Clerk docs

OAuth2 Identify Provider

Requests for the OAuth2 authorization flow.

Request OAuth2 authorization

Request OAuth2 authorization. If successful, receive authorization grant via redirect.

Responses
200

Success for 'form_post' response mode

302

Redirect, no body.

303

Redirect, no body.

400

Bad request error, for example a request parameter is invalid.

401

Unauthorized error, for example the provided client is invalid.

403

Forbidden error, for example you are trying to use a satellite domain

get/oauth/authorize

Request OAuth2 authorization

Request OAuth2 authorization. If successful, receive authorization grant via redirect.

Responses
200

Success for 'form_post' response mode

302

Redirect, no body.

303

Redirect, no body.

400

Bad request error, for example a request parameter is invalid.

401

Unauthorized error, for example the provided client is invalid.

403

Forbidden error, for example you are trying to use a satellite domain

post/oauth/authorize

Get OAuth2 token

Get OAuth2 token in exchange for a valid authorization grant.

Responses
200

Fetch token for OAuth2 flow

400

Bad request error, for example a request parameter is invalid.

401

Unauthorized error, for example the provided client is invalid.

403

Forbidden error, for example you are trying to use a satellite domain

post/oauth/token
Response samples
application/json
{
  • "access_token": "string",
  • "token_type": "string",
  • "expires_in": 0,
  • "refresh_token": "string",
  • "scope": "string",
  • "id_token": "string"
}

Get user info after OAuth2 flow

Get user info in exchange for a valid OAuth2 access token.

Responses
200

Get user info after successful OAuth2 flow

400

Request was not successful

401

Request was not successful

403

Request was not successful

get/oauth/userinfo
Response samples
application/json
{
  • "object": "string",
  • "instance_id": "string",
  • "user_id": "string",
  • "sub": "string",
  • "email": "string",
  • "email_verified": true,
  • "family_name": "string",
  • "given_name": "string",
  • "name": "string",
  • "username": "string",
  • "preferred_username": "string",
  • "picture": "string",
  • "public_metadata": { },
  • "private_metadata": { },
  • "unsafe_metadata": { }
}

Get user info after OAuth2 flow

Get user info in exchange for a valid OAuth2 access token.

Responses
200

Get user info after successful OAuth2 flow

400

Request was not successful

401

Request was not successful

403

Request was not successful

post/oauth/userinfo
Response samples
application/json
{
  • "object": "string",
  • "instance_id": "string",
  • "user_id": "string",
  • "sub": "string",
  • "email": "string",
  • "email_verified": true,
  • "family_name": "string",
  • "given_name": "string",
  • "name": "string",
  • "username": "string",
  • "preferred_username": "string",
  • "picture": "string",
  • "public_metadata": { },
  • "private_metadata": { },
  • "unsafe_metadata": { }
}

Get information for an access or refresh token

Get information for an access or refresh token

Request
Request Body schema: application/x-www-form-urlencoded
token
required
string

The value of the access or the refresh token

token_type_hint
string or null

A hint about the type of the token submitted for introspection. Can be one of the following access_token and refresh_token

scope
string or null

The granted scopes for the token to check against

Responses
200

Get information for an access or refresh token

401

Unauthorized error, for example the provided client is invalid.

422

You are currently using the legacy OAuth 2.0 provider, please migrate to the new one via Clerk Dashboard.

post/oauth/token_info
Request samples
application/x-www-form-urlencoded
token=string&token_type_hint=string&scope=string
Response samples
application/json
{
  • "active": true,
  • "client_id": "string",
  • "iat": 0,
  • "scope": "string",
  • "sub": "string"
}
➔ Next to OAuth2 Callbacks