Help Instance Help

Authorization flow

Basic PKCE Flow

The client app creates a unique string value, code_verifier, which it hashes and encodes as a code_challenge. When the client app initiates the first part of the Authorization Code flow, it sends a hashed code_challenge.

Once the user authenticates and the authorization code is returned to the client app, it requests an access_token in exchange for the authorization code.

In this step, the client app must include the original unique string value in the code_verifier parameter. If the codes match, the authentication is complete and an access_token is returned.

OAuth Authorization description

Actual flow of DigiDoe has some exceptions which are described below.

Credentials

To Invoke the requests below you need to receive following credentials from DigiDoe:

  • Client_Id – Identifier of your client application.

  • Client_Secret – Not included in standard PKCE, but used in DigiDoe flow.

  • Client_Tenant – Identifier of tenant on DigiDoe side where Customers will be actually registered.

Flow

Flow
Last modified: 19 января 2024
Description Authorization code request