Authorization

AIRisk API implements an Authorization Code Grant flow. This is a two-step process.

  1. Authorization Request: Your application directs the user’s browser to AIRisk’s Authorization Endpoint with your client_id, a redirect_uri, optionally a state string, and optionally a userid if you are requesting a user-specific token. If requesting a user-specific token, the userid must be an existing id on some ApplicationUser in the AIRisk deployment. Also,

    • client_id and client_secret must be valid for some APIUser in the instances database.

    • redirect_uri must match at least one comma-separated value in the same APIUsers (as the client id & secret) redirect_uri column

      • See Here

  2. Authorization Code Redirect: If AIRisk’s authorization server authorizes the request, then it redirects the client back to the specified redirect_uri with an authorization code in the URL (e.g. https://localhost/callback?code=REMOTELY_GENERATED_AUTH_CODE_HERE). This code is short-lived and cannot be used by itself except to request a token. If state was provided in the initial request, then there should be a matching state parameter and value in the URL coming from the redirect (e.g. https://localhost/callback?state=MATCHING_STATE_VALUE&code=REMOTELY_GENERATED_AUTH_CODE_HERE).

PreviousAIRisk API OAuth2 AuthenticationNextAuthorization Endpoint

Last updated