Create uri
Ledyer Access utilizes the OAuth 2.0 authorization code flow.
Your client credentials are sensitive and carry many privileges. Ensure their security by not sharing them in publicly accessible areas such as GitHub, email, instant messaging, or client-side code.
We will validate the constructed url and provide as detailed feedback as possible if something does not match.
Configuration
Configure your chosen OAuth2 library with the parameters outlined below.
Parameters
country
OptionalSpecify the country code (ISO 3166-1 alpha-2), such as SE, FI, etc. If omitted, the default is SE.
redirect_uri
The Redirect URI is where the response will be sent. This URI MUST exactly match one of the Redirection URIs registered in your Ledyer Access client account.
response_type
The response type. The only valid value is code.
scope
This property takes a space separated list. Use openid onboarding for the onboarding flow and openid for the login flow.
state
The state is an opaque value used to maintain state between the request and the callback. It's crucial to generate a "state" to protect the client from CSRF attacks. This can be a random string that the client generates and stores in the session. Your app will verify that the state parameter in the redirect from Ledyer matches the one that was created at the start of the flow.
ui_locales
OptionalThe user's preferred languages and scripts for the UI, represented as a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference. For example: "sv-SE en-US".
After generating a valid state value, construct the authorization request URL and proceed to the client integration.