- Service Overview
- Billing
- Getting Started
-
User Guide
- Before You Start
- Buying an Instance
- Instance Management
-
Enterprise Administrator Guide
- Logging In to the OneAccess Administrator Portal
- User Management
-
Resources
- Overview
-
Applications
- Adding an Application
- Enabling, Disabling, or Deleting an Application
- General Information
- Authentication Integration
- Synchronization Integration
- Login Configuration
- Access Control
- Object Models
- Authorization Management
- API Permission Management
- Application Permission Management
- Security Settings
- Audit Logs
- APIs
- Authentication
- Security
- Audit
- Settings
- Common User Guide
- Key Operations Recorded by CTS
-
Best Practices
- OneAccess Best Practices
- Identity Source Integration
-
Application Integration
-
Logging In to the Huawei Cloud Through User Portal
- Introduction
- Logging In to Single Huawei Cloud Account via OneAccess Without Password (SAML - Virtual User SSO)
- Logging In to Multiple Huawei Cloud Accounts via OneAccess Without Password (SAML - Virtual User SSO)
- Logging In to Single Huawei Cloud Account via OneAccess Without Password (SAML - IAM User SSO)
- Logging In to Multiple Huawei Cloud Accounts via OneAccess Without Password (SAML - IAM User SSO)
- Logging In to Huawei Cloud via OneAccess Without Password (OIDC)
- SSO Access to Applications Through SAML
- SSO Access to Applications Through OAuth 2.0
- SSO Access to Applications Through OIDC
- SSO Access to Applications Through CAS
- SSO Access to Applications Through Plug-in Autocompletion
-
Logging In to the Huawei Cloud Through User Portal
- Data Synchronization
- Authentication Provider Integration
- Authorizing IAM Users to Access a OneAccess Instance Administrator Portal
- API Usage
- Configuring MFA for User Login
- Developer Guide
-
API Reference
- Before You Start
- API Overview
-
OneAccess APIs
-
Management APIs
- Calling APIs
- Access Credentials
-
User Management
- Creating a User
- Modifying a User
- Deleting a User
- Enabling a User
- Disabling a User
- Changing a User Password
- Verifying and Modifying the Original User Password
- Querying User Details by User ID
- Querying User Details by Username
- Querying the User List
- Authorizing an Application Account
- Querying All Authorized Application Accounts of a User
- Organization Management
- Application Organization Management
- Application Account Management
- Application Role Management
- User APIs
- Application Integration APIs
-
Management APIs
- Appendix
- FAQs
- General Reference
Copied.
Performing Implicit Grant
Function
When a user accesses an integrated application, the application obtains an access token and ID token through implicit grant, and sends a grant request (in redirection mode) to OneAccess. If the grant is successful after the user enters their username and password, OneAccess redirects the user to the application with the access token and ID token.
URI
GET /api/v1/oauth2/authorize
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
client_id |
Yes |
String |
Application ID, which is a client ID allocated to an application after registration. |
redirect_uri |
Yes |
String |
Callback address, which is used by the application to receive the address of OneAccess token (ID token or access token). The address can be the callback address or the domain name entered during application registration. |
response_type |
Yes |
String |
Grant type. Options: id_token or id_token token.
|
scope |
Yes |
String |
Scope of the granted access. The value is fixed at openid. |
state |
No |
String |
Application status, which is used to prevent CSRF attacks. After successful authorization, the status is returned during callback to verify the mapping between the authentication and callback requests. The status can contain letters and digits. |
Request Parameters
None
Response Parameters
Status code: 302
Parameter |
Type |
Description |
---|---|---|
location |
String |
Redirection address used after successful authentication. - If the grant type of list text here is id_token, https://example.com#id_token=eyJraWQiOi.JlNWFlNTg1Mzky.NjA0Njg... is returned. - If the grant type of list text here is id_token token, https://example.com#access_token=f9dd6b8a-4b4f-4380-bf3a-39f8bfbef...&token_type=Bearer&expires_in=7199&id_token=eyJraWQiOi.JlNWFlNTg1Mzky.NjA0Njg... is returned. |
Example Requests
-
Implicit grant is performed based on the grant type value id_token token. In this case, the response carries access_token and id_token.
GET https://{domain_name}/api/v1/oauth2/authorize?response_type=id_token token&client_id=cU0L3GsEq1vuOJ5iQrRSu5AyPnKL8...&redirect_uri=https://example.com&scope=openid&state=test
-
Implicit grant is performed based on the grant type value id_token. In this case, the response carries id_token.
GET https://{domain_name}/api/v1/oauth2/authorize?response_type=id_token&client_id=cU0L3GsEq1vuOJ5iQrRSu5AyPnKL8...&redirect_uri=https://example.com&scope=openid&state=test
Example Responses
None
Status Codes
Status Code |
Description |
---|---|
302 |
The login fails, and the user is redirected to the login page. The login is successful, and the user is redirected to redirect_uri with an access token and ID token. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot