Authorize end user to sign-up or sign-in using social login credentials
Initiate a social login (OAuth) sign-up or sign-in process for an end user. Descope will coordinate the authorization process with the OAUth provider specified in the provider
field. Specify the URL you want to redirect the end user to after a successful sign-in in the redirectURL
parameter.
When the OAuth authorization completes successfully, the endpoint returns a URL url
that has a unique code \<unique-code\\>
appended as a URL parameter to the redirectURL
you provided. For example, if redirectURL = https://oauth.mycompany.com/shopping.htm
then url = https://oauth.mycompany.com/shopping.htm?code=<unique-code\>
. The unique code will be exchanged for a valid user object in the next step.
After the end user successfully authenticates with the OAuth provider the end user session is redirected to url
.
Next Steps
Call the Exchange Code endpoint from the flow that responds to the URL specified in the redirectURL
field, to exchange the unique code for a user session object.
See Also
- See The User Object for further details on how to identify users and their contact information such as email addresses and phone number.
- See User Login Options for further details on the stepup, mfa, and customClaims parameters.
Endpoint Authentication
Use authorization bearer header with the following format:
Authorization: Bearer <Project ID>
Authorization
Authorization
RequiredBearer <token>
In: header
Request Body
stepup
boolean
Default: false
customClaims
object
mfa
boolean
Default: false
ssoAppId
string
templateOptions
object
locale
string
pkceChallenge
string
relevant only for enchanted links in the point in time - other methods will ignore this field
Format:"bytes"
Query Parameters
provider
string
redirectUrl
string
prompt
array<string>
test
boolean
Status code | Description |
---|---|
200 | OK |