PkceFlowAuthorizationRequest
{
"grant_type": "string",
"code": "string",
"redirect_uri": "string",
"refresh_token": "string",
"scope": "string",
"org_id": "string",
"subject_token": "string",
"subject_token_type": "string",
"code_verifier": "string",
"client_id": "string"
}
OAuth grant types for different use cases.
Authorization code parameter. Mandatory for grant_type 'authorization_code'.
Service redirect uri. Mandatory for grant_type 'authorization_code'.
Refresh token parameter. Available for grant_type 'refresh_token'.
Currently not supported. Present for CSP compatibility.
Unique identifier (GUID) of the organization. Available for grant_type 'client_credentials'.
Required if the grant_type is 'client_delegate'. A security token that represents the identity of the party on behalf of whom the request is being made. In client_delegate flow, the token provided MUST BE the access token of the user.
Required if the grant_type is 'client_delegate'. The identifier for the subject token provided as per RFC 8693 https://tools.ietf.org/html/rfc8693#section-3. In 'client_delegate' flow, this value MUST BE 'urn:ietf:params:oauth:token-type:access_token'.
A high-entropy cryptographic random key using the characters [A-Z] / [a-z] / [0-9] / '-' / '.' / '_' / '~' with a minimum length of 43 characters and a maximum length of 128 characters which was used to generate the 'code_challenge' and obtain the authorization code. Required if PKCE was used in the authorization code grant request. For more information, refer the PKCE RFC at https://tools.ietf.org/html/rfc7636.
Required if the grant_type is 'authorization_code'.If provided in request body,it must match with the client_id sent in the authorization header.