mybluemix.net/callback&state=123456789"
parameters:
- name: client_id
in: query
description: "Your application’s id (appId)"
required: true
type: string
- name: response_type
in: query
description: "Desired response type. Code grant uses `code`."
required: true
type: string
enum:
- code
default: "code"
- name: redirect_uri
in: query
description: "Redirect after completing interaction with IdP (Identity Provider)."
required: true
type: string
- name: state
in: query
description: "An opaque value to prevent Cross-Site request forgery. Apps should use the following guidelines https://tools.ietf.org/html/rfc6749#section-10.12"
required: true
type: string
- name: scope
in: query
description: "Level of access that the app wants the user to authorize. If not specified, the default scopes on app creations will be used."
required: false
type: string
responses:
302:
description: "If we grant the access request, the authorization server issues an authorization code and delivers it to the client by adding that code and the state to the query component of the redirection URI. Example: https://client.example.com/cb?code=SplxlOBeZQQYbYS6WxSbIA&state=xyz\n\nError Response: If we deny the access request, we will add error=access_denied to the query component of the redirection URI."
headers:
Location:
type: string
Set-Cookie:
type: string