AuthorizationCodeTokenRequest

The Authorization Code Token Request is the second step of the OAuth 2.0 Authorization Code Flow, where the client exchanges the authorization code (obtained from the authorization endpoint) for an access token. The request is made to the token endpoint using a POST request with the required parameters, ensuring secure communication and proper client authentication.

client_idstringrequired

The unique identifier of the client as registered with the authorization server.

Example: a771a1923bd403603831a2425df818a4

client_secretstringrequired

The secret associated with the client, used for confidential client authentication.

Example: g9812dqwrgbd4036038311vwef25dfcdw5

codestringrequired

The authorization code received from the authorization server during the authorization request.

Example: 2addb9e34dcc427f05fefcb045327e8a

redirect_uristringrequired

The same redirect URI used in the initial authorization request, ensuring the request matches the earlier step.

Example: https://redirect.example.com/cb

code_verifierstringrequired

A cryptographic string that matches the code_challenge sent in the authorization request, used to secure public clients.

Example: dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk

scopestring

The scope of the requested access token. Can be used to restrict the new access token to a subset of the scope allowed to the client and token type.

Example: whitelabelWallet

digital_fingerprintstringrequired

Unique identifier assigned to individual users or devices, used to create their digital identity.

Example: bb229878-c877-4cc3-91c4-2030c34be28a

AuthorizationCodeTokenRequest

{
  "client_id": "a771a1923bd403603831a2425df818a4",
  "client_secret": "g9812dqwrgbd4036038311vwef25dfcdw5",
  "code": "2addb9e34dcc427f05fefcb045327e8a",
  "redirect_uri": "https://redirect.example.com/cb",
  "code_verifier": "dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk",
  "scope": "whitelabelWallet",
  "digital_fingerprint": "bb229878-c877-4cc3-91c4-2030c34be28a"
}