4.7.1 Authorization Code Request

Below is the initial authorization code request made by the client. Note that the client requests the "user_impersonation" scope, because only an access token that was granted with this scope can be used later when making an OAuth on-behalf-of request.

 GET /authorize?response_type=code&client_id=s6BhdRkqt3
   &resource=https%3A%2F%2Fresource_server1
   &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcb 
   &scope=user_impersonation HTTP/1.1
 Host: server.example.com