Authorization
Description
Redirects the user to Ellipsis Drive to give authorization.
Endpoint
/oauth/authorize
Method
GET
Parameters
response_type
Must be "code" to emphasize that the authorization code grant type is used.
client_id
The client id given during the client registration.
redirect_uri
The location to which to redirect the user after the completion of the authorization. This redirect location must exactly match one of the registered redirect uri's. If only one redirect uri is registered this argument becomes optional and the only exisiting redirect uri will be used as default.
false
scope
A string seperated list of the requested scopes. Currently "projects" is both the default and only supported scope, which allows the use of all API calls except those in /settings/account.
false
state
A random string used by the client to avoid CSRF attacks.
false
code_challenge
The code challenge of the PKCE. If this argument is omitted PKCE will not be used.
false
code_challenge_method
The method used to transform the code verifier to the code challenge. Required if a code challenge is given. Must be one of 'plain' or 'S256'. Defaults to 'plain' when a code challenge is given.
false
This call will redirect the user to the Ellipsis Drive authorization page for the authorization of the requested scope. If the authorization is completed successfully the user is redirected to the redirect URI with query parameters code, containing an authorization code that is valid for 1 minute, and state (if supplied in the request) that should be checked to avoid CSRF attacks. Alternatively, if an error occurs during the authorization the user is redirected to the given redirect URI if possible, with query parameters error, error_description and state describing why the process failed (e.g. error='access_denied', error_description='The user has refused access.').
Last updated