Skip to main content

Redeem a one-time OAuth callback exchange code

POST 

/api/v1/auth/oauth/exchange

Exchange a one-time OAuth callback code for a JWT or 2FA challenge.

The callback endpoint issues a short-lived exchange code and sets a verifier cookie on the frontend origin; the frontend POSTs both back here to receive the actual session token.

  • 400 on missing/expired/mismatched code-verifier pairs.

Request

Responses

Successful Response