Overview
Users that use your application are first redirected to the LivePerson Identity Service in order to receive an authorization grant in the form of code from our Identity Service. The code is appended to the redirect URL as a parameter (see example below). This code is later used in the token request in order to receive an access token that the application can use in order to interact with LE services.
This call should be made when the application does not posses a valid access token or refresh token.
Request
| Method | URL |
|---|---|
| GET | https://{domain}/sentinel/api/account/{accountid}/authorize?v=1.0&response_type=code&redirect_uri={application callback URL}&client_id={app install id}&state={application state} |
Path Parameters
| Parameter | Description | Type | Required | Notes |
|---|---|---|---|---|
| domain | Sentinel Hostname | String | Required | |
| accountid | LivePerson site ID | String | Required |
Query Parameters
| Parameter | Description | Type | Required | Notes |
|---|---|---|---|---|
| v | API version number | number | Required | Default Value: 1.0 |
| response_type | The grant type desired by the client | String | Required | value must be set to "code" |
| client_id | Installation id provided after application registration (see the Overview for more info) | String | Required | |
| redirect_uri | The client's redirection endpoint. The redirection's end point is provided by the application during the application registration (see the Overview for more info) | String | Optional | Note that according to the OAuth 2.0 RFC, if only one redirection endpoint is provided in the application registration, this parameter is optional. However if multiple redirection endpoints were configured in the registration, then this field is required |
| state | An arbitrary value used by the client to maintain state between the request and callback. You can use this parameter to help your application identify the authorize request and its state when the user returns to the application | String | Optional |
Response
Response Codes
| Code | Response |
|---|---|
| 302 | FOUND — redirect to either: a login page, if the user does not already have a session on the device, back to the application with code, back to the application with error code. See Note below for more info |
| 400 | Bad request — Problem with query parameters |
| 401 | Unauthorized — Bad Authentication (invalid site or application id) |
| 500 | Internal server error |
Notes:
In case the user does not have an active session, they will be redirected to the login page in order to authenticate. After they login successfully, they will then be redirected back to the application's redirect_uri with the code from the LivePerson Identity Service and with the state parameter (optional). In case the user is already authenticated, they will be redirected directly back to the application redirect_uri, without passing through the login page.
In case the request encountered an error, if account id, client id and redirection URL are valid, the user will be redirected back to the application with error and error description parameters.
An example of a successful redirection to application follows below. Note the code parameter appended to the URL:
HTTP/1.1 302 Found
Location: https://le-app.com/cb?code=SplxlOBeZQQYbYS6WxSbIA&state=xyz