OAuth Authorization
Successful invocation of this API will result in the user being redirected to the URL specified in the redirect_uri parameter.
GET
/oauth/authorization
Request Body
application/json
{
"apiKey" : "abc123",
"signature" : "string",
"response_type" : "code",
"redirect_uri" : "https://website.company.com/page",
"verifier" : "abc123::2017-08-31T15:00:10.495Z",
"state": "state"
}
| Parameter | Type | Validations |
|---|---|---|
| apiKey | string, required | Configured in Rev client. |
| signature | string, required | A 64-base encoded string computed from the hash generated by signing verifier (parameter below) using a HMAC SHA 256 algorithm. It uses the apiKey secret as the key for signing. This is to make sure that the API sending the request has the right secret key and that it has not been compromised. This value must be URL encoded. |
| response_type | string, required | Set the value for this parameter to code. This value is also case-sensitive. |
| redirect_uri | string, required | URL of Web page to load after Rev credentials have been entered by the user. This page is where the final authentication steps will be performed and from which all subsequent API calls may be made. This value must be URL encoded. |
| state | string, optional | Used to pass State information from the invoking application. The State information will be passed to the redirect_uri page when it is loaded. |
| verifier | string, required | This is a combination of apiKey and current timestamp in UTC (in the format “apiKey::timestamp”) that is used for verifying the authorization request. The date/time stamp used typically will be the current date/time at the time of the request. It must meet the following criteria. UTC format, less than 30 minutes from the current time, in a valid date and time format. This value must be URL encoded. |