Interface AuthorizationParams

An array of authentication context class references (ACRs).

A hint to the authorization server about the desired authenticator the client wishes to authenticate the user with

A cryptographic hash used for proof key for code exchange (PKCE).

The method used to generate the code challenge, either plain or S256.

The desired user interface mode

A hint to the authorization server about the user's identifier

Maximum allowed time in seconds since the last End-User authentication.

A random string used to associate to the ID token to prevent replay attacks

The desired authentication behaviour.

• none: User is not prompted to sign in.
• login: Prompt the user to log in even if the user is already authenticated.
• consent: Prompt the user for consent.
• select_account: Prompt the user to sign in.
• create: Prompt the user to sign up.

The URI to redirect the user to after successful sign in

A signed JWT containing the authorization request parameters

The request uri obtained from pushed authorization request. When this parameter is set, all other properties are ignored

Space-separated list of resources the access token should be scoped to

The response mode for the authorization response.

• form_post: Form-encoded POST request.
• query: URI query parameters.
• fragment: URI fragment.

The desired response type from the authorization server.

• code: Authorization code flow.
• token: Implicit flow.
• id_token: Implicit flow with ID token.
• id_token token: Implicit flow with ID token and access token.
• code id_token: Authorization code flow with ID token.
• code token: Authorization code flow with access token.
• code id_token token: Authorization code flow with ID token and access token.

Space-separated list of scopes requested from the authorization server

A random string used to prevent CSRF attacks

User's preferred languages and scripts for the user interface