Get OIDC Auth Request details

Get OIDC Auth Request details by ID, obtained from the redirect URL. Returns details that are parsed from the application's Auth Request.

Path Parameters

authRequestId string required

ID of the Auth Request, as obtained from the redirect URL.

Responses

• 200
• 403
• 404
• default

---

OK

application/json

application/grpc

application/grpc-web+proto

Schema

Example (from schema)

---

Schema

authRequest object

id string

ID of the authorization request

creationDate date-time

Time when the auth request was created

clientId string

OIDC client ID of the application that created the auth request

scope string[]

Requested scopes by the application, which the user must consent to.

redirectUri string

Base URI that points back to the application

prompt string[]

Possible values: [PROMPT_UNSPECIFIED, PROMPT_NONE, PROMPT_LOGIN, PROMPT_CONSENT, PROMPT_SELECT_ACCOUNT, PROMPT_CREATE]

Prompts that must be displayed to the user

uiLocales string[]

End-User's preferred languages and scripts for the user interface, represented as a list of BCP47 [RFC5646] language tag values, ordered by preference. For instance, the value [fr-CA, fr, en] represents a preference for French as spoken in Canada, then French (without a region designation), followed by English (without a region designation). An error SHOULD NOT result if some or all of the requested locales are not supported.

loginHint string

Login hint can be set by the application with a user identifier such as an email or phone number.

maxAge string

Specifies the allowable elapsed time in seconds since the last time the End-User was actively authenticated. If the elapsed time is greater than this value, or the field is present with 0 duration, the user must be re-authenticated.

hintUserId string

User ID taken from a ID Token Hint if it was present and valid.

{
  "authRequest": {
    "id": "string",
    "creationDate": "2024-06-11T10:37:14.130Z",
    "clientId": "string",
    "scope": [
      "string"
    ],
    "redirectUri": "string",
    "prompt": [
      "PROMPT_UNSPECIFIED"
    ],
    "uiLocales": [
      "string"
    ],
    "loginHint": "string",
    "maxAge": "string",
    "hintUserId": "string"
  }
}

Schema

Example (from schema)

---

Schema

authRequest object

id string

ID of the authorization request

creationDate date-time

Time when the auth request was created

clientId string

OIDC client ID of the application that created the auth request

scope string[]

Requested scopes by the application, which the user must consent to.

redirectUri string

Base URI that points back to the application

prompt string[]

Possible values: [PROMPT_UNSPECIFIED, PROMPT_NONE, PROMPT_LOGIN, PROMPT_CONSENT, PROMPT_SELECT_ACCOUNT, PROMPT_CREATE]

Prompts that must be displayed to the user

uiLocales string[]

End-User's preferred languages and scripts for the user interface, represented as a list of BCP47 [RFC5646] language tag values, ordered by preference. For instance, the value [fr-CA, fr, en] represents a preference for French as spoken in Canada, then French (without a region designation), followed by English (without a region designation). An error SHOULD NOT result if some or all of the requested locales are not supported.

loginHint string

Login hint can be set by the application with a user identifier such as an email or phone number.

maxAge string

Specifies the allowable elapsed time in seconds since the last time the End-User was actively authenticated. If the elapsed time is greater than this value, or the field is present with 0 duration, the user must be re-authenticated.

hintUserId string

User ID taken from a ID Token Hint if it was present and valid.

{
  "authRequest": {
    "id": "string",
    "creationDate": "2024-06-11T10:37:14.130Z",
    "clientId": "string",
    "scope": [
      "string"
    ],
    "redirectUri": "string",
    "prompt": [
      "PROMPT_UNSPECIFIED"
    ],
    "uiLocales": [
      "string"
    ],
    "loginHint": "string",
    "maxAge": "string",
    "hintUserId": "string"
  }
}

Schema

Example (from schema)

---

Schema

authRequest object

id string

ID of the authorization request

creationDate date-time

Time when the auth request was created

clientId string

OIDC client ID of the application that created the auth request

scope string[]

