Custom appsAPIPOST /oauth2/v1/authorize

The POST /oauth2/v1/authorize endpoint performs the initial setup for OAuth version 2 accounts using Authorization Code grant type by generating redirect_uri based on received parameters.

Request body includes following parameters:

  • callback_uri - is the redirect URL that the user should be expected to be redirected to upon successful authentication with the third-party service
  • state - opaque value used by the client to maintain state between request and callback. This value should be included in redirect_uri to be able to complete OAuth flow by Vizydrop.
{
    "callback_uri": "https://oauth.vizydrop.com",
    "state": "xxxxxx"
}

Return body should include a redirect_uri that the user should be forwarded to in order to complete setup.
Replies are then POST'ed to /oauth2/v1/access_token endpoint.

{
    "redirect_uri": "https://accounts.google.com/o/oauth2/token?state=xxxx&scope=openid+profile+email&client_secret=xxxx&grant_type=authorization_code&redirect_uri=something&code=xxxxx&client_id=xxxxx"
}

Note: The OAuth implementation requires the account identifier to be oauth2 for OAuth version 2.

Note: If service provider has callback url whitelisting than https://oauth.vizydrop.com has to be added to the whitelist.