Authorize a browser client

GET

/authorize

Redirects the user to Yoto's login page to begin the OAuth2 Authorization Code flow

Authorizations

bearerAuth

TypeHTTP (bearer)

Parameters

Query Parameters

audience*

Typestring

Required

Examplehttps://api.yotoplay.com

scope*

Typestring

Required

Exampleoffline_access openid profile

response_type*

Typestring

Required

Enum

codetokenid_tokencode tokencode id_tokentoken id_tokencode token id_token

client_id*

Typestring

Required

redirect_uri*

Typestring

Required

formaturi

state*

Opaque value for preventing CSRF attacks

Typestring

Required

nonce

String value to prevent replay attacks

Typestring

prompt

Specifies the authorization server prompt behavior

Typestring

Enum

noneloginconsentselect_account

max_age

Maximum authentication age in seconds

Typeinteger

code_challenge

PKCE code challenge

Typestring

code_challenge_method

PKCE code challenge method

Typestring

Enum

S256plain

Responses

Redirects to login page or callback URL with response parameters

GET

/authorize

Playground

Authorization

bearerAuth

Variables

Key

Value

audience*

scope*

response_type*

client_id*

redirect_uri*

state*

nonce

prompt

max_age

code_challenge

code_challenge_method

Samples