Get Do O Auth2 Authorize

Get Do O Auth2 Authorize

This is the starting point of the OAuth 2.0 flow to authenticate end users from your application.This authorization endpoint complies with the OAuth 2.0 specifications and must be used by clients to authenticate users and obtain an authorization code. To use this endpoint, your application must be registered as an OAuth 2.0 client in VMware Identity Manager and have the 'authorization_code' grant type enabled.

Request
URI
GET
https://{api_host}//SAAS/auth/oauth2/authorize
COPY
Query Parameters
string
redirect_uri
Required

Specifies the callback endpoint in your application that will receive the authorization code. It must match the redirect_uri defined in your OAuth2.0 client registration in VMware Identity Manager. When sending the redirect_uri as a URL parameter it has to be URL encoded.

redirect_uri example
https://example-app.com/redirect?auth%3Doauth
string
client_id
Required

This is the identifier of the OAuth 2.0 client that was registered in VMware Identity Manager.

client_id example
Example_AppID
string
response_type
Required

Specifies how the application should receive the authorization response. Only 'code' is supported.

response_type example
code
string
state
Optional

A random string that your application generates and that will be sent back as a parameter during the URI redirection.

state example
5aPY-C1JSeyTiUPWV_DLDw
string
scope
Optional

The list of scopes of the authorization request separated by a space and is URL encoded. The scopes must be equivalent or a subset of the scopes defined in the OAuth2.0 client.

scope example
openid+profile+email+user
string
domain
Optional

Specifies the user's domain. If this parameter is specified, the login screen will skip the domain selection page. This can be used when it is known that a single domain is used or the domain information can be inferred automatically (from the username for example).This is a VMware Identity Manager optional parameter and is not in the OAuth 2.0 specification.

string
u
Optional

Specifies the user's login. In case your application already knows what user is going to login, and VMware Identity Manager will have to pass this user to a third-party IdP, then adding this parameter will send the username as part of the SAML request. This is a VMware Identity Manager optional parameter and is not in the OAuth 2.0 specification.


Authentication
This operation uses the following authentication methods.
Responses
200

successful operation

Operation doesn't return any data structure

400

The error can be any of those: no client_id has been specified, the client_id does not exist, the redirect_uri has not been specified or does not match. The error message will contain 'error' and 'error_description' fields. See the OAuth2.0 spec for further details.

Operation doesn't return any data structure