POST
/v1/auth/sso/exchange
Exchange SSO SAML code for Descope user session
This endpoint will exchange the unique SAML code (also called a token) for the Descope session information needed for managing the end user session. Call this endpoint from your code flow that responds to the url
that was returned by the Sign-In endpoint.
The unique code \<unique-code\\>
is appended as a URL parameter: code=<unique-code\>
, for example, url = https://sso.mycompany.com/mywork.htm?code=<unique-code\>
.
Next Steps
- Extract the unique code
<unique-code\>
from the URL parameter. - Call this endpoint, passing the
<unique-code\>
as the request parameter
The response object includes the session JWT (sessionJwt) and refresh JWT (refreshJwt) when this endpoint completes successfully.
See Also
- See The User Object for further details on how to identify users and their contact information such as email addresses and phone number.
Endpoint Authentication
Use authorization bearer header with the following format:
Authorization: Bearer <Project ID>
Authorization
Authorization
RequiredBearer <token>
In: header
Request Body
code
string
Status code | Description |
---|---|
200 | OK |
Was this helpful?