Process Authorization Request
This API parses request parameters of an authorization request and returns necessary data for the authorization server implementation to process the authorization request further.
authlete authorization process-request [flags]
authlete authorization process-request --service-id <id> --parameters response_type=code&client_id=26478243745571&redirect_uri=https%3A%2F%2Fmy-client.example.com%2Fcb1&scope=timeline.read+history.read&code_challenge=E9Melhoa2OwvFrEMTJguCHaoeK1t8URWbuGJSstw-cM&code_challenge_method=S256
--body string Request body as JSON (alternative to individual flags). Can also be provided via stdin.
--cimd-options string Options for [OAuth Client ID Metadata Document](https://datatracker.ietf.org/doc/draft-ietf-oauth-client-id-metadata-document/) (CIMD).
These options allow per-request control over CIMD behavior, taking precedence over service-level configuration when provided.
--context /auth/authorization The arbitrary text to be attached to the ticket that will be issued from the /auth/authorization
API.
The text can be retrieved later by the `/auth/authorization/ticket/info` API and can be updated
by the `/auth/authorization/ticket/update` API.
The text will be compressed and encrypted when it is saved in the Authlete database.
-h, --help help for process-request
-p, --parameters GET OAuth 2.0 authorization request parameters which are the request parameters that the OAuth 2.0 authorization endpoint of
the authorization server implementation received from the client application.
The value of parameters is either (1) the entire query string when the HTTP method of the request from the client application is GET
or (2) the entire entity body (which is formatted in `application/x-www-form-urlencoded`) when the HTTP method of the request from
the client application is `POST`.
[required]
-s, --service-id string A service ID. [required]
--agent-mode Enable structured errors and default TOON output for AI coding agents. Automatically enabled when a known agent environment is detected (CLAUDE_CODE, CURSOR_AGENT, etc.). Use --agent-mode=false to disable.
--bearer Authorization: Bearer <token> Authenticate every request with a **Service Access Token** or **Organization Token**.
Set the token value in the Authorization: Bearer <token> header.
**Service Access Token**: Scoped to a single service. Use when automating service-level configuration or runtime flows.
**Organization Token**: Scoped to the organization; inherits permissions across services. Use for org-wide automation or when managing multiple services programmatically.
Both token types are issued by the Authlete console or provisioning APIs.
--color string Control colored output: auto (color when output is a TTY), always, or never. Respects NO_COLOR and FORCE_COLOR env vars. (default "auto")
-d, --debug Log request and response diagnostics to stderr
--dry-run Preview the request that would be sent without executing it (output to stderr)
-H, --header stringArray Set a custom HTTP request header (format: "Key: Value"). Can be specified multiple times.
--include-headers Include HTTP response headers in the output
-q, --jq string Filter and transform output using a jq expression (e.g., '.name', '.items[] | .id')
--no-interactive Disable all interactive features (auto-prompting, explorer auto-launch, TUI forms)
-o, --output-format string Specify the output format. Options: pretty, json, yaml, table, toon. (default "pretty")
--server string Select a server by index (for indexed servers) or name (for named servers)
--server-url string Override the default server URL
--timeout string HTTP request timeout (e.g., 30s, 5m, 100ms)
--usage Print the CLI Usage schema in KDL format
- authlete authorization - Operations for authorization