Authorization Server Login Service: Overview

Provides operations for activities relating to login in the context of OAuth, such as logging in and out and renewal of the authorization token.

This service is primarily for use in activities relating to grant provisioning, which might need to be accessible to external clients; for example, it can be used by app administrators and provider administrators. Anyone that wants to interface with the OAuth Provider can use this service. Results from certain operations might be restricted depending on the roles and permissions of the user.

Although operations in this service can also be used for resource owners, corresponding operations are available in the OAuth Authorization Server Authorization Service for grant administration.

URL: https://{oauth-provider-url}/oauth/login

Action Endpoint Description
log in POST /oauth/login Allows a person to log in for the purposes of OAuth, and returns the OAuth authentication cookie. For users signed up on the platform; other users log in using the POST /oauth/login/ssoLogin operation.
log out GET /oauth/login/logout Destroys any authentication cookies associated with the current OAuth session.
renew token (GET) GET /oauth/login/renewToken

Renews an OAuth authentication token. Uses HTTP GET.

For full documentation, refer to renew token (POST) (below).

renew token (POST) POST /oauth/login/renewToken Renews an OAuth authentication token. Uses HTTP POST.
SSO login (GET) GET /oauth/login/ssoLogin

Allows a user to log in for OAuth authorization purposes by authenticating with an identity provider that has its own login screen, providing SSO is enabled for the OAuth Provider and the identity provider it's using. Examples: Facebook, Google. Also for LDAP users. Uses HTTP GET.

For full documentation, refer to SSO login (POST) (below).

SSO login (POST) POST /oauth/login/ssoLogin Allows a user to log in for OAuth authorization purposes by authenticating with an identity provider that has its own login screen, providing SSO is enabled for the OAuth Provider and the identity provider it's using. Examples: Facebook, Google. Sets the OAuthToken_{OAuthProviderName} cookie and redirects the user. Also for LDAP users. Uses HTTP POST.