Authenticates a request.

    This API is the first endpoint which should be invoked in order to proceed with flows like implicit, hybrid, authorization code and authorization code with PKCE.
  • This request authenticates the user and returns tokens along with an authorization grant to the client application as a part of the callback response.
  • Refer below table for several possible response types in request w.r.t flows.
  • Refer guide OAuth Flows
  • See the OAuth2 spec

Flow Types Respone_Type OAuth App(response) OIDC App(response) Remarks(only for OIDC)
Authorization code flow code code code
Authorization Code with PKCE code code code
Implicit flow id_token NA id_token Scope openid is mandatory
Implicit flow token access token NA
Implicit flow token id_token NA token id_token Scope openid is mandatory
Hybrid Flow code id_token token NA code id_token token Scope openid is mandatory
Hybrid Flow code id_token NA code id_token Scope openid is mandatory
Hybrid Flow code token NA code token Scope openid is mandatory
Language