Authorize Client

Loading...

API endpoint path: /v1/client-authorization

Returns the approved OAuth scopes, Apigee application identifier, and authorization-flow policy for a client application. This endpoint is typically called before generating an authorization code to determine which security, consent, and device requirements apply.

Requests must use application/x-www-form-urlencoded encoding and include a valid Bearer access token in the Authorization header.

Use this endpoint to:

• Retrieve the OAuth scopes approved for a client application before starting the authorization code flow.
• Determine whether multi-factor authentication, user consent, or device registration is required.
• Validate that a client application is properly configured to use the authorization_code grant.
• Drive the authorization user experience based on client-specific policy flags.

Behavior and requirements:

• Returns approved scopes from the client application's allowed-scopes, Apigee application identifier (appId), and authorization flow policy details in additional_info.
• The additional_info object includes secondary_authentication_enabled, consent_enabled, and device_registration_enabled flags that indicate required authorization steps.
• The client application must be configured with the authorization_code grant type and a valid allowed-scopes attribute.

Note: After reviewing the response, call Generate Authorization Code to issue the authorization code.

Request

Responses

200

Success

400

Bad Request

401

Unauthorized

403

Forbidden

500

Internal Server Error