--- title: "Step 1: Send an authorization request" component: pingone-api page_id: pingone-api:workflow-library:platform-sso-and-authorization/openid-connect-oidc/external-identity-provider-sign-on/test-the-workflow/step-17-send-an-authorization-request canonical_url: https://developer.pingidentity.com/pingone-api/workflow-library/platform-sso-and-authorization/openid-connect-oidc/external-identity-provider-sign-on/test-the-workflow/step-17-send-an-authorization-request.html section_ids: example-request: Example Request example-response: Example Response --- # Step 1: Send an authorization request ##     ```none GET {{authPath}}/{{destinationEnvID}}/as/authorize?response_type=code&client_id={{oidcAppDestinationID}}&redirect_uri=https://example.com&scope=openid&response_mode=pi.flow ``` Send a `GET` request to the authorization endpoint `{{apiPath}}/v1/{{destinationEnvID}}/as/authorize` using the destination environment. This queries the authorization server to kick off the sign-on flow, returning the options for sign-on. The sign-on form presented to the user shows two options for sign-on: * Sign-on with a username. * Sign-on using an external identity provider. ![sign-on-screen](../../../../../_images/p1_ExternalAuthSignOn.png) Set the following query parameters: * `response_type` The code or token type returned by an authorization request. For this activity, the value is `code`. * `client_id` The destination application's ID. * `redirect_uri` The URL that specifies the return entry point of the application. * `scope` This is a string that specifies permissions that determine the resources that the application can access. For this activity, the scope is `openid`. * `response_mode` A Ping Identity custom response mode to specify that the authorization response parameters are encoded as a JSON object wrapped in a flow response and returned directly to the client with a 200 status. ## ### Example Request * cURL * C# * Go * HTTP * Java * jQuery * NodeJS * Python * PHP * Ruby * Swift ```shell curl --location --globoff '{{authPath}}/{{destinationEnvID}}/as/authorize?response_type=code&client_id={{oidcAppDestinationID}}&redirect_uri=https%3A%2F%2Fexample.com&scope=openid&response_mode=pi.flow' ``` ```csharp var options = new RestClientOptions("{{authPath}}/{{destinationEnvID}}/as/authorize?response_type=code&client_id={{oidcAppDestinationID}}&redirect_uri=https://example.com&scope=openid&response_mode=pi.flow") { MaxTimeout = -1, }; var client = new RestClient(options); var request = new RestRequest("", Method.Get); RestResponse response = await client.ExecuteAsync(request); Console.WriteLine(response.Content); ``` ```golang package main import ( "fmt" "net/http" "io" ) func main() { url := "{{authPath}}/{{destinationEnvID}}/as/authorize?response_type=code&client_id={{oidcAppDestinationID}}&redirect_uri=https%3A%2F%2Fexample.com&scope=openid&response_mode=pi.flow" method := "GET" client := &http.Client { } req, err := http.NewRequest(method, url, nil) if err != nil { fmt.Println(err) return } res, err := client.Do(req) if err != nil { fmt.Println(err) return } defer res.Body.Close() body, err := io.ReadAll(res.Body) if err != nil { fmt.Println(err) return } fmt.Println(string(body)) } ``` ```http GET /{{destinationEnvID}}/as/authorize?response_type=code&client_id={{oidcAppDestinationID}}&redirect_uri=https://example.com&scope=openid&response_mode=pi.flow HTTP/1.1 Host: {{authPath}} ``` ```java OkHttpClient client = new OkHttpClient().newBuilder() .build(); MediaType mediaType = MediaType.parse("text/plain"); RequestBody body = RequestBody.create(mediaType, ""); Request request = new Request.Builder() .url("{{authPath}}/{{destinationEnvID}}/as/authorize?response_type=code&client_id={{oidcAppDestinationID}}&redirect_uri=https://example.com&scope=openid&response_mode=pi.flow") .method("GET", body) .build(); Response response = client.newCall(request).execute(); ``` ```javascript var settings = { "url": "{{authPath}}/{{destinationEnvID}}/as/authorize?response_type=code&client_id={{oidcAppDestinationID}}&redirect_uri=https://example.com&scope=openid&response_mode=pi.flow", "method": "GET", "timeout": 0, }; $.ajax(settings).done(function (response) { console.log(response); }); ``` ```javascript var request = require('request'); var options = { 'method': 'GET', 'url': '{{authPath}}/{{destinationEnvID}}/as/authorize?response_type=code&client_id={{oidcAppDestinationID}}&redirect_uri=https://example.com&scope=openid&response_mode=pi.flow', 'headers': { } }; request(options, function (error, response) { if (error) throw new Error(error); console.log(response.body); }); ``` ```python import requests url = "{{authPath}}/{{destinationEnvID}}/as/authorize?response_type=code&client_id={{oidcAppDestinationID}}&redirect_uri=https://example.com&scope=openid&response_mode=pi.flow" payload = {} headers = {} response = requests.request("GET", url, headers=headers, data=payload) print(response.text) ``` ```php setUrl('{{authPath}}/{{destinationEnvID}}/as/authorize?response_type=code&client_id={{oidcAppDestinationID}}&redirect_uri=https://example.com&scope=openid&response_mode=pi.flow'); $request->setMethod(HTTP_Request2::METHOD_GET); $request->setConfig(array( 'follow_redirects' => TRUE )); try { $response = $request->send(); if ($response->getStatus() == 200) { echo $response->getBody(); } else { echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' . $response->getReasonPhrase(); } } catch(HTTP_Request2_Exception $e) { echo 'Error: ' . $e->getMessage(); } ``` ```ruby require "uri" require "net/http" url = URI("{{authPath}}/{{destinationEnvID}}/as/authorize?response_type=code&client_id={{oidcAppDestinationID}}&redirect_uri=https://example.com&scope=openid&response_mode=pi.flow") http = Net::HTTP.new(url.host, url.port); request = Net::HTTP::Get.new(url) response = http.request(request) puts response.read_body ``` ```swift var request = URLRequest(url: URL(string: "{{authPath}}/{{destinationEnvID}}/as/authorize?response_type=code&client_id={{oidcAppDestinationID}}&redirect_uri=https%3A%2F%2Fexample.com&scope=openid&response_mode=pi.flow")!,timeoutInterval: Double.infinity) request.httpMethod = "GET" let task = URLSession.shared.dataTask(with: request) { data, response, error in guard let data = data else { print(String(describing: error)) return } print(String(data: data, encoding: .utf8)!) } task.resume() ``` ### Example Response 200 OK ```json { "_links": { "user.lookup": { "href": "https://auth.pingone.com/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/flows/034d65d1-9a0c-4daa-b164-b4b62eaaf4d1" }, "self": { "href": "https://auth.pingone.com/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/flows/034d65d1-9a0c-4daa-b164-b4b62eaaf4d1" }, "signOnPage": { "href": "https://apps.pingone.com/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/signon/?flowId=034d65d1-9a0c-4daa-b164-b4b62eaaf4d1" } }, "_embedded": { "socialProviders": [ { "id": "bc61c309-710e-4e6e-bfe0-84d2e881143c", "name": "IdentityProvider_1776714374", "type": "OPENID_CONNECT", "_links": { "authenticate": { "href": "https://auth.pingone.com/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/rp/authenticate?isDryRun=false&providerId=bc61c309-710e-4e6e-bfe0-84d2e881143c&flowId=034d65d1-9a0c-4daa-b164-b4b62eaaf4d1&transactionId=443f2cd1-4021-4b93-ab7c-0f67962e62ae" } } } ], "application": { "name": "DestinationApp_1776714420" } }, "id": "034d65d1-9a0c-4daa-b164-b4b62eaaf4d1", "environment": { "id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6" }, "resumeUrl": "https://auth.pingone.com/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/as/resume?flowId=034d65d1-9a0c-4daa-b164-b4b62eaaf4d1", "status": "SIGN_ON_REQUIRED", "createdAt": "2026-04-20T19:53:48.945Z", "expiresAt": "2026-04-20T20:08:48.947Z" } ```