iSHARE Developer Portal
Other resources
Version 2.1 (current version)
Version 2.1 (current version)
  • Welcome to the iSHARE Developer Portal
  • Introduction
    • Getting started
      • Test certificates
      • Test participants
      • Postman collections
    • Release info
    • Help & support
    • Specific technical standards
      • JSON Web Token (JWT)
      • OAuth 2.0
      • OpenID Connect 1.0
      • PKI
      • TLS
      • XACML 3.0
      • Caching
      • DID
      • UTC
      • X.509
      • HTTP response codes
    • UI Guidelines
    • Conformance test tool
  • Roles
    • Roles
  • All roles (common endpoints)
    • Access token (M2M)
    • Capabilities
  • Authorisation Registry Role
    • Getting started
    • Access token (M2M)
    • Capabilities
    • Delegation
    • Delegation Policy
  • Entitled Party
    • Getting started
  • Identity Provider
    • Getting started
    • Authorize
    • Login
    • Access token
    • User info
    • Capabilities
  • Participant Registry role
    • Getting started
    • Access token (M2M)
    • Capabilities
    • Parties
    • Parties (single party)
    • Trusted list
    • Versions
    • Data Spaces
    • Create Entitled Party / Service Consumer
  • Service Consumer Role
    • Getting started
  • Service Provider Role
    • Getting started
      • Service
    • Access token (M2M)
    • Capabilities
    • Return
  • Reference
    • iSHARE JWT
      • Client Assertion
    • Authentication
    • Authorization
    • Authorisation rules
Powered by GitBook
LogoLogo

  • Cookie Policy

  • Privacy Policy

  • Imprint

  • Contact Us

Copyright © 2024 iSHARE Foundation

On this page
  1. Service Provider Role

Return

PreviousServiceNextiSHARE JWT

Last updated 2 months ago

This page must be considered part of the iSHARE Framework

This page is considered normative and is therefore compliant with RFC 2119.

Not bound to name return. May have any name the Service Provider chooses.

Example

GET /return?
      code=Dmn-TbSj7OcKl5ym1j5xZsgkabzVP8dMugC81nzmeW4&
      state=ZqVQm4zHaEDyBhzpm1ZRH7fsxy703lq2

Receiving the redirect from the Identity Provider

get

OpenID Connect 1.0 endpoint for receiving the redirect from the Identity Provider or Identity Broker after successful human authentication.

Query parameters
codestringRequired

Authorization code which is going to be used to request for an access token. The authorization code MUST expire shortly after it is issued to mitigate the risk of leaks. A maximum authorization code lifetime of 10 minutes is RECOMMENDED. The client MUST NOT use the authorization code more than once.

statestringRequired

OpenID Connect 1.0 opaque value used to maintain state between the request and the callback. The Service Provider needs to verify if initially sent value towards authorize endpoint is equal to this returned value.

Responses
200
On successful user redirect to the Service Provider, the Service Provider needs to verify state parameter and make use of code parameter in order to retrieve the access token. There are no specific response requirements for this endpoint.
get
GET /return HTTP/1.1
Host: isharetest.net
Accept: */*
200

On successful user redirect to the Service Provider, the Service Provider needs to verify state parameter and make use of code parameter in order to retrieve the access token. There are no specific response requirements for this endpoint.

No content