API Reference/Inbound Apps
POST
/oauth2/v1/apps/token

Request Body

application/jsonRequired
grant_typestring
codestring
client_idstring
client_secretstring
code_verifierstring
scopestring
refresh_tokenstring
tenantIdstring
resourcestring

RFC 8707 - OAuth 2.0 Resource Indicators - Token Endpoint only supports receiving a single resource

curl -X POST "https://api.descope.com/oauth2/v1/apps/token" \
  -H "Content-Type: application/json" \
  -d '{
    "grant_type": "string",
    "code": "string",
    "client_id": "string",
    "client_secret": "string",
    "code_verifier": "string",
    "scope": "string",
    "refresh_token": "string",
    "tenantId": "string",
    "resource": "string"
  }'

OK

{
  "access_token": "string",
  "token_type": "string",
  "refresh_token": "string",
  "id_token": "string",
  "expires_in": 0,
  "scope": "string"
}

Was this helpful?

OIDC revoke endpoint POST

OIDC revoke endpoint

Third Party application Get UserInfo endpoint GET

Third Party application Get UserInfo endpoint