Descope

Descope Authentication API

Public, end-user-facing authentication API covering every Descope login experience — One-Time Passwords (email/SMS/voice/IM), Magic Link, Enchanted Link, OAuth/Social, One-Tap, nOTP, TOTP authenticator apps, WebAuthn/Passkeys, password authentication, security questions, recovery codes, SSO/SAML, access keys, session refresh, tenant selection, and IdP-initiated logout. All flows expose `signup`, `signin`, `signup-in`, `verify`, and `update` endpoints where applicable so frontends and mobile SDKs can compose any journey Descope Flows can render.

Descope Authentication API is one of 5 APIs that Descope publishes on the APIs.io network, described by a machine-readable OpenAPI specification.

Tagged areas include Authentication, Passwordless, OAuth, OIDC, and SAML. The published artifact set on APIs.io includes API documentation, an API reference, and an OpenAPI specification.

GitHub OpenAPI

Documentation

📖
Documentation
https://docs.descope.com/api
📖
Documentation
https://docs.descope.com/auth-methods
📖
APIReference
https://docs.descope.com/api/openapi-spec

Specifications

OpenAPI
https://raw.githubusercontent.com/api-evangelist/descope/refs/heads/main/openapi/descope-openapi.yml

OpenAPI Specification

descope-openapi.yml Raw ↑ 
openapi: 3.0.3
info:
  title: Descope API
  description: Descope API
  contact:
    name: Descope
    url: https://descope.com
    email: [email protected]
  version: 0.0.1
servers:
  - url: https://api.descope.com
    description: Descope Production
  - url: '{customUrl}'
    description: Custom server URL
    variables:
      customUrl:
        default: https://api.descope.com
        description: Your Descope API base URL
paths:
  /oauth2/v1/apps/agentic/{project_id}/{mcp_server_id}/authorize:
    get:
      tags: []
      description: Third Party application authorization GET endpoint by MCP server ID
      operationId: ThirdPartyApplicationAuthorizeGetByMcpServerID
      parameters:
        - name: project_id
          in: path
          required: true
          schema:
            type: string
        - name: mcp_server_id
          in: path
          required: true
          schema:
            type: string
        - name: response_type
          in: query
          description: >-
            RFC 9101 §6.3: when a JAR `request` parameter is present,
            response_type and
             redirect_uri may be omitted from the outer query and carried inside the JWT.
             The controller validates the resolved values after JAR processing.
          schema:
            type: string
        - name: scope
          in: query
          schema:
            type: string
        - name: client_id
          in: query
          schema:
            type: string
        - name: state
          in: query
          schema:
            type: string
        - name: redirect_uri
          in: query
          schema:
            type: string
        - name: code_challenge_method
          in: query
          description: PKCE
          schema:
            type: string
        - name: code_challenge
          in: query
          schema:
            type: string
        - name: nonce
          in: query
          schema:
            type: string
        - name: loginHint
          in: query
          schema:
            type: string
        - name: prompt
          in: query
          schema:
            type: string
        - name: flow
          in: query
          schema:
            type: string
        - name: flow_token
          in: query
          schema:
            type: string
        - name: resource
          in: query
          description: RFC 8707 - OAuth 2.0 Resource Indicators
          schema:
            type: array
            items:
              type: string
        - name: tenant
          in: query
          schema:
            type: string
        - name: style
          in: query
          schema:
            type: string
        - name: dpop_jkt
          in: query
          schema:
            type: string
        - name: request
          in: query
          schema:
            type: string
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application authorization GET endpoint by MCP server ID
        keywords: api, third party apps
    post:
      tags: []
      description: Third Party application authorization POST endpoint by MCP server ID
      operationId: ThirdPartyApplicationAuthorizePOSTByMcpServerID
      parameters:
        - name: project_id
          in: path
          required: true
          schema:
            type: string
        - name: mcp_server_id
          in: path
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ThirdPartyApplicationAuthZEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application authorization POST endpoint by MCP server ID
        keywords: api, third party apps
  /oauth2/v1/apps/agentic/{project_id}/{mcp_server_id}/token:
    post:
      tags: []
      description: Third Party application token endpoint by MCP server ID
      operationId: ThirdPartyApplicationTokenEndpointByMcpServerID
      parameters:
        - name: project_id
          in: path
          required: true
          schema:
            type: string
