Get an Authorization Code

Endpoint URL: {registrationDomain} /access/getAuthorizationCode



Description

Returns an authorization code that can be exchanged for an access token and a refresh token. For a video demo in Postman, click here.


Respects the API Client Allow List: Yes


API Client Permissions

The following table indicates the API clients that can (and the API clients that can't) be used to call this endpoint:

owner
access_issuer
direct_access
direct_read_access
login_client
Yes
Yes
Yes
No
No


Authentication

This endpoint supports both Basic authentication (recommended) and janrain-signed authentication.

How to Create an Authentication String


Base URL

The base URL for this endpoint is your Identity Cloud Capture domain; for example:

https://educationcenter.us- dev.janraincapture.com

Your Capture domains (also known as Registration domains) can be found in the Console on the Manage Application page:

Examples

Example Request

This command returns an authorization code for the user with the ID 11521.


curl -X POST \
  -H "Authorization: Basic dXQ0YmdycmE3dzI4MmpjZm15cGZxeDlwemhxaGpqMmI6dW5qemU5bndrZnV5NmpwdzgzOHFwYTdhZDNoZG55YTY="\
  --data-urlencode redirect_uri=http://documentation.janraincapture.com/oauth \
  --data-urlencode id=11521 \
  --data-urlencode type_name=user \
  https://my-app.janraincapture.com/access/getAuthorizationCode
                                        

      Running this command in Postman


Query Parameters

ParameterTypeRequiredDescription
uuidstringNoUUID of the user account. This parameter is required unless you are using either the id parameter or the key_attribute parameter.
 
idstringNoID of the user account. This parameter is required unless you are using either the uuid parameter or the key_attribute parameter.
 
key_attributestringNoUnique attribute found in the user account schema. This parameter is required unless you are using either the id parameter or the uuid parameter.
 
key_valuestringNoValue assigned to the key_attribute parameter.
 
redirect_uristringYesToken exchange URL.
 
type_namestringYesName of the entityType.
 
transaction_statestringNoJSON object that will be associated with the authorization code and returned when it is exchanged for an access_token and a refresh token. You determine what data is returned.
 
lifetimestringNoNumber of seconds for which the code is valid. The default is 30 seconds.
 
for_client_idstringNoClient ID of the API login client being used to retrieve an authorization code.

This parameter is not required, although it's generally recommended. If for_client_id isn't used in your API call then any API client can exchange the returned authorization code for an access token. However, if you do include this parameter then only the client specified by for_client_id can exchange the authorization code for an access token. See the /oauth/token endpoint documentation for more information.
 


Responses

200 OK

Response Example (application/json)


{
  "authorizationCode": "12345678912345",
  "stat": "ok"
}