Using Redirects

When redirecting after an authorization, we will add several url parameters to the redirect so you know what happened during the authorization.

Examples

# Example successful redirect when no state was provided
https://example.com/?referral=123

# Example successful redirect when state was provided
https://example.com/?referral=123&state=mystatehere

# Example redirect with the customer declined
https://example.com/?referral=123&state=mystatehere&error=access_denied&error_description=User%20declined%20authorization

Parameters

Parameter	Description	Example
`referral`	If an Authorization was created, you can look them up in `GET /authorizations?referrals=...`	`referral=1234`
`state`	The `state`, if any, that was specified in the authorization url.	`state=abc123`
`error`	If something went wrong, one of: `invalid_request` `unauthorized_client` `access_denied` `incomplete_registration` `invalid_scope` `server_error` `temporarily_unavailable` `utility_down` `access_invalid` `access_locked`	`error=access_denied`
`error_description`	If something went wrong, a short description explaining what went wrong.	`error_description=We%20are%20down%20%3A(`

NOTE: These redirect parameters are similar to, but are slightly different than OAuth 2.0 redirect parameters (mainly that referral is used instead of OAuth's code). Since we don't need to issue access tokens for each individual Authorization, we can just give you an identifier (referral), and you can filter your /authorizations list with it.

NOTE: The redirect_uri parameter provided to the authorization form must match one of the options set in the Template redirect_uris. If the given URL doesn't match any of the template's redirect_uris then we will return an error when the authorization form is submitted.