Skip to main content

Get OAuth URL

Get OAuth authorization URL for social login providers.

Quick Navigation

Endpoint

GET /api/v1/auth/oauth/{provider}/url

Headers

None required (public endpoint)

Path Parameters

ParameterTypeRequiredDescription
providerstringYesOAuth provider: "github", "google", "apple", or "microsoft"

Query Parameters

ParameterTypeRequiredDescription
statestringNoOptional state parameter for CSRF protection

Validations

  • Provider must be one of: github, google, apple, microsoft
  • State parameter validation (if provided)

Response

Success (200)

{
  "success": true,
  "data": {
    "oauth_url": "https://github.com/login/oauth/authorize?client_id=...&state=...",
    "provider": "github",
    "state": "csrf_state_token"
  },
  "message": "GitHub OAuth URL generated successfully"
}

Error Codes

StatusCodeDescription
400INVALID_PROVIDERInvalid provider name

Data Flow

  1. Provider Validation

    • Verify provider is supported
    • Return error if invalid

  2. URL Generation

    • Get OAuth client credentials
    • Build authorization URL
    • Include redirect_uri
    • Include state parameter (CSRF protection)
    • Include scopes required

  3. State Generation (if not provided)

    • Generate random state token
    • Store in session/cache for verification

  4. Response

    • Return complete OAuth URL
    • Include provider and state

Features

  • Generates OAuth authorization URL for GitHub, Google, Apple, or Microsoft
  • Includes CSRF protection via state parameter
  • Returns URL for frontend redirect
  • Supports all major OAuth providers

Supported Providers

  • GitHub - GitHub OAuth
  • Google - Google OAuth
  • Apple - Apple Sign In
  • Microsoft - Microsoft Azure AD

Example

curl -X GET "https://api.rivergen.com/api/v1/auth/oauth/github/url?state=csrf_token_123"

Next Steps

  1. Redirect user to returned oauth_url
  2. User authorizes on provider
  3. Provider redirects to callback URL
  4. Use OAuth Callback or Social Login