        - name: mcp_server_id
          in: path
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ThirdPartyApplicationTokenEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OIDCTokenEndpointResponse'
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application token endpoint by MCP server ID
        keywords: api, third party apps
  /oauth2/v1/apps/authorize:
    get:
      tags: []
      description: Third Party application authorization GET endpoint
      operationId: ThirdPartyApplicationAuthorizeGet
      parameters:
        - name: response_type
          in: query
          description: >-
            RFC 9101 §6.3: when a JAR `request` parameter is present,
            response_type and
             redirect_uri may be omitted from the outer query and carried inside the JWT.
             The controller validates the resolved values after JAR processing.
          schema:
            type: string
        - name: scope
          in: query
          schema:
            type: string
        - name: client_id
          in: query
          schema:
            type: string
        - name: state
          in: query
          schema:
            type: string
        - name: redirect_uri
          in: query
          schema:
            type: string
        - name: code_challenge_method
          in: query
          description: PKCE
          schema:
            type: string
        - name: code_challenge
          in: query
          schema:
            type: string
        - name: nonce
          in: query
          schema:
            type: string
        - name: loginHint
          in: query
          schema:
            type: string
        - name: prompt
          in: query
          schema:
            type: string
        - name: flow
          in: query
          schema:
            type: string
        - name: flow_token
          in: query
          schema:
            type: string
        - name: resource
          in: query
          description: RFC 8707 - OAuth 2.0 Resource Indicators
          schema:
            type: array
            items:
              type: string
        - name: project_id
          in: query
          schema:
            type: string
        - name: tenant
          in: query
          schema:
            type: string
        - name: mcp_server_id
          in: query
          schema:
            type: string
        - name: style
          in: query
          schema:
            type: string
        - name: dpop_jkt
          in: query
          schema:
            type: string
        - name: request
          in: query
          schema:
            type: string
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: thirdPartyApps
      security: []
      title: Get Authorization
      summary: Get Authorization Endpoint
      x-meta:
        title: Get Authorization Endpoint | Third Party Apps
        description: Third Party application authorization GET endpoint
        keywords: api, third party apps
    post:
      tags: []
      description: Third Party application authorization POST endpoint
      operationId: ThirdPartyApplicationAuthorize
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ThirdPartyApplicationAuthZEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: thirdPartyApps
      security: []
      title: Post Authorization
      summary: Post Authorization Endpoint
      x-meta:
        title: Post Authorization Endpoint | Third Party Apps
        description: Third Party application authorization POST endpoint
        keywords: api, third party apps
  /oauth2/v1/apps/bc-authorize:
    post:
      tags: []
      description: Third Party application CIBA backchannel authentication endpoint
      operationId: ThirdPartyApplicationCIBAEndpoint
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CIBAAuthRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CIBAAuthResponse'
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application CIBA backchannel authentication endpoint
        keywords: api, third party apps
  /oauth2/v1/apps/device:
    post:
      tags: []
      description: Third Party application device endpoint
      operationId: ThirdPartyApplicationDeviceEndpoint
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OIDCDeviceEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OIDCDeviceEndpointResponse'
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application device endpoint
        keywords: api, third party apps
  /oauth2/v1/apps/finish-authorize:
    post:
      tags: []
      description: Third Party application authorization finish endpoint
      operationId: ThirdPartyApplicationFinish
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ThirdPartyApplicationFinishEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: thirdPartyApps
      security: []
      title: Finish Authorization
      summary: Finish Authorization Endpoint
      x-meta:
        title: Finish Authorization Endpoint | Third Party Apps
        description: Third Party application authorization finish endpoint
        keywords: api, third party apps
  /oauth2/v1/apps/revoke:
    post:
      tags: []
      description: OIDC revoke endpoint
      operationId: ThirdPartyApplicationRevocationEndpoint
