redirect_uri
parameter.redirect_uri
.https://example.com/callback
.GET
/oauth2/authorize
GET /oauth2/authorize?scope=openid&client_id=TENANT_CLIENT_ID&redirect_uri=https%3A%2F%2FTENANT.APP.DOMAIN%2Flogin%2Foauth2%2Fcode%2FTENANT_APP_ID&response_type=code&state=MOCK_STATE&code_challenge_method=S256&code_challenge=MOCK_CODE_CHALLENGE&auth_source_id=MOCK_USERNAME_PASSWORD_AUTH_SOURCE_ID HTTP/1.1Host: sample.portal.tencentciam.com
Parameter | Optional | Description |
scope | false | Fixed value: openid . |
client_id | false | The client_id of the application. Go to the application management page and select the application, and then click Application Configuration to find the Client ID. |
redirect_uri | false | The redirected address after authorization. This should be the same as the address configured on the console. |
response_type | false | Fixed value: code . |
state | true | A string randomly generated by the application, which will be returned by the server to the application as an HTTP response parameter. To prevent cross-site request forgery (CSRF) attacks, we recommend that you use this parameter. |
code_challenge_method | false | Algorithm for calculating the PKCE code_challenge. Only S256 is supported. |
code_challenge | false | |
auth_source_id | true | The ID of the authentication source for login. If this parameter is not specified, the default login page is displayed. |
HTTP/1.1 302 FoundLocation: https://sample.portal.tencentciam.com/portal/login?p_state=MOCK_LOGIN_PORTAL_STATE
state
parameter carried.HTTP/1.1 302 FoundLocation: https://example.com/callback?code=DVtNBg5XGqeu2IytLi6WOWwfh7pRc5jqI8vUb2K8k_2OryR2OsYN3260DwhlTDqEMtUSD1XN6gNuRDjYQ25nJX6H8MzfpIxJHIoi0tdtkXfRpV1ELhmw7behuwYraTlC&state=MOCK_STATE
code
parameter is returned in the application callback address, the API for getting the Token via PKCE mode should be called to get the Access Token and ID Token for login.client_id
parameter is missing or incorrect.HTTP/1.1 400 Bad Request
redirect_uri
parameter does not match the sign-up information.HTTP/1.1 400 Bad Request
response_type
parameter is missing or incorrect.HTTP/1.1 400 Bad Request
code_challenge_method
parameter is not supported.HTTP/1.1 302 FoundLocation: https://example.com/callback?error=invalid_request&error_description=OAuth%202.0%20Parameter:%20code_challenge_method&error_uri=https://datatracker.ietf.org/doc/html/rfc7636%23section-4.4.1&state=MOCK_STATE
Was this page helpful?