Auth Code Exchange

POST 
/auth/code

Exchanges an authorization code for a JWT id_token and refresh_token. Partners must authenticate with their client_id and client_secret headers.

Request

Responses

200

Successful authorization code exchange.

400

Invalid request payload or missing parameters.

Possible API return codes:

• CIAM-2006: redirect URI mismatch with the original authorization request.

401

Authentication failed due to invalid or missing credentials.

500

IPaaS encountered an internal error.

Possible API return codes:

• MW-CIAM-CS-003: CIAM Application Access Request Token could not be processed.
• CIAM-2010: invalid_grant (code invalid, expired, reused, or already consumed).

default

Unexpected error.