      requestBody:
        content:
          application/json:
            schema:
              $ref: >-
                #/components/schemas/ThirdPartyApplicationRevocationEndpointRequest
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: thirdPartyApps
      security: []
      title: OIDC revoke endpoint
      summary: OIDC revoke endpoint
      x-meta:
        title: OIDC revoke endpoint | Third Party Apps
        description: OIDC revoke endpoint
        keywords: api, third party apps
  /oauth2/v1/apps/token:
    post:
      tags: []
      description: Third Party application token endpoint
      operationId: ThirdPartyApplicationTokenEndpoint
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ThirdPartyApplicationTokenEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OIDCTokenEndpointResponse'
      x-publishYaml: thirdPartyApps
      security: []
      title: Third Party application token endpoint
      summary: Third Party application token endpoint
      x-meta:
        title: Third Party application token endpoint | Third Party Apps
        description: Third Party application token endpoint
        keywords: api, third party apps
  /oauth2/v1/apps/userinfo:
    get:
      tags: []
      description: Third Party application Get UserInfo endpoint
      operationId: ThirdPartyApplicationUserInfoEndpointGet
      parameters:
        - name: project_id
          in: query
          description: Can be empty as data arrived on the Authorization header token
          schema:
            type: string
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: >-
                  #/components/schemas/ThirdPartyApplicationUserInfoEndpointResponse
      x-publishYaml: thirdPartyApps
      security: []
      title: Get UserInfo
      summary: Third Party application Get UserInfo endpoint
      x-meta:
        title: Third Party application Get UserInfo endpoint | Third Party Apps
        description: Third Party application Get UserInfo endpoint
        keywords: api, third party apps
    post:
      tags: []
      description: Third Party application Post UserInfo endpoint
      operationId: ThirdPartyApplicationUserInfoEndpointPost
      requestBody:
        content:
          application/json:
            schema:
              $ref: >-
                #/components/schemas/ThirdPartyApplicationUserInfoEndpointRequest
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: >-
                  #/components/schemas/ThirdPartyApplicationUserInfoEndpointResponse
      x-publishYaml: thirdPartyApps
      security: []
      title: Post UserInfo
      summary: Third Party application Post UserInfo endpoint
      x-meta:
        title: Third Party application Post UserInfo endpoint | Third Party Apps
        description: Third Party application Post UserInfo endpoint
        keywords: api, third party apps
  /oauth2/v1/apps/{project_id}/authorize:
    get:
      tags: []
      description: Third Party application authorization GET endpoint
      operationId: ThirdPartyApplicationAuthorizeGetByProjectID
      parameters:
        - name: project_id
          in: path
          required: true
          schema:
            type: string
        - name: response_type
          in: query
          description: >-
            RFC 9101 §6.3: when a JAR `request` parameter is present,
            response_type and
             redirect_uri may be omitted from the outer query and carried inside the JWT.
             The controller validates the resolved values after JAR processing.
          schema:
            type: string
        - name: scope
          in: query
          schema:
            type: string
        - name: client_id
          in: query
          schema:
            type: string
        - name: state
          in: query
          schema:
            type: string
        - name: redirect_uri
          in: query
          schema:
            type: string
        - name: code_challenge_method
          in: query
          description: PKCE
          schema:
            type: string
        - name: code_challenge
          in: query
          schema:
            type: string
        - name: nonce
          in: query
          schema:
            type: string
        - name: loginHint
          in: query
          schema:
            type: string
        - name: prompt
          in: query
          schema:
            type: string
        - name: flow
          in: query
          schema:
            type: string
        - name: flow_token
          in: query
          schema:
            type: string
        - name: resource
          in: query
          description: RFC 8707 - OAuth 2.0 Resource Indicators
          schema:
            type: array
            items:
              type: string
        - name: tenant
          in: query
          schema:
            type: string
        - name: mcp_server_id
          in: query
          schema:
            type: string
        - name: style
          in: query
          schema:
            type: string
        - name: dpop_jkt
          in: query
          schema:
            type: string
        - name: request
          in: query
          schema:
            type: string
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application authorization GET endpoint
