/v3/connect/authHosted OAuth - Authorization Request
The initial OAuth 2.0 authorization request. Use this endpoint with the required query parameters to start the OAuth 2.0 process. The query parameters pass details to the Nylas API about how the user should authenticate, and where they should go after authenticating. This endpoint supports the authorization code flow and optional PKCE settings for client-side only applications. For more information, see the Hosted OAuth with access token and Hosted OAuth with access token and PKCE documentation.
Query parameters
The connector provider type that you set up with Nylas for this application. If the provider isn't set, the user is directed to the Nylas Hosted login page and prompted to select their provider. Multiple providers can be set as a comma-separated list.
Your project's callback URI (used as the OAuth redirect_uri). This is where the OAuth provider sends a user after they authenticate using Hosted OAuth. This must be URL-encoded.
Specifies the type of response Nylas returns for the authorization flow. Should be set to code for the OAuth 2.0 flow, and adminconsent for the Microsoft admin consent service flow.
A space-delimited list of scopes that identify the resources that your application may access on the user's behalf. If no scopes are set, Nylas uses the default connector scopes.
(Optional) The prompt for the Hosted login page. This parameter can accept multiple values separated by a comma, without spaces in between. The order of the prompts affects the UI of the Hosted login page.
If provider is not set, the user is redirected to the provider page directly, and the prompt
is ignored.
(Optional) The state of the grant, returned after authentication. The maximum length is 256 characters.
Prefill the login name (usually the email address) during the authentication flow. If a grant already exists for the provided email address, Nylas automatically re-authenticates the grant.
Specifies whether Nylas should return a refresh token along with the exchange token. This isn't suitable for client-side or JavaScript applications.
Specifies a Base64-encoded code_verifier without padding. The verifier is used as a server-side challenge during the authorization code exchange.
Specifies the method used to encode the code_verifier. The verifier is used as a server-side challenge during the authorization code exchange.
The ID of an existing Nylas connector's credential record.
If you set the response_type value to code then you can use the credential to override an OAuth connector's default settings and create a grant. You need to create a credential record before you can make a credential override request. If not provided, connector's default "active_credential_id" is used.
If you set the response_type value to adminconsent, with provider Microsoft, then this will be the OAuth of Microsoft's Service Account Admin Consent flow. You need to set up the Microsoft connector with an Admin Consent credential before you can make this request.