GET oauth/authorize

This guide covers how an ORCID member client can GET an OAuth Authorization Code for a specific access scope. The code can be exchanged with an oauth/token call for an OAuth Access Token.

Also see 3-legged OAuth Authorization for general information about obtaining an OAuth Access Tokens using the OAuth "dance."

 

Resource URL

Environment Resource URL
Sandbox https://sandbox.orcid.org/oauth/authorize
Production Registry https://orcid.org/oauth/authorize

 

Parameters

client_id
required
The client id value <client-id> from ORCID client application registration
scope
required
The authorization scope being requested. You will need to match your requested scope to the future API requests that you will want to make. In addition, some authorizations last longer than others, so you may need to carefully time your request. See the ORCID Scopes for more information.
response_type
required
The type of response that you will get as a result of this call. Value for this call must be.
code
redirect_uri
required
The URL where you will return the user when the authorization is complete. The value of this URL must match one registered as part of your ORCID client application registration, and must match the one you will send in the oauth/token call.
 
NOTE: If your client application has only one redirect_uri, this field may be omitted from the call and will be filled in automatically from your client registration.
state
optional (though recommended by the OAuth framework)
An opaque value used to maintain state between the request and callback. When ORCID redirects the user bac to your redirect_uri, this parameter's value will be included in the response. You should use this value to protect against cross-site request forgery.
family_names
optional
The researcher's family name, used to fill the registration form.
given_names
optional
The researcher's given name, used to fill the registration form.
email
optional
The researcher's email address, used to fill the sign-in or registration form. If the email address is in the ORCID database it will populate the sign in form, if the email is not in the database it will populate the registration form
lang
optional
The language to display the authorization page in
show_login
optional
Determines if the log-in or registration form will show by default, set to true or false

For examples of these parameters see Customize the OAuth Login Screen.

 

Header:

N/A

 

Response:

code

The authorization code will be returned as a parameter on your callback URI. (Remember that you requested a response type of "code"?) The code will be used in your oauth/token call. See see 3-legged OAuth Authorization for more information on the process.

 

Examples:

GET oauth/authorize request to gain permission to read a user's record. Replace the bolded information below with your own client ID, scopes, and redirect URI.

https://sandbox.orcid.org/oauth/authorize?client_id=APP-NPXKK6HFN6TJ4YYI&response_type=code&scope=/read-limited&redirect_uri=https://developers.google.com/oauthplayground