Endpoint URL: {registrationDomain} /access/getAuthorizationCode
Description
Returns an authorization code that can be exchanged for an access token and a refresh token. For a video demo in Postman, click here.
Respects the API Client Allow List: Yes
API Client Permissions
The following table indicates the API clients that can (and the API clients that can't) be used to call this endpoint:
owner | access_issuer | direct_access | direct_read_access | login_client |
Yes | Yes | Yes | No | No |
Authentication
This endpoint supports both Basic authentication (recommended) and janrain-signed authentication.
How to Create an Authentication String
Base URL
The base URL for this endpoint is your Identity Cloud Capture domain; for example:
https://educationcenter.us-
Your Capture domains (also known as Registration domains) can be found in the Console on the Manage Application page:
Examples
Example Request
This command returns an authorization code for the user with the ID 11521.
curl -X POST \ -H "Authorization: BasicdXQ0YmdycmE3dzI4MmpjZm15cGZxeDlwemhxaGpqMmI6dW5qemU5bndrZnV5NmpwdzgzOHFwYTdhZDNoZG55YTY="\ --data-urlencode redirect_uri=http://documentation.janraincapture.com/oauth \ --data-urlencode id=11521 \ --data-urlencode type_name=user \https://my-app.janraincapture.com/access/getAuthorizationCode
Running this command in Postman
Query Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| uuid | string | No | UUID of the user account. This parameter is required unless you are using either the id parameter or the key_attribute parameter. |
| id | string | No | ID of the user account. This parameter is required unless you are using either the uuid parameter or the key_attribute parameter. |
| key_attribute | string | No | Unique attribute found in the user account schema. This parameter is required unless you are using either the id parameter or the uuid parameter. |
| key_value | string | No | Value assigned to the key_attribute parameter. |
| redirect_uri | string | Yes | Token exchange URL. |
| type_name | string | Yes | Name of the entityType. |
| transaction_state | string | No | JSON object that will be associated with the authorization code and returned when it is exchanged for an access_token and a refresh token. You determine what data is returned. |
| lifetime | string | No | Number of seconds for which the code is valid. The default is 30 seconds. |
| for_client_id | string | No | Client ID of the API login client being used to retrieve an authorization code. This parameter is not required, although it's generally recommended. If for_client_id isn't used in your API call then any API client can exchange the returned authorization code for an access token. However, if you do include this parameter then only the client specified by for_client_id can exchange the authorization code for an access token. See the /oauth/token endpoint documentation for more information. |
Responses
200 OK
Response Example (application/json)
{
"authorizationCode": "12345678912345",
"stat": "ok"
}
