--- title: Authorize (authorization_code POST) description: "The authorization endpoint is used in a POST request. The POST request accepts all the same parameters as the GET request. Both initiate an authorization request. Note that for the POST request, parameters and their values are Form Serialized by adding the parameter names and values to the entity body of the HTTP request and specifying the Content-Type: application/x-www-form-urlencoded request header." component: pingone-api page_id: pingone-api:auth:openid-connect-oauth-2/authorize-authorization_code-1 canonical_url: https://developer.pingidentity.com/pingone-api/auth/openid-connect-oauth-2/authorize-authorization_code-1.html section_ids: prerequisites: Prerequisites headers: Headers body: Body example-request: Example Request example-response: Example Response --- # Authorize (authorization\_code POST) ## ```none POST {{authPath}}/{{envID}}/as/authorize ``` The authorization endpoint is used in a `POST` request. The `POST` request accepts all the same parameters as the `GET` request. Both initiate an authorization request. Note that for the `POST` request, parameters and their values are Form Serialized by adding the parameter names and values to the entity body of the HTTP request and specifying the `Content-Type: application/x-www-form-urlencoded` request header. | | | | - | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | The optional `request` property specifies a JWT that enables OIDC/OAuth2 request parameters to be passed as a single, self-contained parameter. For details on how to construct the JWT, refer to [Create a request property JWT](../auth-config-options/create-a-request-property-jwt.html). For information on `pi.template` refer to [Notifications Templates](../../platform/notifications/notifications-templates.html). For information on `pi.clientContext` refer to [Device Authentication](../../mfa/mfa-authentication/mfa-device-authentications.html). | The sample shows the `POST /{{envID}}/as/authorize` operation. ### Prerequisites * Refer to [OpenID Connect/OAuth 2](../openid-connect-oauth-2.html) for important overview information. * Create an application to get an `appID`. Refer to \[Application Operations]/pingone/platform/v1/api/#application-operations). Run [Read All Applications](../../platform/applications/applications-1/read-all-applications.html) to find an existing application. * Run [Read All Templates](../../platform/notifications/notifications-templates/read-all-templates.html) to find a `templateName`. * Run [Read All Contents](../../platform/notifications/notifications-templates/read-all-contents.html) to find a `variantName`. > **Collapse: Request Model** > > | Property | Type | Required? | > | ----------------------- | ------ | --------- | > | `acr_values` | String | Optional | > | `client_id` | String | Required | > | `code_challenge_method` | String | Optional | > | `login_hint` | String | Optional | > | `login_hint_token` | String | Optional | > | `mobilePayload` | String | Optional | > | `max_age` | String | Optional | > | `nonce` | String | Optional | > | `prompt` | String | Optional | > | `redirect_uri` | String | Required | > | `request` | String | Optional | > | `response_mode` | String | Optional | > | `response_type` | String | Required | > | `scope` | String | Optional | > | `state` | String | Optional | > > Refer to the [OpenID Connect/OAuth2 data model](../openid-connect-oauth-2.html) for full property descriptions. ### Headers Content-Type      application/x-www-form-urlencoded ### Body urlencoded ( application/x-www-form-urlencoded ) | Key | Value | | -------------- | --------------------------- | | response\_type | code | | client\_id | {{appID}} | | redirect\_uri | {{redirect\_uri}} | | scope | openid profile p1:read:user | ## ### Example Request * cURL * C# * Go * HTTP * Java * jQuery * NodeJS * Python * PHP * Ruby * Swift ```shell curl --location --globoff '{{authPath}}/{{envID}}/as/authorize' \ --header 'Content-Type: application/x-www-form-urlencoded' \ --data-urlencode 'response_type=code' \ --data-urlencode 'client_id={{appID}}' \ --data-urlencode 'redirect_uri={{redirect_uri}}' \ --data-urlencode 'scope=openid profile p1:read:user' ``` ```csharp var options = new RestClientOptions("{{authPath}}/{{envID}}/as/authorize") { MaxTimeout = -1, }; var client = new RestClient(options); var request = new RestRequest("", Method.Post); request.AddHeader("Content-Type", "application/x-www-form-urlencoded"); request.AddParameter("response_type", "code"); request.AddParameter("client_id", "{{appID}}"); request.AddParameter("redirect_uri", "{{redirect_uri}}"); request.AddParameter("scope", "openid