Support
Product Releases
Blog

Getting Started

Authentication v3

Concepts

Systems Apps

User Apps

Authentication Endpoints

Product Catalog

Product Catalog API - Overview

Developer Guide

Attributes & Attribute Mapping

Orders

Allocations

Orders (3.0.0)

Backorders Preorders

Exports

Developer Guide

Invoices

Shopping Lists

Shopping List Items

Notifications

Orders

Returns

Cancellations

Tracking

Frauds

Payments

Appeasements

Credits

Shipments

Shipping Methods

Shipping Method Items

Webhooks

Orders FAQ(s)

Inventory

Inventory (3.0.0)

Networks

Inventory

Counters

Locations

Inventory FAQ(s)

Integrations

Overview

Algolia standard integration

Avalara standard integration

Constructor.io standard integration

Stripe standard integration

Offers

Offers (3.0.0)

Real-time Pricing Engine

Promotions

Webhook Events

Redemptions

Priced Products

Product Exclusion Lists

Price Types

Coupons

Coupon Codes

Segments

Prices

Price Methods

Price Controls

Price Lists

Add-ons

Exports

Imports

Attributes

Cart

Cart (3.0.0)

Carts

Line Items

Adjustments

Cart FAQ(s)

Shipping Details

Checkout

Checkout (3.0.0)

Checkout Session

Checkout FAQ(s)

Customers

Customer Profile

Customer Address

Customer Self

Quickstart

Merchant Experience Quickstart Guide

Shopper Experience Quickstart Guide

Authorize `userapp` with and without PKCE

Use this endpoint to authenticate userapp(s) using fabric Identity. When calling this endpoint, the immediate response will be a browser redirect to the hosted Login page configured in fabric Identity. After successful authentication of the user on the hosted Login page, fabric Identity will redirect back to the userapp using the provided redirect_uri. This endpoint supports both authorization code flow with and without Proof of Code Exchange (PKCE).
Note: This endpoint is not required for sysapp authentication (refer to /token endpoint instead)

GET

https://{customer_name}.login.fabric.inc

oauth2

default

authorize

curl --request GET \
  --url https://{customer_name}.login.fabric.inc/oauth2/default/v1/authorize

Query Parameters

client_id

string

required

Client ID of the userapp

response_type

string

required

Type of the response expected. This should always be set to code (as per OAuth 2.0 grant type, refer to https://datatracker.ietf.org/doc/html/rfc6749#page-19) for additional info.

scope

string

required

Scope of the endpoint call. This should always be set to openid (as per OpenID Connect standard. Refer to https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest for additional info)

redirect_uri

string

required

Redirect URI of the userapp is where fabric Identity will redirect the user upon successful login. This URI should be hosted by the userapp. As part of the redirect, you will receive the auth code (as code query parameter) which can then be exchanged for the access token (refer to /token).

state

string

required

Random string created by the userapp. It is used to maintain state between the request and the callback. The state helps mitigate Cross-Site Request Forgery (CSRF) when it is cryptographically derived from a browser cookie that signifies the the user or session.

code_challenge_method

string

Required only when using authorization code flow with PKCE. <br /> A code challenge method supported by PKCE specification. fabric Identity only supports the value of S256 (Refer to https://datatracker.ietf.org/doc/html/rfc7636#section-4.2 for additional info). This parameter is mandatory for authorization code flow with PKCE and is not required for the regular authorization code flow.

code_challenge

string

required

Required only when using authorization code flow with PKCE. The code challenge created by the userapp as per the specification on PKCE - https://datatracker.ietf.org/doc/html/rfc7636#section-4.2.

Was this page helpful?

curl --request GET \
  --url https://{customer_name}.login.fabric.inc/oauth2/default/v1/authorize