Thank you for your feedback.
Form temporarily unavailable. Please try again or contact to submit your comments.

Authorization code flow state parameter requirement

Log in to subscribe to topics and get notified when content changes.

Authorization code flow state parameter requirement

The glide.oauth.state.paramater.required system property enables the State parameter to be required in an OAuth request for authorization code flow.

State parameter

Beginning in the Madrid release, the system property glide.oauth.state.parameter.required adds a State parameter for an OAuth request. For zbooted instances, the property is true. For upgraded instances, the property is not present, so the State parameter is not enabled. The State parameter is a string value, and should not contain special characters. The State parameter cannot be empty or “ ”.

Validating the state parameter

Create an endpoint for clients to access the instance. Initiate an authorization code flow for an For example:
If you do not specify the state parameter in the request, you get an error and the authorization code is not returned.Missing State parameter in request.
Adding the State parameter to the request:
Adding the State parameter redirects you to the login screen and the regular authorization code flow returns the authorization code.
Note: The response URL contains the state parameter passed in the request. In the example, the added parameter is state=123.
If the authorization code flow starts from
The State parameter is automatically added when redirected by