4.7.1 Authorization Code Request
Below is the initial authorization code request made by the client. Note that the client requests the "user_impersonation" scope, because only an access token that was granted with this scope can be used later when making an OAuth on-behalf-of request.
-
GET /authorize?response_type=code&client_id=s6BhdRkqt3 &resource=https%3A%2F%2Fresource_server1 &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcb &scope=user_impersonation HTTP/1.1 Host: server.example.com