API ReferenceInbound Apps
POST
/oauth2/v1/apps/authorize

Request Body

application/json

response_type?string

RFC 9101 §6.3: when a JAR request parameter is present, response_type and redirect_uri may be omitted from the outer query and carried inside the JWT. The controller validates the resolved values after JAR processing.

scope?string
client_id?string
state?string
redirect_uri?string
code_challenge_method?string

PKCE

code_challenge?string
nonce?string
loginHint?string
prompt?string
flow?string
flow_token?string
resource?array<string>
string

RFC 8707 - OAuth 2.0 Resource Indicators

project_id?string
tenant?string
mcp_server_id?string
style?string
dpop_jkt?string
request?string

Third Party application authorization POST endpoint

curl -X POST "https://api.descope.com/oauth2/v1/apps/authorize" \  -H "Content-Type: application/json" \  -d '{}'
{}
export interface Response {}
Was this helpful?

Get Authorization Endpoint GET

Third Party application authorization GET endpoint

OIDC revoke endpoint POST

OIDC revoke endpoint