Create authorization requests optimized for use on your website or in your app. Authorization requests are used to authenticate and authorize Hosted Login users.
Supported authorization grant types
The different ways you can request authentication and authorization in Hosted Login.
The Authorization code + PKCE grant type
The most-commonly used grant type. Enables you to authenticate a user without having to pass a client secret.
The authorization code for web apps grant type
Because this grant type requires you to pass a client secret, it’s recommended for use only on secure connections.
Supported response types
Specifies the item (or items) you’d like returned from an authorization server. You can request an authorization code, an access token, an identity token, or various combinations of those items.
Supported response modes
Specifies how you want items returned from the authorization server. Hosted Login supports the fragment, query, and form_post response modes.
Secure audience injection and the resource parameter
Use the response parameter to place restrictions on where access tokens can be used.
Provides a way to automatically include specified scopes and claims in each authorization request, and without having to use either the scopes parameter or the claims parameter.
Optional authorization request parameters
Optional parameters that can (and often should) be used in your Hosted Login authorization requests.
Return standard and custom claims
Retrieving claims following a successful authentication. A claim is a discrete piece of user profile information. For example, a user’s birthday is a claim, a user’s cell phone number is a claim, and the organization a user works for is (or at least can be) a claim.
Updated 3 months ago