Skip to main content
GET
/
api
/
v1
/
oauth
/
authorize
Authorization Endpoint
curl --request GET \
  --url https://uat.gateway.verify-group.io/api/v1/oauth/authorize \
  --header 'Authorization: Bearer <token>'
import requests

url = "https://uat.gateway.verify-group.io/api/v1/oauth/authorize"

headers = {"Authorization": "Bearer <token>"}

response = requests.get(url, headers=headers)

print(response.text)
const options = {method: 'GET', headers: {Authorization: 'Bearer <token>'}};

fetch('https://uat.gateway.verify-group.io/api/v1/oauth/authorize', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://uat.gateway.verify-group.io/api/v1/oauth/authorize",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"net/http"
"io"
)

func main() {

url := "https://uat.gateway.verify-group.io/api/v1/oauth/authorize"

req, _ := http.NewRequest("GET", url, nil)

req.Header.Add("Authorization", "Bearer <token>")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.get("https://uat.gateway.verify-group.io/api/v1/oauth/authorize")
.header("Authorization", "Bearer <token>")
.asString();
require 'uri'
require 'net/http'

url = URI("https://uat.gateway.verify-group.io/api/v1/oauth/authorize")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Get.new(url)
request["Authorization"] = 'Bearer <token>'

response = http.request(request)
puts response.read_body
Redirect the browser to this endpoint to start the Authorization Code flow. If the user is not already authenticated, they will be sent to the Verify Group login page with the original parameters preserved. Required for Authorization Code flow:
  1. Generate a random code_verifier (43–128 chars)
  2. Compute code_challenge = BASE64URL(SHA256(code_verifier))
  3. Redirect user to this endpoint
  4. After login, user is redirected to your redirect_uri with ?code=...&state=...
  5. Exchange the code at the Token endpoint
response_type
code
required
Must be code.
client_id
string
required
Your OAuth App client_id.
redirect_uri
string
required
Must exactly match a redirect URI registered with your OAuth App.
scope
string
Space-separated scopes. Supported: openid profile email org:read kyc:read claims:read voice:read evidence:read
state
string
Opaque CSRF protection value. Returned unchanged in the redirect.
code_challenge
string
PKCE challenge — BASE64URL(SHA256(code_verifier)). Required for public clients.
code_challenge_method
S256
Must be S256.
nonce
string
OIDC replay protection nonce. Included in the id_token if provided.