profile p1:read:user"); RestResponse response = await client.ExecuteAsync(request); Console.WriteLine(response.Content); ``` ```golang package main import ( "fmt" "strings" "net/http" "io" ) func main() { url := "{{authPath}}/{{envID}}/as/authorize" method := "POST" payload := strings.NewReader("response_type=code&client_id=%7B%7BappID%7D%7D&redirect_uri=%7B%7Bredirect_uri%7D%7D&scope=openid%20profile%20p1%3Aread%3Auser") client := &http.Client { } req, err := http.NewRequest(method, url, payload) if err != nil { fmt.Println(err) return } req.Header.Add("Content-Type", "application/x-www-form-urlencoded") res, err := client.Do(req) if err != nil { fmt.Println(err) return } defer res.Body.Close() body, err := io.ReadAll(res.Body) if err != nil { fmt.Println(err) return } fmt.Println(string(body)) } ``` ```http POST /{{envID}}/as/authorize HTTP/1.1 Host: {{authPath}} Content-Type: application/x-www-form-urlencoded response_type=code&client_id=%7B%7BappID%7D%7D&redirect_uri=%7B%7Bredirect_uri%7D%7D&scope=openid%20profile%20p1%3Aread%3Auser ``` ```java OkHttpClient client = new OkHttpClient().newBuilder() .build(); MediaType mediaType = MediaType.parse("application/x-www-form-urlencoded"); RequestBody body = RequestBody.create(mediaType, "response_type=code&client_id={{appID}}&redirect_uri={{redirect_uri}}&scope=openid profile p1:read:user"); Request request = new Request.Builder() .url("{{authPath}}/{{envID}}/as/authorize") .method("POST", body) .addHeader("Content-Type", "application/x-www-form-urlencoded") .build(); Response response = client.newCall(request).execute(); ``` ```javascript var settings = { "url": "{{authPath}}/{{envID}}/as/authorize", "method": "POST", "timeout": 0, "headers": { "Content-Type": "application/x-www-form-urlencoded" }, "data": { "response_type": "code", "client_id": "{{appID}}", "redirect_uri": "{{redirect_uri}}", "scope": "openid profile p1:read:user" } }; $.ajax(settings).done(function (response) { console.log(response); }); ``` ```javascript var request = require('request'); var options = { 'method': 'POST', 'url': '{{authPath}}/{{envID}}/as/authorize', 'headers': { 'Content-Type': 'application/x-www-form-urlencoded' }, form: { 'response_type': 'code', 'client_id': '{{appID}}', 'redirect_uri': '{{redirect_uri}}', 'scope': 'openid profile p1:read:user' } }; request(options, function (error, response) { if (error) throw new Error(error); console.log(response.body); }); ``` ```python import requests url = "{{authPath}}/{{envID}}/as/authorize" payload = 'response_type=code&client_id=%7B%7BappID%7D%7D&redirect_uri=%7B%7Bredirect_uri%7D%7D&scope=openid%20profile%20p1%3Aread%3Auser' headers = { 'Content-Type': 'application/x-www-form-urlencoded' } response = requests.request("POST", url, headers=headers, data=payload) print(response.text) ``` ```php setUrl('{{authPath}}/{{envID}}/as/authorize'); $request->setMethod(HTTP_Request2::METHOD_POST); $request->setConfig(array( 'follow_redirects' => TRUE )); $request->setHeader(array( 'Content-Type' => 'application/x-www-form-urlencoded' )); $request->addPostParameter(array( 'response_type' => 'code', 'client_id' => '{{appID}}', 'redirect_uri' => '{{redirect_uri}}', 'scope' => 'openid profile p1:read:user' )); try { $response = $request->send(); if ($response->getStatus() == 200) { echo $response->getBody(); } else { echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' . $response->getReasonPhrase(); } } catch(HTTP_Request2_Exception $e) { echo 'Error: ' . $e->getMessage(); } ``` ```ruby require "uri" require "net/http" url = URI("{{authPath}}/{{envID}}/as/authorize") http = Net::HTTP.new(url.host, url.port); request = Net::HTTP::Post.new(url) request["Content-Type"] = "application/x-www-form-urlencoded" request.body = "response_type=code&client_id=%7B%7BappID%7D%7D&redirect_uri=%7B%7Bredirect_uri%7D%7D&scope=openid%20profile%20p1%3Aread%3Auser" response = http.request(request) puts response.read_body ``` ```swift let parameters = "response_type=code&client_id=%7B%7BappID%7D%7D&redirect_uri=%7B%7Bredirect_uri%7D%7D&scope=openid%20profile%20p1%3Aread%3Auser" let postData = parameters.data(using: .utf8) var request = URLRequest(url: URL(string: "{{authPath}}/{{envID}}/as/authorize")!,timeoutInterval: Double.infinity) request.addValue("application/x-www-form-urlencoded", forHTTPHeaderField: "Content-Type") request.httpMethod = "POST" request.httpBody = postData let task = URLSession.shared.dataTask(with: request) { data, response, error in guard let data = data else { print(String(describing: error)) return } print(String(data: data, encoding: .utf8)!) } task.resume() ``` ### Example Response 302 Found