OAuth2 API
Snyk은 Snyk Apps와 주로 사용하기 위한 OAuth2 API를 제공합니다. 이는 RFC 6749를 준수합니다.
대부분의 엔드포인트는 Snyk API 서브도메인에서 제공됩니다(예: https://api.snyk.io), 하나의 예외는 /oauth2/authorize이며 이는 주요 앱 서브도메인에서 제공됩니다(예: https://app.snyk.io).
To be called by the end user to authorize the client application to their Snyk organizations. Success returns a redirect to the provided redirect_uri, containing an authorization code which can be exchanged for an access token.
The type of authorization flow being used. Only "code" is supported for authorization code flow.
codePossible values: The client ID of the client application.
64ae3415-5ccd-49e5-91f0-9101a6793ec2The redirection URI to which the authorization server will redirect the user after granting or denying authorization. Must match one of the URIs set on the client application exactly.
https://example.com/callbackAn opaque value used by the client to maintain state between the authorization request and the authorization callback. Use this value to match client callbacks to the request that spawned them.
random_state_valueA cryptographically secure code challenge derived from a secret code verifier you generate on the client-side as defined in [RFC7636]. It is generated from a hashing a randomly generated string, the code_verifier used when exchanging tokens, then URL safe base 64 encoding the result.
YWVjMDcwNjQ1ZmU1M2VlM2IzNzYzMDU5Mzc2MTM0ZjA1OGNjMzM3MjQ3Yzk3OGFkZDE3OGI2Y2NkZmIwMDE5ZgThe method used to derive the code challenge from the code verifier, only S256 is supported.
S256Possible values: Redirection to authorization server. The Location header is set to the provided redirect_uri so the user's browser should follow this redirect automatically.
GET /oauth2/authorize HTTP/1.1
Host: app.snyk.io
Accept: */*
Redirection to authorization server. The Location header is set to the provided redirect_uri so the user's browser should follow this redirect automatically.
No content
Allows the client application to exchange the authorization code received from the authorization server for an access token.
Successful token request
Invalid request
Forbidden
Unauthorized
An unexpected server error.
POST /oauth2/token HTTP/1.1
Host: api.snyk.io
Content-Type: application/x-www-form-urlencoded
Accept: */*
Content-Length: 203
"grant_type='authorization_code'&code='returned_auth_code'&client_id='64ae3415-5ccd-49e5-91f0-9101a6793ec2'&client_secret='super_secret_client_secret'&code_verifier='your_secure_code_verifier'"{
"access_token": "some_opaque_access_token_string",
"expires_in": 3599,
"refresh_token": "some_opaque_refresh_token_string",
"refresh_expires_in": 15552000,
"token_type": "bearer",
"scope": "org.read org.project.read org.project.snapshot.read",
"bot_id": "95233fa3-33cf-4dd3-a6ac-e040985e1a4f"
}Revokes an otherwise valid refresh token so it can't be reused. This is used when a refresh token is accidentally, or maliciously, leaked.
The client ID of the client application.
64ae3415-5ccd-49e5-91f0-9101a6793ec2The client secret of the client application.
super_secret_client_secretThe refresh token to be revoked.
some_opaque_refresh_token_stringThe token has been revoked, or was invalid.
No content
Invalid request
Forbidden
Unauthorized
An unexpected server error.
POST /oauth2/revoke HTTP/1.1
Host: api.snyk.io
Content-Type: application/x-www-form-urlencoded
Accept: */*
Content-Length: 140
"client_id='64ae3415-5ccd-49e5-91f0-9101a6793ec2'&client_secret='super_secret_client_secret'&token='some_opaque_refresh_token_string'"No content
Last updated