API ReferenceApplications
GET
oauth2/v1/{project_id}/authorizePath Parameters
project_id*string
Query Parameters
response_type?string
response_type, scope and state are required for OIDC but marked optional so a PAR client may omit them from the outer authorize request and carry them via request_uri (RFC 9126 §4). The resolved values are enforced in OIDCService.OIDCAuthZEndpointStart (after applyPARToOIDCAuthZRequest): response_type and state must be present, scope must contain "openid". The PAR push (handleOIDCPAR) requires the same fields up front for fail-fast.
scope?string
client_id?string
state?string
redirect_uri?string
code_challenge_method?string
PKCE
code_challenge?string
dynamic_val?string
nonce?string
ssoAppId?string
loginHint?string
prompt?string
flow?string
flow_token?string
tenant?string
style?string
dpop_jkt?string
request_uri?string
OIDC GET authorization endpoint start (by projectId, for an imported client_id)
curl -X GET "https://api.descope.com/oauth2/v1/string/authorize"{}export interface Response {} Was this helpful?