        keywords: api, third party apps
    post:
      tags: []
      description: Third Party application authorization POST endpoint
      operationId: ThirdPartyApplicationAuthorizePostByProjectID
      parameters:
        - name: project_id
          in: path
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ThirdPartyApplicationAuthZEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application authorization POST endpoint
        keywords: api, third party apps
  /oauth2/v1/apps/{project_id}/bc-authorize:
    post:
      tags: []
      description: Third Party application CIBA backchannel authentication endpoint
      operationId: ThirdPartyApplicationCIBAEndpoint
      parameters:
        - name: project_id
          in: path
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CIBAAuthRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CIBAAuthResponse'
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application CIBA backchannel authentication endpoint
        keywords: api, third party apps
  /oauth2/v1/apps/{project_id}/device:
    post:
      tags: []
      description: Third Party application device endpoint
      operationId: ThirdPartyApplicationDeviceEndpoint
      parameters:
        - name: project_id
          in: path
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OIDCDeviceEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OIDCDeviceEndpointResponse'
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application device endpoint
        keywords: api, third party apps
  /oauth2/v1/apps/{project_id}/revoke:
    post:
      tags: []
      description: Third Party application revoke endpoint by project ID
      operationId: ThirdPartyApplicationRevocationEndpointByProjectID
      parameters:
        - name: project_id
          in: path
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: >-
                #/components/schemas/ThirdPartyApplicationRevocationEndpointRequest
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application revoke endpoint by project ID
        keywords: api, third party apps
  /oauth2/v1/apps/{project_id}/token:
    post:
      tags: []
      description: Third Party application token endpoint by project ID
      operationId: ThirdPartyApplicationTokenEndpointByProjectID
      parameters:
        - name: project_id
          in: path
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ThirdPartyApplicationTokenEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OIDCTokenEndpointResponse'
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application token endpoint by project ID
        keywords: api, third party apps
  /oauth2/v1/apps/{project_id}/userinfo:
    get:
      tags: []
      description: Third Party application Get UserInfo endpoint by project ID
      operationId: ThirdPartyApplicationUserInfoEndpointGetByProjectID
      parameters:
        - name: project_id
          in: path
          description: Can be empty as data arrived on the Authorization header token
          required: true
          schema:
            type: string
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: >-
                  #/components/schemas/ThirdPartyApplicationUserInfoEndpointResponse
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application Get UserInfo endpoint by project ID
        keywords: api, third party apps
    post:
      tags: []
      description: Third Party application POST UserInfo endpoint by project ID
      operationId: ThirdPartyApplicationUserInfoEndpointPostByProjectID
      parameters:
        - name: project_id
          in: path
          description: Can be empty as data arrived on the Authorization header token
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: >-
                #/components/schemas/ThirdPartyApplicationUserInfoEndpointRequest
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: >-
                  #/components/schemas/ThirdPartyApplicationUserInfoEndpointResponse
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application POST UserInfo endpoint by project ID
        keywords: api, third party apps
  /v1/mgmt/inboundapp/app/{projectId}/register:
    post:
      tags: []
      description: Register Third Party Application according to RFC 7591
      operationId: RegisterThirdPartyApplication
      parameters:
        - name: projectId
          in: path
          description: Auto fill by proto from the requested URL
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: >-
                #/components/schemas/managementv1.RegisterThirdPartyApplicationRequest
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: >-
                  #/components/schemas/managementv1.RegisterThirdPartyApplicationResponse
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Register Third Party Application according to RFC 7591
        keywords: api, third party apps
  /v1/mgmt/mcp/client/{projectId}/{mcpServerId}/register:
    post:
      tags: []
      description: Register MCP Server client according to RFC 7591
      operationId: RegisterMcpServerClient
      parameters:
        - name: projectId
          in: path
          description: Auto fill by proto from the requested URL
          required: true
