OAuth Parameters

Many of the Akana OAuth operations take standard parameters defined either in the OAuth specification or the OpenID Connect specification (http://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationRequest).

Below is some information about these parameters, with links to specific portions of the specifications.

client_id

Unique identifier of the client application.

For OpenID Connect, see http://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint.

client_secret

The client secret.

redirect_uri

The redirect URI of the client application where it receives the authorization code.

For OpenID Connect, see http://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint.

authorization_endpoint

The URL of the OpenID Connect Provider's OAuth 2.0 Authorization Endpoint.

response_types

A JSON array containing a list of OAuth 2.0 response types supported by this provider.

For a standard definition in the context of OAuth, see http://tools.ietf.org/html/draft-ietf-oauth-v2-31#section-3.1.1; for OpenID Connect, see http://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint.

scope

In the context of OAuth or OpenID Connect, a scope defines a set of one or more resources that the resource owner is granting access to.

For a standard definition in the context of OAuth, see http://tools.ietf.org/html/draft-ietf-oauth-v2-31#section-3.3 (for a description) and http://tools.ietf.org/html/draft-ietf-oauth-v2-31#appendix-A.4 (for syntax information). For OpenID Connect, see http://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint.

state

A parameter that the client can use to avoid forgery attacks. The client sends this parameter, with a unique value. When authorization is complete, the client should check that the value returned matches the value sent. It is optional for the client to send this value; however, if the client sends it in the request, it must be returned in the response.

For OAuth, see:

http://tools.ietf.org/html/rfc6749#section-4.1.1 (request)
http://tools.ietf.org/html/rfc6749#section-4.1.2 (response, successful)
http://tools.ietf.org/html/rfc6749#section-4.1.2.1 (response, error)

For OpenID Connect, see http://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint.

response_mode

In OpenID Connect, response_mode is a value that lets the Authorization Server know what mechanism to use for returning parameters from the Authorization Endpoint.

See http://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint.

nonce

A random string that is uniquely generated for each request.

For OpenID Connect, see http://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint.

OAuth Parameters

Related Topics