# Authorization

| **Description** | Redirects the user to Ellipsis Drive to give authorization. |
| --------------- | ----------------------------------------------------------- |
| **Endpoint**    | `/oauth/authorize`                                          |
| **Method**      | GET                                                         |

### Parameters

<table><thead><tr><th width="250.0982986767486">Name</th><th width="305.3333333333333">Description</th><th>Required</th></tr></thead><tbody><tr><td><code>response_type</code></td><td>Must be "code" to emphasize that the authorization code grant type is used.</td><td></td></tr><tr><td><code>client_id</code></td><td>The client id given during the client registration.</td><td></td></tr><tr><td><code>redirect_uri</code></td><td>The location to which to redirect the user after the completion of the authorization. This redirect location must exactly match one of the registered redirect uri's. If only one redirect uri is registered this argument becomes optional and the only exisiting redirect uri will be used as default.</td><td>false</td></tr><tr><td><code>scope</code></td><td>A string seperated list of the requested scopes. Currently "projects" is both the default and only supported scope, which allows the use of all API calls except those in /settings/account.</td><td>false</td></tr><tr><td><code>state</code></td><td>A random string used by the client to avoid CSRF attacks.</td><td>false</td></tr><tr><td><code>code_challenge</code></td><td>The code challenge of the PKCE. If this argument is omitted PKCE will not be used.</td><td>false</td></tr><tr><td><code>code_challenge_method</code></td><td>The method used to transform the code verifier to the code challenge. Required if a code challenge is given. Must be one of 'plain' or 'S256'. Defaults to 'plain' when a code challenge is given.</td><td>false</td></tr><tr><td></td><td></td><td></td></tr></tbody></table>

{% hint style="info" %}
This call will redirect the user to the Ellipsis Drive authorization page for the authorization of the requested scope. If the authorization is completed successfully the user is redirected to the redirect URI with query parameters code, containing an authorization code that is valid for 1 minute, and state (if supplied in the request) that should be checked to avoid CSRF attacks. Alternatively, if an error occurs during the authorization the user is redirected to the given redirect URI if possible, with query parameters error, error\_description and state describing why the process failed (e.g. error='access\_denied', error\_description='The user has refused access.').
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.ellipsis-drive.com/developers/api-v3/oauth/authorization.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.