OIDC request

GET <AUTHORIZATION_CODE_FLOW_URL> HTTP/1.1
Accept: application/json

Important

It is crucial that HTTP Header Accept: application/json is used.

Where AUTHORIZATION_CODE_FLOW_URL:

In case of authentication without PKCE

<SIGNICAT_AUTHORIZATION_ENDPOINT>?
response_type=code&
scope=openid+profile+mobileid&
client_id=<CUSTOMER_CLIENT_ID>&
redirect_uri=<CUSTOMER_REDIRECT_URI>&
state=<CUSTOMER_AUTH_METHOD_NAME:STATE_IDENTIFIER>&
acr_values=urn:signicat:oidc:method:<CUSTOMER_AUTH_METHOD_NAME>&
login_hint=deviceId-<DEVICE_ID>&
login_hint=externalRef-<ACCOUNT_NAME>&
login_hint=pushPayload-<URL_ENCODED_PUSH_PAYLOAD>&
login_hint=preContextTitle-<PRE_CONTEXT_TITLE>&
login_hint=preContextMessage-<PRE_CONTEXT_MESSAGE>&
login_hint=postContextTitle-<POST_CONTEXT_TITLE>&
login_hint=postContextMessage-<POST_CONTEXT_MESSAGE>&
login_hint=encapAuthMethod-<AUTHENTICATION_METHOD>&
login_hint=encapAuthLevel-<AUTHENTICATION_LEVEL>

In case of authentication with PKCE

In the case of authentication with Proof Key for Code Exchange (PKCE) (opens new window), the request requires the following login hints in addition to the above:

• code_challenge=<CODE_CHALLENGE>
• code_challenge_method=S256

Authentication response

{
    "status":"<STATUS>",
    "statusUrl":"<STATUS_URL>",
    "completeUrl":"<COMPLETE_URL>"
}