{"templateId":"markdown","sharedDataIds":{"sidebar":"sidebar-sidebars.yaml"},"props":{"metadata":{"markdoc":{"tagList":[]},"type":"markdown"},"seo":{"title":"Authorization Code Flow (for Web Applications)","llmstxt":{"hide":false,"sections":[{"title":"Table of contents","includeFiles":["**/*"],"excludeFiles":[]}],"excludeFiles":[]}},"dynamicMarkdocComponents":[],"compilationErrors":[],"ast":{"$$mdtype":"Tag","name":"article","attributes":{},"children":[{"$$mdtype":"Tag","name":"Heading","attributes":{"level":1,"id":"authorization-code-flow-for-web-applications","__idx":0},"children":["Authorization Code Flow (for Web Applications)"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["This flow is intended for ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["confidential clients"]},", such as traditional web applications with a secure backend that can safely store a client secret."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The process is divided into two main parts:"]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Request User Authorization"]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Exchange Authorization Code for an Access Token"]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"_","__idx":1},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Part 1: Request User Authorization"]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Your application must redirect the user to the eGain authorization endpoint from ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/developer-portal/guides/authentication/metadata"},"children":["metadata"]}," to obtain User's Authorization Code."]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Method"]},": ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["GET"]}]}]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Endpoint"]},": Your ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Authorization URL"]}," (from your client application's metadata)."]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Example Base Authorization URL for a User:"]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"header":{"controls":{"copy":{}}},"source":"https://ai.egain.cloud/system/auth/TMPRODB88619984-U/oauth2/authorize\n"},"children":[]}]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Example Base Authorization URL for a Customer:"]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"header":{"controls":{"copy":{}}},"source":"https://ai.egain.cloud/system/auth/TMPRODB88619984-C/oauth2/authorize\n"},"children":[]}]}]}]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Query Parameters:"]}]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"md-table-wrapper"},"children":[{"$$mdtype":"Tag","name":"table","attributes":{"className":"md"},"children":[{"$$mdtype":"Tag","name":"thead","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"th","attributes":{"align":"left","data-label":"Parameter"},"children":["Parameter"]},{"$$mdtype":"Tag","name":"th","attributes":{"align":"left","data-label":"Relevance"},"children":["Relevance"]},{"$$mdtype":"Tag","name":"th","attributes":{"align":"left","data-label":"Description"},"children":["Description"]}]}]},{"$$mdtype":"Tag","name":"tbody","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_id"]}]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":["Required"]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":["The Client ID for your application."]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["response_type"]}]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":["Required"]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":["Must be set to ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["code"]},"."]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["redirect_uri"]}]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":["Required"]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":["The URL where the user will be redirected. This must exactly match one of the URLs you registered."]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["scope"]}]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":["Required"]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":["A space-separated list of scopes. You can include any combination of scopes assigned to your client application in a single request. This allows you to generate one multi-purpose token for your entire application, or separate tokens for specific tasks, depending on your architectural needs."]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["state"]}]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":["Recommended"]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":["An opaque value used to prevent cross-site request forgery attacks."]}]}]}]}]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Example Full Authorization URL for a User:"]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"header":{"controls":{"copy":{}}},"source":"https://ai.egain.cloud/system/auth/TMPRODB88619984-U/oauth2/authorize?client_id=b4b2c1d9-4c19-4e8a-8e7a-9a0b1c2d3e4f&response_type=code&redirect_uri=https%3A%2F%2Foauth.pstmn.io%2Fv1%2Fcallback&scope=core.aiservices.manage&state=a1b2c3d4e5f67890\n"},"children":[]}]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"_-1","__idx":2},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Part 2: Exchange Authorization Code for an Access Token"]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Once your application receives the authorization code, it exchanges it for an access token through access token endpoint found in ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/developer-portal/guides/authentication/metadata"},"children":["metadata"]},"."]