Create AgeKey Authorization
The Create AgeKey authorization endpoint initiates the AgeKey creation flow for users. Your application should redirect the user's browser to this endpoint with the pre-generated PAR request_uri to start the AgeKey creation process.
OAuth 2.0 Specification
This endpoint implements the OAuth 2.0 Authorization Endpoint with Pushed Authorization Request (PAR) support by using the returned request_uri parameter.
Authorization endpoint
- cURL
- JavaScript
- Python
curl -X GET "https://api.agekey.org/v1/oidc/create" \
-G \
-d "scope=openid" \
-d "response_type=none" \
-d "client_id=your-client-id" \
-d "redirect_uri=https://yourapp.com/agekey/create-callback" \
-d "request_uri=urn:agekey:request:AjcP1Yt7Np0"
const params = new URLSearchParams({
scope: 'openid',
response_type: 'none',
client_id: 'your-client-id',
redirect_uri: 'https://yourapp.com/agekey/create-callback',
request_uri: 'urn:agekey:request:AjcP1Yt7Np0'
});
const authUrl = `https://api.agekey.org/v1/oidc/create?${params.toString()}`;
window.location.href = authUrl;
from urllib.parse import urlencode
params = {
'scope': 'openid',
'response_type': 'none',
'client_id': 'your-client-id',
'redirect_uri': 'https://yourapp.com/agekey/create-callback',
'request_uri': 'urn:agekey:request:AjcP1Yt7Np0'
}
auth_url = f"https://api.agekey.org/v1/oidc/create?{urlencode(params)}"
Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
scope | string | Yes | Always set to openid |
response_type | string | Yes | Always set to none |
client_id | string | Yes | Your AgeKey client ID |
redirect_uri | string | Yes | Same URI used in PAR request |
request_uri | string | Yes | The Request URI from PAR response |
Response
On success, users are redirected to your redirect_uri:
https://yourapp.com/agekey/create-callback?state=abc123xyz789
note
Unlike the Use AgeKey flow, no id_token is returned. Success is indicated by the absence of an error parameter.