Skip to main content

Authorization Endpoint (JSON API)

OAuth 2.0 authorization endpoint for frontend integration (returns redirect URL instead of redirecting).

Endpoint

POST /api/v1/oauth/authorize

Headers

HeaderRequiredDescription
AuthorizationYesBearer <access_token>
Content-TypeYesapplication/json

Request Body

{
  "client_id": "550e8400-e29b-41d4-a716-446655440000",
  "redirect_uri": "https://myapp.com/callback",
  "scope": "read write",
  "state": "random_state_value",
  "code_challenge": "CODE_CHALLENGE",
  "code_challenge_method": "S256",
  "approve": true
}

Parameters

FieldTypeRequiredDescription
client_idstringYesOAuth application client ID
redirect_uristringYesWhere to redirect after authorization
scopestringNoSpace-separated list of requested scopes
statestringNoCSRF protection state parameter
code_challengestringNoPKCE code challenge
code_challenge_methodstringNoPKCE method: "S256" or "plain"
approvebooleanYesUser approval decision

Response

Success (200)

{
  "success": true,
  "data": {
    "redirect_url": "https://myapp.com/callback?code=AUTHORIZATION_CODE&state=random_state_value"
  },
  "message": "Authorization successful"
}

Success - Rejected (200)

{
  "success": true,
  "data": {
    "redirect_url": "https://myapp.com/callback?error=access_denied&state=random_state_value"
  },
  "message": "Authorization denied"
}

Features

  • Designed for headless systems where frontend handles all redirects
  • Returns redirect URL instead of redirecting directly
  • Frontend is responsible for redirecting user to third-party app
  • Supports PKCE
  • Validates all parameters

Example

curl -X POST "https://api.rivergen.com/api/v1/oauth/authorize" \
  -H "Authorization: Bearer <access_token>" \
  -H "Content-Type: application/json" \
  -d '{
    "client_id": "550e8400-e29b-41d4-a716-446655440000",
    "redirect_uri": "https://myapp.com/callback",
    "scope": "read write",
    "state": "random_state_value",
    "approve": true
  }'