provider Idp POST /v1/idp/oauth/authorize/start
@utdk/stytch /v1/idp/oauth/authorize/start
Authorizestart
Initiates a request for authorization of a Connected App to access a User's account. Call this endpoint using the query parameters from an OAuth Authorization request. This endpoint validates various fields (`scope`, `client_id`, `redirect_uri`, `prompt`, etc...) are correct and returns relevant information for rendering an OAuth Consent Screen. This endpoint returns: - A public representation of the Connected App requesting authorization - Whether _explicit_ user consent must be granted before proceeding with the authorization - A list of scopes the user has the ability to grant the Connected App Use this response to prompt the user for consent (if necessary) before calling the [Submit OAuth Authorization](https://stytch.com/docs/api/connected-apps-oauth-authorize) endpoint. Exactly one of the following must be provided to identify the user granting authorization: - `user_id` - `session_token` - `session_jwt` If a `session_token` or `session_jwt` is passed, the OAuth Authorization will be linked to the user's session for tracking purposes. One of these fields must be used if the Connected App intends to complete the [Exchange Access Token](https://stytch.com/docs/api/connected-app-access-token-exchange) flow.

Try it

Authentication
Configure credentials for Stytch API
Gateway
The gateway proxies requests and injects credentials server-side. Configure credentials above, then enter your gateway URL.

Saved automatically to browser storage.

apiIdpV1IdpOauthAuthorizestart
POST/v1/idp/oauth/authorize/start
Initiates a request for authorization of a Connected App to access a User's account. Call this endpoint using the query parameters from an OAuth Authorization request. This endpoint validates various fields (`scope`, `client_id`, `redirect_uri`, `prompt`, etc...) are correct and returns relevant information for rendering an OAuth Consent Screen. This endpoint returns: - A public representation of the Connected App requesting authorization - Whether _explicit_ user consent must be granted before proceeding with the authorization - A list of scopes the user has the ability to grant the Connected App Use this response to prompt the user for consent (if necessary) before calling the [Submit OAuth Authorization](https://stytch.com/docs/api/connected-apps-oauth-authorize) endpoint. Exactly one of the following must be provided to identify the user granting authorization: - `user_id` - `session_token` - `session_jwt` If a `session_token` or `session_jwt` is passed, the OAuth Authorization will be linked to the user's session for tracking purposes. One of these fields must be used if the Connected App intends to complete the [Exchange Access Token](https://stytch.com/docs/api/connected-app-access-token-exchange) flow.

Input

required

The ID of the Connected App client.

required

The callback URI used to redirect the user after authentication. This is the same URI provided at the start of the OAuth flow. This field is required when using the `authorization_code` grant.

required

The OAuth 2.0 response type. For authorization code flows this value is `code`.

required

An array of scopes requested by the client.

The unique ID of a specific User. You may use an `external_id` here if one is set for the user.

The `session_token` associated with a User's existing Session.

The `session_jwt` associated with a User's existing Session.

Space separated list that specifies how the Authorization Server should prompt the user for reauthentication and consent. Only `consent` is supported today.

Enter a gateway URL above to enable sending.

Code snippet
Updates live as you fill in the form above.

TypeScript

import stytch from '@utdk/stytch';

await stytch.apiIdpV1IdpOauthAuthorizestart()