GET /oauth/auz/grants/{GrantID}/authcomplete

Supports redirect from the identity provider after the resource owner's login with the identity provider is complete.

There are these related operations that render the authorization page:

GET /oauth/auz/grants/provider/authcomplete{domainid:(/[^/]+?)?} (this operation) performs the same action using HTTP GET. You can use this if you do not need to maintain a static callback URI. The GrantID is a path parameter.
POST /oauth/auz/grants/provider/authcomplete{domainid:(/[^/]+?)?} performs the same action using HTTP POST. You can use this if you do not need to maintain a static callback URI and prefer to use HTTP POST. The GrantID is relayed in form URL-encoded POST content.

Corresponds to the Login Complete operation in the Login API, but relates to the resource owner's authentication with the Authorization Server, for the purposes of an OAuth grant, rather than authentication for the purpose of platform access.

Note: The operations in the Authorization Server Authorization Service are intended for use by the Resource Owner. There are corresponding operations in other services for other scenarios. Where applicable, use the corresponding operations in the OAuth Login service (Login Complete GET and POST).

Authorization Roles/Permissions: Anyone can run this operation.

This topic includes the following sections:

HTTP Method
URL
Sample Request
Request Headers
Request Parameters

Response
Sample Response
Response Headers
Response Body
Error Codes/Messages

HTTP Method

GET

URL

https://{oauth-provider-url}/oauth/auz/grants/{GrantID}/authcomplete

Sample Request

The example below shows a call to this operation.

Sample Request URL

https://{oauth-provider-url}/oauth/auz/grants/mehpkurlkhnn/auzcomplete

Sample request headers

GET /oauth/auz/grants/mehpkurlkhnn/auzcomplete HTTP/1.1
Host: {oauth-provider-hostname}
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Sample request body

Not applicable.

Request Headers

For general information on request header values, refer to HTTP Request Headers.

Header	Description
Accept	This operation does not validate the Accept header. Any value is accepted. The operation returns html, to support the browser.

Request Parameters

Parameter	Parm Type	Data Type	Required	Description
GrantID	Path	string	Required	The unique ID for a specific instance of an OAuth grant.

Response

If successful, this operation returns HTTP status code 200, with the cookie.

Sample Response

The sample response below shows successful completion of this operation. The user is redirected to the application's redirect URL.

Sample response headers

Set-Cookie: AtmoAuthToken_{oauth-provider-hostname}: TokenID%3D480a3a7c-240e-11e5-a1b9-8945fbb2b0eb%2Cclaimed_id%3Durn%3Aacmepaymentscorp%3Auser%3Aacmepaymentscorp
%3A8fb17266-354a-4032-96fb-2208ae7b4da4%2CissueTime%3D1436207946162%2CexpirationTime%3D1436209746144%2CAttributesIncluded%3Dfalse%2CUser
FDN%3D8fb17266-354a-4032-96fb-2208ae7b4da4%252Eacmepaymentscorp%2CUserName%3Dadminacmepaymentscorp%2Csig%3Dd5YEgxmZQaCgfp64gs0EL1ttry
epO3kWTwu4gO12OxLF6sjpcrojVKUf0X8heu9eoi8WlEd9ZIN7vPNgi6pu-XZ883L-OkD9fYnN4ktbRPwHQ2Phaa1H1bXaCpfgpeI8q6uDjeqX_aw
H70N6-QQKrhF5n9Lm5PYCKciKNWTSWVooauthRedirectInfoCookie: %7B%22accessTokenUrl%22%3A%22%2Fapi%2Fdevconsole%2Foauth%2Faccesstoken%22
%2C%22providerEndpoint%22%3A%22%2Fapi%2Fdevconsole%2Foauth%2Faccesstoken%22%2C%22queryString%22%3A%22session_key%3Dapiv%253D090888
a5-27f8-454e-8319-c7900d1da4bc.acmepaymentscorp%2526scope%253DScope1%2526appRuntimeId%253D5tRKCWjfz599pLJ8Te4tvn1D.acmepaymentscorp
%2526granttype%253Dauthorization_code%2526policy_type%253DOAuth%2525202.0%2526appsecret%253De4d5949f72473acc151b34065f69169099ebe732
%2526appid%253Dacmepaymentscorp-5tRKCWjfz599pLJ8Te4tvn1D%2526token_url%253Dhttp%253A%252F%252F{oauth-provider-hostname}%252Foauth%252Foauth20%252Ftoken%
2526opname%253DGetDiscussions%2526policy_key%253Doauth%2526guid%253Daf880c48-1389-4da4-98e5-2fb29dcca155%2526auz_url%253Dhttp%253A
%252F%252F{hostname}%252Foauth%252Fauz%252Fauthorize%2526callback%253Dhttp%253A%252F%252F{hostname}%252Fui%252Fapps%252Facmepaymentscorp
%252F_VcuNfhlXb0PE8hHDxAx9OhA%252Fresources%252Fconsole%252Fglobal%252Foauthclientredirect.html%253Fdynamic%25253Dtrue
%2526signature_method%253DSharedSecret%2526apienv%253DProduction%2526token_verb%253DPOST%22%7D
OAuthToken_acmepaymentscorp: TokenID%3D57d30fc7-240e-11e5-a1b9-8945fbb2b0eb%2Cclaimed_id%3DLDAP_acmepaymentscorp%5Ceng100
%2CissueTime%3D1436207972636%2CexpirationTime%3D1436208572626%2Csig%3DlOsIenU6JM-dYquJKhKMdKarQRtef4ALY5Abuls7KV5jaPgWapM1w0Y
thq0I1hJvMJ7xlWj8haU3OvM4b6I3LgGWGvw5_Uws935JKLW57xiti_UC2IvxFDrAIg4xx2k-x-icqUDsWfVGNfjWlun43_uRM667RjGOkh_ZmU2xq0Q

Sample response body

None.

Response Headers

For general information on response header values, refer to HTTP Response Headers.

Header	Description
Content-Type	Returns text/html response.
Cookie	OAuthToken_{OAuthProviderName}—The OAuth cookie that identifies the logged-in user with the provider. Depending on the operation being used and the context, the authenticated user could be the resource owner, the administrator, the client app administration, or the OAuth Provider. The cookie is returned after logging in with the POST /oauth/login operation.

Response Body

There is no response body. The important part of the response is the OAuth authentication cookie.

Error Codes/Messages

If the call is unsuccessful an error code/message is returned. One or more examples of possible errors for this operation are shown below.

Item	Value
500	An error occurred processing the call.

More information about Akana OAuth API error messages.