get https://example.com/oauth/authorize
Some WebID providers provide a procedure to discover the WebID of a user while asking the user to share data at the same time.
This endpoint initiates such a procedure at the WebID provider that is configured for your tenant and structures this procedure using the OAuth 2.0 Code Grant Flow using PKCE.
Redirect URI
After you have called this endpoint, eventually, the user will be redirected to a URI that you have specified.
This URI will look as follows:
- In case of a successful procedure:
https://example-app.com/redirect?code=AUTH_CODE_HERE&state=JWK_STATE_HERE
- In case of an error:
https://example-app.com/redirect?error=ERROR_CODE_HERE&error_description=URL_ENCODED_ERROR_DESCRIPTION_HERE&state=REQUEST_STATE_HERE
.
Limitations and considerations
- The
client_id
parameter must match those of the custom domain of the tenant. Example: in case ofapp.use.id
, theclient_id
must be any of*.use.id
. - The
redirect_uri
parameter must match one ofredirect_uris
as specified inclient_id
. - Currently, only
code
is allowed asresponse_type
- Currently, only
S256
is allowed ascode_challenge_method