...
But for now an Authorization Server for the inttest environment is available. Its endpoints is described in the contents of this URL: http://a90801479291d11e9865602ac812c206-157159182.eu-west-1.elb.amazonaws.cominttest.ehealth.sundhed.dk/auth/realms/inttest/.well-known/openid-configuration
Example authentication
Here is an example URL for an authentication request using HTTP GET, written in a readable format. It should be sent as a single line without spaces or newlines.
| Code Block | ||||
|---|---|---|---|---|
| ||||
http://a90801479291d11e9865602ac812c206-157159182.eu-west-1.elb.amazonaws.cominttest.ehealth.sundhed.dk/auth/realms/inttest/protocol/openid-connect/auth? response_type=code& client_id=<client_id>& redirect_uri=<redirect_uri>& scope=openid+profile& state=<state>& nonce=<nonce>& code_challenge=<challenge>& code_challenge_method=S256 |
The parameters have the following meaning:
- response_type=code – indicates that your server expects to receive an authorization code
- client_id= – A client ID that is registered on the Authorization Server
- redirect_uri= – Indicates the URL to return the user to after authorization is complete, such as org.example.app://redirect or a tradition URL for a webapp https://app.example.org/redirect.
- state=1234zyx – A random string generated by your application, which you’ll verify later
- code_challenge=XXXXXXXXX – The code challenge generated as previously described
- code_challenge_method=S256 – either
plainorS256, depending on whether the challenge is the plain verifier string or the SHA256 hash of the string. If this parameter is omitted, the server will assumeplain.
When the authentication is complete, the browser is redirected back to the given "redirect_uri" (which must be whitelisted in the Authorization Server) including a "code" as a request parameter. This code must be used when calling the token endpoint afterwards.
...