          schema:
            type: string
        - name: mcpServerId
          in: path
          description: Auto fill by proto from the requested URL (only in agentic hub)
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: >-
                #/components/schemas/managementv1.RegisterThirdPartyApplicationRequest
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: >-
                  #/components/schemas/managementv1.RegisterThirdPartyApplicationResponse
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Register MCP Server client according to RFC 7591
        keywords: api, third party apps
  /oauth2/v1/authorize:
    get:
      tags: []
      summary: OIDC Authorize
      description: OIDC GET authorization endpoint start
      operationId: OIDCAuthZEndpointGetStart
      parameters:
        - name: response_type
          in: query
          schema:
            type: string
        - name: scope
          in: query
          schema:
            type: string
        - name: client_id
          in: query
          schema:
            type: string
        - name: state
          in: query
          schema:
            type: string
        - name: redirect_uri
          in: query
          schema:
            type: string
        - name: code_challenge_method
          in: query
          description: PKCE
          schema:
            type: string
        - name: code_challenge
          in: query
          schema:
            type: string
        - name: dynamic_val
          in: query
          schema:
            type: string
        - name: nonce
          in: query
          schema:
            type: string
        - name: ssoAppId
          in: query
          schema:
            type: string
        - name: loginHint
          in: query
          schema:
            type: string
        - name: prompt
          in: query
          schema:
            type: string
        - name: flow
          in: query
          schema:
            type: string
        - name: flow_token
          in: query
          schema:
            type: string
        - name: tenant
          in: query
          schema:
            type: string
        - name: style
          in: query
          schema:
            type: string
        - name: dpop_jkt
          in: query
          schema:
            type: string
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: federatedApps
      security: []
      x-meta:
        title: OIDC Authorize | Federated Apps
        description: OIDC GET authorization endpoint start
        keywords: api, federated apps
    post:
      tags: []
      summary: OIDC Authorize
      description: OIDC POST authorization endpoint start
      operationId: OIDCAuthZEndpointPostStart
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OIDCAuthZEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: federatedApps
      security: []
      x-meta:
        title: OIDC Authorize | Federated Apps
        description: OIDC POST authorization endpoint start
        keywords: api, federated apps
  /oauth2/v1/authorize/entramfa:
    post:
      tags: []
      summary: OIDC Authorize Entra MFA
      description: OIDC Entra MFA authorization endpoint
      operationId: OIDCAuthZEndpointEntraMFA
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OIDCAuthZEntraMFAEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: federatedApps
      security: []
      x-meta:
        title: OIDC Authorize Entra MFA | Federated Apps
        description: OIDC Entra MFA authorization endpoint
        keywords: api, federated apps
  /oauth2/v1/device:
    post:
      tags: []
      summary: OIDC Device
      description: OIDC device endpoint
      operationId: OIDCDeviceEndpoint
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OIDCDeviceEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OIDCDeviceEndpointResponse'
      x-publishYaml: federatedApps
      security: []
      x-meta:
        title: OIDC Device | Federated Apps
        description: OIDC device endpoint
        keywords: api, federated apps
  /oauth2/v1/finish-authorize:
    get:
      tags: []
      summary: OIDC Finish Authorize
      description: OIDC POST authorization endpoint finish
      operationId: OIDCAuthZEndpointFinishPost
      parameters:
        - name: state_id
          in: query
          schema:
            type: string
        - name: sso_app_id
          in: query
          schema:
            type: string
        - name: error_redirect_uri
          in: query
          schema:
            type: string
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: federatedApps
      security: []
      x-meta:
        title: OIDC Finish Authorize | Federated Apps
        description: OIDC POST authorization endpoint finish
        keywords: api, federated apps
    post:
      tags: []
      summary: OIDC Finish Authorize
      description: OIDC GET authorization endpoint finish
      operationId: OIDCAuthZEndpointFinishGet
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OIDCAuthZEndpointFinishRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
          

# --- truncated at 32 KB (807 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/descope/refs/heads/main/openapi/descope-openapi.yml