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Method"]},": ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["POST"]}]}]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Endpoint"]},": Your ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Token URL"]}," (from your client application's metadata)."]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Example Base Token URL for a User:"]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"header":{"controls":{"copy":{}}},"source":"https://ai.egain.cloud/system/auth/TMPRODB88619984-U/oauth2/token\n"},"children":[]}]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Example Base Token URL for a Customer:"]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"header":{"controls":{"copy":{}}},"source":"https://ai.egain.cloud/system/auth/TMPRODB88619984-C/oauth2/token\n"},"children":[]}]}]}]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Headers:"]}]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"md-table-wrapper"},"children":[{"$$mdtype":"Tag","name":"table","attributes":{"className":"md"},"children":[{"$$mdtype":"Tag","name":"thead","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"th","attributes":{"align":"left","data-label":"Header"},"children":["Header"]},{"$$mdtype":"Tag","name":"th","attributes":{"align":"left","data-label":"Value"},"children":["Value"]}]}]},{"$$mdtype":"Tag","name":"tbody","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["Content-Type"]}]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["application/x-www-form-urlencoded"]}]}]}]}]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Body Parameters (",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["application/x-www-form-urlencoded"]},"):"]}]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"md-table-wrapper"},"children":[{"$$mdtype":"Tag","name":"table","attributes":{"className":"md"},"children":[{"$$mdtype":"Tag","name":"thead","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"th","attributes":{"align":"left","data-label":"Parameter"},"children":["Parameter"]},{"$$mdtype":"Tag","name":"th","attributes":{"align":"left","data-label":"Relevance"},"children":["Relevance"]},{"$$mdtype":"Tag","name":"th","attributes":{"align":"left","data-label":"Description"},"children":["Description"]}]}]},{"$$mdtype":"Tag","name":"tbody","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["grant_type"]}]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":["Required"]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":["Must be set to ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["authorization_code"]},"."]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["code"]}]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":["Required"]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":["The authorization code you received."]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["redirect_uri"]}]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":["Required"]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":["The same ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["redirect_uri"]}," used in the initial authorization request."]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_id"]}]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":["Required"]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":["The Client ID for your application."]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_secret"]}]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":["Required"]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":["The Client Secret for your application."]}]}]}]}]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Example Full Token cURL for a User:"]}]}]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"curl","header":{"controls":{"copy":{}}},"source":"curl --location --request POST 'https://ai.egain.cloud/system/auth/TMPRODB88619984-U/oauth2/token' \\\n--header 'Content-Type: application/x-www-form-urlencoded' \\\n--data-urlencode 'grant_type=authorization_code' \\\n--data-urlencode 'code=def456-gh-ijkl-789-mnopqr' \\\n--data-urlencode 'redirect_uri=https://oauth.pstmn.io/v1/callback' \\\n--data-urlencode 'client_id=b4b2c1d9-4c19-4e8a-8e7a-9a0b1c2d3e4f' \\\n--data-urlencode 'client_secret=aBcDeFgHiJkLmNoPqRsTuVwXyZ12345_67890-AbCdEfGh'\n","lang":"curl"},"children":[]},{"$$mdtype":"Tag","name":"hr","attributes":{},"children":[]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Next Steps:"]}]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/developer-portal/guides/authentication/making-requests"},"children":["Make Authenticated Requests"]}]}]}]},"headings":[{"value":"Authorization Code Flow (for Web Applications)","id":"authorization-code-flow-for-web-applications","depth":1},{"value":"","id":"_","depth":2},{"value":"","id":"_-1","depth":2}],"frontmatter":{"seo":{"title":"Authorization Code Flow (for Web Applications)"}},"lastModified":"2026-05-02T01:58:33.000Z","pagePropGetterError":{"message":"","name":""}},"slug":"/developer-portal/guides/authentication/auth-code-flow","userData":{"isAuthenticated":false,"teams":["anonymous"]},"isPublic":true}