Requested scopes by the application, which the user must consent to.

redirectUri string

Base URI that points back to the application

prompt string[]

Possible values: [PROMPT_UNSPECIFIED, PROMPT_NONE, PROMPT_LOGIN, PROMPT_CONSENT, PROMPT_SELECT_ACCOUNT, PROMPT_CREATE]

Prompts that must be displayed to the user

uiLocales string[]

End-User's preferred languages and scripts for the user interface, represented as a list of BCP47 [RFC5646] language tag values, ordered by preference. For instance, the value [fr-CA, fr, en] represents a preference for French as spoken in Canada, then French (without a region designation), followed by English (without a region designation). An error SHOULD NOT result if some or all of the requested locales are not supported.

loginHint string

Login hint can be set by the application with a user identifier such as an email or phone number.

maxAge string

Specifies the allowable elapsed time in seconds since the last time the End-User was actively authenticated. If the elapsed time is greater than this value, or the field is present with 0 duration, the user must be re-authenticated.

hintUserId string

User ID taken from a ID Token Hint if it was present and valid.

{
  "authRequest": {
    "id": "string",
    "creationDate": "2024-06-11T10:37:14.130Z",
    "clientId": "string",
    "scope": [
      "string"
    ],
    "redirectUri": "string",
    "prompt": [
      "PROMPT_UNSPECIFIED"
    ],
    "uiLocales": [
      "string"
    ],
    "loginHint": "string",
    "maxAge": "string",
    "hintUserId": "string"
  }
}

Returned when the user does not have permission to access the resource.

application/json

application/grpc

application/grpc-web+proto

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Returned when the resource does not exist.

application/json

application/grpc

application/grpc-web+proto

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

An unexpected error response.

application/json

application/grpc

application/grpc-web+proto

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

GET /v2beta/oidc/auth_requests/:authRequestId

Authorization

name: OAuth2type: oauth2scopes: openid,urn:zitadel:iam:org:project:id:zitadel:audflows: {
  "authorizationCode": {
    "authorizationUrl": "$CUSTOM-DOMAIN/oauth/v2/authorize",
    "tokenUrl": "$CUSTOM-DOMAIN/oauth/v2/token",
    "scopes": {
      "openid": "openid",
      "urn:zitadel:iam:org:project:id:zitadel:aud": "urn:zitadel:iam:org:project:id:zitadel:aud"
    }
  }
}

Request

Base URL

https://$CUSTOM-DOMAIN

Bearer Token

authRequestId — path required

Accept

application/jsonapplication/grpcapplication/grpc-web+proto

curl / cURL

curl -L -X GET 'https://$CUSTOM-DOMAIN/v2beta/oidc/auth_requests/:authRequestId' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

python / requests

curl -L -X GET 'https://$CUSTOM-DOMAIN/v2beta/oidc/auth_requests/:authRequestId' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

go / native

curl -L -X GET 'https://$CUSTOM-DOMAIN/v2beta/oidc/auth_requests/:authRequestId' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

nodejs / axios

curl -L -X GET 'https://$CUSTOM-DOMAIN/v2beta/oidc/auth_requests/:authRequestId' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

ruby / Net::HTTP

curl -L -X GET 'https://$CUSTOM-DOMAIN/v2beta/oidc/auth_requests/:authRequestId' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

csharp / RestSharp

curl -L -X GET 'https://$CUSTOM-DOMAIN/v2beta/oidc/auth_requests/:authRequestId' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

php / cURL

curl -L -X GET 'https://$CUSTOM-DOMAIN/v2beta/oidc/auth_requests/:authRequestId' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

java / OkHttp

curl -L -X GET 'https://$CUSTOM-DOMAIN/v2beta/oidc/auth_requests/:authRequestId' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

powershell / RestMethod

curl -L -X GET 'https://$CUSTOM-DOMAIN/v2beta/oidc/auth_requests/:authRequestId' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'