Skip to main content

TokenizedPKCE

This is the flow that mobile apps use to access an API. Use this endpoint to exchange an Authorization Code for a Token.

Properties​

NameTypeDescriptionNotes
var_schemaEmbeddedModelSchema[optional]
grant_typestrDenotes the flow you are using. For Authorization Code, use authorization_code or refresh_token.
client_idstrYour application's Client ID.
codestrThe Authorization Code received from the initial /authorize call.
redirect_uristrThis is required only if it was set at the GET /authorize endpoint. The values must match.
code_verifierstrCryptographically random key that was used to generate the code_challenge passed to /authorize.
audiencestrThe audience domain: i.e. https://pieces.us.auth0.com[optional]