GET /oauth/auz/grants/{GrantID}/auzcomplete
Completes the process of authentication and authorization. Changes the grant status to Active or Rejected based on the authorization action, removes the temporary cookie that was in use during provisioning, and returns the resource owner to the redirect URI along with additional information such as the state parameter and the code, token, or id token.
This operation redirects the user back to the application, along with additional information such as authorization code, access token, or ID token:
- Authorization code grant type: returns authorization code
- Implicit grant type: returns access token.
- OpenID Connect request: what is returned is determined by the values provided in the response_type parameter. If the response_type includes id_token, this operation sends the ID token, and so on.
The response also includes the state parameter. The request for resource owner authorization includes redirect uri and state parameter; these two are used when sending the user back to the application, along with the authorization code, access token or id token, depending on the value in the response_type parameter of the request.
Authorization Roles/Permissions: Must be the resource owner.
This topic includes the following sections:
HTTP Method
GET
URL
https://{oauth-provider-url}/oauth/auz/grants/{GrantID}/auzcomplete
Sample Request
The example below shows a redirect request. Grant provisioning is complete, and the GrantID is returned in the URL.
Sample Request URL
https://{oauth-provider-url}/oauth/auz/grants/hc3rl7hhhcfj/auzcomplete
Sample request headers
GET /oauth/auz/grants/hc3rl7hhhcfj/auzcomplete HTTP/1.1
Host: {oauth-provider-hostname}
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Sample request body
Not applicable.
Request Headers
For general information on request header values, refer to HTTP Request Headers.
| Header | Description |
|---|---|
| Accept | text/xml |
Request Parameters
| Parameter | Parm Type | Data Type | Required | Description |
|---|---|---|---|---|
| GrantID | Path | string | Required | The unique ID for a specific instance of an OAuth grant. |
Response
If successful:
- The user is redirected to the redirect URL configured for the app.
- The temporary cookie is removed.
The response can contain id token, code, token, or a combination, based on the response_type value specified. These elements can be added as query parameters to the Redirect URL, or sent as fragment parameters, or sent to the redirect URL using HTTP POST, based on the response mode chosen.
Sample Response
The sample response below shows successful completion of this operation.
Sample response headers
None.
Sample response body
None.
Response Headers
For general information on response header values, refer to HTTP Response Headers.
| Header | Description |
|---|---|
| Content-Type | text/xml |
Response Body
No response content. The result of this operation is that the user is redirected to the client's Redirect URI and the temporary cookie is removed.
Error Codes/Messages
If the call is unsuccessful an error code/message is returned. One or more examples of possible errors for this operation are shown below.
| Item | Value |
|---|---|
| 200 | The resource owner or authorization server rejected the request; access_denied. |
| 500 | Invalid grant ID. |
| 500 | An error occurred processing the call. |
More information about Akana OAuth API error messages.
