LoginRadius DocsDocs
DocumentationAPI ReferencesSDKsChangelogs

Retrieve OAuth tokens

Retrieves OAuth tokens for authentication and authorization purposes.

POST
/api/oauth/{OAuthAppName}/token

Retrieves OAuth tokens for authentication and authorization purposes.

Authorization

apikey<token>

Tenant API Key for authentication

In: query

Path Parameters

OAuthAppName*string

OAuth App Name

Request Body

TypeScript Definitions

Use the request body type in TypeScript.

Response Body

application/json

application/json

application/json

application/json

curl -X POST "https://TenantName.hub.loginradius.com/api/oauth/example_oauth_app/token" \  -H "Content-Type: application/json" \  -d '{    "client_id": "68106262-3938-4435-87ed-3e410b360209",    "client_secret": "AQvsBHrjOYFNJdvndATLBPoavRZUp1fj4656",    "code": "ab261e646022e92c620e2be8c10469d...",    "grant_type": "authorization_code",    "redirect_uri": "https://example.com/callback"  }'
{
  "access_token": "eyJhbGciOiJIUz...",
  "expire_in": "3600",
  "refresh_token": "3976a9391e31d3c1cf854c83f9f65078:90f...",
  "token_type": "Bearer"
}

{
  "error": "invalid_grant",
  "error_description": "The access_token is not valid."
}

{
  "error": "invalid_client",
  "error_description": "The client_id is not valid, check your client_id again."
}

{
  "error": "unauthorized_client",
  "error_description": "The client_secret is not valid, check your client_secret again."
}

Revoke OAuth refresh token POST

Revokes an OAuth refresh token to prevent further use.

OAuth Authorization Server Metadata (OAuth app) GET

Returns OAuth 2.0 Authorization Server Metadata (RFC 8414) for the given OAuth app. Use this endpoint for OAuth 2.0 client discovery when using the OAuth flow path.