Skip to end of banner
Go to start of banner

OAuth 2.0

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

This topic describes how to consume the EmpowerID REST API with the different OAuth 2.0 flows. Please note that before you can use the framework with your application, you must register that application in EmpowerID. This generates an API Key, Client Secret and Client ID for your application.

You can download sample .NET framework code at https://dl.empowerid.com/OAuthTestSamplecode.zip

OAuth Discovery Endpoint

https://<EID Server>/oauth/.well-know/openid-configuration

Authorization Code Grant

  1. Initiate a login request to the EmpowerID Authorization URL.

    • response_type=code — Must be "code" to initiate authorization code flow. For OpenID connect use "code id_token" as a response type.

    • client_id — This specifies the EmpowerID OAuth application client identifier

    • redirect_uri — This specifies the client endpoint to which the authorization server should redirect after request approval

    • state — This is a random string value sent by the client to maintain session and prevent CSR attacks

    • nonce — This is a random string value sent by client to uniquely identify each request

    • scope=openid — Include scope as id_token for OpenID connect flow

IN THIS ARTICLE

  • No labels