Skip to main content

Integration Steps

Authorization Request

Non-normative example of an Authorization Request:

GET /authorize?

response_type=code

&client_id=did:key:wejkdew87fwhef9833f4

&request_uri=https%3A%2F%2Fapp.client.com%2Frequest.jwt%2F3Gr...AdM

&state=af0ifjsldkj

&nonce=n-0S6_WzA2Mj

&scope=openid%20learcredential

Host: authserver.example.org
The Authorization Server executes the request_uri to retrieve the data of the Authorization Request Object.
This object is a JWT signed with the client’s private key.
The Authorization Server validates the JWT using the public key registered under the client’s jwks_uri.

Authorization Response

Redirection from the AS to the confidential client with the Authorization Response.

Non-normative example of an Authorization Response:



HTTP/1.1 302 FOUND

Location: https://app.client.com/cb?

code=SplxlOBeZQQYbYS6WxSbIA

&state=af0ifjsldkj
te
Token Request

Non-normative example of a Token Request:


POST /oauth/token HTTP/1.1 Host: authserver.example.com Content-Type: application/x-www-form-urlencoded grant_type=authorization_code &code=SplxlOBeZQQYbYS6WxSbIA &redirect_uri=https%3A%2F%2Fapp.client.com%2Fcb &state=af0ifjsldkj

0.4 Token Response

Non-normative example of a Token Response:


HTTP/1.1 200 OK Content-Type: application/json Cache-Control: no-store Pragma: no-cache { "access_token": "eyJhbGciOiJFQ0RILUVTIiwiZ...qtAlx1oFIUpQQ", "token_type": "Bearer", "expires_in": 3600, "refresh_token": "8xLOxBtZp8", "id_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...p-QV30" }
Back to top