-
Notifications
You must be signed in to change notification settings - Fork 0
Description
There needs to be a function that an App can call within IndieWebKit that builds and makes the Authentication Request. It will need to be able to customize the callback per app.
The client builds the authentication request URL by starting with the discovered authorization_endpoint URL and adding the following parameters to the query component:
me - The user's profile URL
client_id - The client URL
redirect_uri - The redirect URL indicating where the user should be redirected to after approving the request
state - A parameter set by the client which will be included when the user is redirected back to the client. This is used to prevent CSRF attacks. The authorization server MUST return the unmodified state value back to the client.
response_type=id - (optional) Indicates to the authorization server that this is an authentication request. If this parameter is missing, the authorization endpoint MUST default to id.