Request authentication credentials for a web application user.
This operation is the first step in server-side web application authentication.
This operation takes the user through a web authentication journey resulting in an authorisation code being returned to the server-side web application. The web application then performs a second step of exchanging this authorisation code for an access token.
Requests the type of response the authorisation API should return. For server-side web applications, this would be
Possible values are:
Identifies the client that is making the request. This is the requestors client ID.
One of the redirect URIs registered at the time of obtaining a
Indicates the service access your application is requesting, the user will be asked to give their consent of these permissions to be given to your application. Scope is given as a space delimited set of permissions requested by the application.
This parameter contains any state which your application may want returned in the response roundtrip. The value should contain a nonce that your application can check to prevent cross-site-request-forgery attempts.
This parameter is used to force the user to reauthenticate for the application. This may be required to protect some user resources owned by the application.
This parameter is used to supply an email address to the authentication service. The value is used to pre-populate the email address web-screen field.
This request requires the use of one of following authorisation methods:
For OAuth 2 authorisation, the following scopes are required:
|https://identity.company-information.service.gov.uk/user/profile.read||User profile read permission|
The following HTTP status codes may be returned, optionally with a response resource.
The users browser may be redirected to an appropriate authorisation web-screen, but will always result in a redirection to the supplied
GET /oauth2/authorisation?scope=https://identity.company-information.service.gov.uk/user/profile.read%20https://api.company-information.service.gov.uk/company/00000000/registered-office-address.update&redirect_uri=https://somewhere.example.com/oauthcallback&response_type=code&client_id=6ghe7938zhd821hf&state=some_application_state_string HTTP/1.1
The response is sent to the
redirect_uri passed in the authorisation request.
redirect_uri will be of a server page that will decode the response and issue an
access token exchange on the authorisation
The size of the
code values may vary in size and be increased in the future.
GET https://somewhere.example.com/oauthcallback&code=987124y8g5r897t1t9y8b24t967g13-wzy&state=some_application_state_string HTTP/1.1