Authenticate a user with Penneo

get https://sandbox.oauth.penneo.cloud/oauth/authorize

The browser will redirect the user to the Penneo Login page and, after a successful login, back to the
specified redirect_uri.

A code parameter will be attached to the request so it can be later exchanged for an access_token.

Query Params

response_type

string

required

redirect_uri

uri

required

The URL to which Penneo will redirect the browser after authorization has been granted by the user.

It must be first registered in the client configuration.

client_id

string

required

The alphanumeric client_id obtained after registering your client application.

code_challenge

string

required

Value derived from code verifier created in compliance with PKCE specification.

See RFC 7636 for more info.

code_challenge_method

string

Defaults to plain

Name of the algorithm used to calculate code_challenge.

Clients are strongly recommended to use S256, as it will not only preventing
CSRF but also mitigate
eavesdropping and
man-in-the-middle attacks.

state

string

An opaque value of your choice that will be included when redirecting back to your client application.

This value is not required but strongly recommended to improve security and to prevent
CSRF attacks.
See RFC-6749, Section
10.12 for more info.

Responses

Language

URL


xxxxxxxxxx
1
curl --request GET \
2
     --url 'https://sandbox.oauth.penneo.cloud/oauth/authorize?response_type=code&code_challenge_method=plain' \
3
     --header 'accept: text/html'

Click Try It! to start a request and see the response here! Or choose an example:

*/*

text/html

302Found

400Bad Request

403Unauthorized

500Internal Server Error

501Not Implemented