Authorization_Code

This parameter is the authorization code that the client previously received from the authorization server.

“An authorization code is a short-lived token representing the user’s access grant, created by the authorization server and passed to the client application via the browser. The client application sends the authorization code to the authorization server to obtain an access token.’'

Example:

In OAuth 2.0 with WSO2, the overall concept is simple as follows.

Obtain “Authorization Code” by a GET request:

Request details:

https://localhost:9443/oauth2/authorize?response_type=code&redirect_uri=<callback_url>&client_id=<client_id>&scope=<scopes>

A small intro into the parameters;

• response_type=code -> Here I am telling the server at the end of this process I am expecting an authorization code in return.
• redirect_uri -> This is where you will be redirected to at the end of the process. This should match the registered callback URL. For now, it is “http://localhost:8080/playground2”
• client_id -> The client id for our OAuth app which we got as a response from the DCR call.
• scope -> Optional parameter to define the scope of the access token we will be generating. You can define multiple scopes by space separating the scopes.