Authorization
Descope Project ID Project ID as bearer token.
In: header
Request Body
application/json
Starts a full OAuth flow using native APIs
curl -X POST "https://api.descope.com/v1/auth/oauth/native/start" \ -H "Content-Type: application/json" \ -d '{}'{ "clientId": "string", "stateId": "string", "nonce": "string", "implicit": true, "errorId": "string"}export interface Response {clientId?: stringstateId?: stringnonce?: stringimplicit?: booleanerrorId?: string}Create Redirect URI for Sign-Up Request POST
### Create an OAuth Redirect URI for user Sign-In Request This endpoint allows you to create an OAuth Redirect URI for user Sign-In Request. ### See Also - See [The User Object](/api/overview#the-user-object) for further details on how to identify users and their contact information such as email addresses and phone number.
Exchange SSO Code POST
### Exchange SSO SAML code for Descope user session This endpoint will exchange the unique SAML code (also called a token) for the Descope session information needed for managing the end user session. Call this endpoint from your code flow that responds to the `url` that was returned by the [Sign-In](/api/oauth/sign-up-sign-in) endpoint. The unique code `<unique-code\>` is appended as a URL parameter: `code=<unique-code\>`, for example, `url = https://sso.mycompany.com/mywork.htm?code=<unique-code\>`. ### Next Steps 1. Extract the unique code `<unique-code\>` from the URL parameter. 2. Call this endpoint, passing the `<unique-code\>` as the request parameter The response object includes the session JWT (sessionJwt) and refresh JWT (refreshJwt) when this endpoint completes successfully. ### See Also - See [The User Object](/api/overview#the-user-object) for further details on how to identify users and their contact information such as email addresses and phone number.