Privicore
  1. OAuth Application
Privicore
  • Privicore API
  • Utility
    • Utility
    • Check server health
      GET
    • Request command id status
      GET
  • Profile
    • Profile Model and Authentication Workflow
    • Register new profile
      POST
    • Authenticate
      POST
    • Retrieve profile id
      GET
    • Change password
      POST
    • Generate qr token for authorization
      POST
    • Reauthorize authorization token
      POST
    • Revoke authorization token
      POST
    • Retrieve token expiry
      POST
  • OAuth Application
    • OAuth Application Management
    • Register OAuth Application
      POST
    • Retrieve OAuth app configuration
      POST
    • Request OAuth app authorization code
      GET
    • Retrieve OAuth app authorization code
      POST
    • Obtain OAuth app access token
      POST
    • OAuth application list
      GET
    • Retrieve OAuth application scope
      GET
    • Refresh OAuth app access token
      POST
  • Public key
    • Public and Private Key Management
    • Generate your private and public keys
      GET
    • Register public key
      POST
    • Retrieve public key
      GET
    • Retrieve CAB public key
      GET
  • Data Token
    • Data Token Management
    • Reserve token space
    • Retrieve temporary data token
    • Exchange data for token
    • Upstream file via stream auth
    • Request data via token
    • Download data
    • Configure information security risk meta
    • Configure file meta
    • List data tokens
    • Update data token
    • Delete data
  • Device
    • Device Management
    • Request unique identifier (i.e. Register new device)
    • Retrieve unique identifier
    • Retrieve profile devices
    • Configure device meta
    • Approve device
    • Reject device
    • Retrieve device configuration
    • Remove device
  • Storage
    • Storage Device Management
    • Register storage device
    • List storage devices
    • Synchronize device
    • Remove storage
  • Verified authenticator
    • Authenticator and Voting Management
    • Register authenticator
    • List verified authenticators
    • Retrieve voting strategy
    • Set quorum size
    • Set quorum strategy
    • Set voting time limit
    • Set maximum voting attempts
    • Remove authenticator
    • Register voting configuration
    • Update voting configuration
    • List voting configurations
    • Retrieve voting configuration
  • Policy
    • List policy templates
    • Register policy
    • List active policies
    • List inactive policies
    • Activate policy
    • Deactivate policy
    • Delete policy
    • List registered policies
    • Retrieve registered policy
  • Directory
    • Register Directory
    • Retrieve owned Directories
    • Retrieve assigned directories
    • Retrieve Directory
    • Create Directory User
    • Update user information
    • Invite Profile
    • Set profile password
    • List Directory Invites
    • Process Invitation
    • Retrieve directory profile
    • List directory users
    • Directory profiles info
    • Create profile device
    • Add storage device to profile
    • List directory devices
    • Create directory voting pool
    • Store directory meta information
  • Voting
    • Create voting
    • Check pool status
  • Schemas
    • Response
      • CommandAccepted
      • Unauthorized
      • ValidationErrors
    • Schemas
    • profileId
    • deviceIdentifier
    • directoryId
    • directoryName
    • directoryShortName
    • givenName
    • familyName
    • createdAt
    • meta
  1. OAuth Application

Retrieve OAuth app authorization code

POST
/oauth-application/retrieve-authorization-code

Retrieve OAuth Application Authorization Code#

Overview#

Complete the authorization request by retrieving the authorization code using the request ID and nonce from the previous step.

Retrieve OAuth Application Authorization Code#

Endpoint: POST /oauth-application/retrieve-authorization-code
Authentication: Required (Basic authentication using client_id and client_secret)
Header:
Authorization: Basic {btoa(client_id + ':' + client_secret)}

Request Parameters#

ParameterTypeRequiredDescription
idstringYesThe request ID returned from the authorization code request
noncestringYesMust match the nonce used in the authorization request

Response Fields#

FieldDescription
clientIdThe OAuth Application's client ID
nonceThe nonce value used for this authorization flow
authorizationCodeThe authorization code to exchange for an access token
expiresAtISO 8601 timestamp when the authorization code expires

Use Case#

This endpoint completes the authorization flow initiated by the request authorization code endpoint. The OAuth Application must authenticate using Basic authentication (client ID and secret encoded in base64) and provide both the request id and the matching nonce. The returned authorization code is temporary and must be exchanged for an access token before it expires.
The nonce must exactly match the value used in the authorization request
The authorization code is single-use and expires at the specified timestamp
Basic authentication format: Basic base64(client_id:client_secret)

Request

Header Params

Body Params application/x-www-form-urlencoded

Request Code Samples

Shell
JavaScript
Java
Swift
Go
PHP
Python
HTTP
C
C#
Objective-C
Ruby
OCaml
Dart
R
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request POST 'https://sandbox.privicore.com:9009/oauth-application/retrieve-authorization-code' \
--header 'Authorization;' \
--data-urlencode 'id=' \
--data-urlencode 'nonce='

Responses

🟢200Success
application/json
OK
Body

Example
{
    "clientId": "example_client_id",
    "nonce": "example_nonce",
    "authorizationCode": "example_authorization_code",
    "expiresAt": "2025-02-10T10:03:06+00:00"
}
🟠401401
🟠404404
🟠422422
Modified at 2025-12-09 10:38:41
Previous
Request OAuth app authorization code
Next
Obtain OAuth app access token
Built with