Authorization Failed

There was an error during the authorization process

Error
error_code
Description
Error description
Back to Home

Authorization Successful!

OAuth 2.1 Authorization Code Flow - Step 1 Complete

Authorization Code
authorization_code_here
State
state_value

📝 Next Steps: Exchange Code for Tokens

  1. Copy the authorization code from above
  2. Use the code verifier from your original PKCE challenge
  3. Make a POST request to the token endpoint (see example below)
# Step 2: Exchange authorization code for access token curl -X POST http://localhost:9000/oauth2/token \ -H "Content-Type: application/x-www-form-urlencoded" \ -d "grant_type=authorization_code" \ -d "code=YOUR_CODE" \ -d "redirect_uri=http://127.0.0.1:8080/authorized" \ -d "client_id=public-client" \ -d "code_verifier=YOUR_CODE_VERIFIER" # For confidential clients, use Basic Auth: curl -X POST http://localhost:9000/oauth2/token \ -u confidential-client:secret \ -H "Content-Type: application/x-www-form-urlencoded" \ -d "grant_type=authorization_code" \ -d "code=YOUR_CODE" \ -d "redirect_uri=http://127.0.0.1:8080/authorized" \ -d "code_verifier=YOUR_CODE_VERIFIER"
⚠️ Important Notes
  • Authorization codes are single-use and expire quickly (typically 5-10 minutes)
  • You must use the same redirect_uri as in the authorization request
  • For public clients, the code_verifier parameter is required (PKCE)
  • The code verifier must match the code challenge used in the authorization request
Back to Home Start New Authorization

OAuth 2.1 Authorization Server

Powered by Spring Authorization Server 7.0.0