Descope

Descope OAuth Applications API

Standards-compliant OAuth 2.1 / OIDC authorization server endpoints that let Descope act as an identity provider for inbound third-party applications and agentic clients. Covers the full `/oauth2/v1/...` surface — authorize, token, revoke, userinfo, device authorization, CIBA backchannel authorization, and dedicated agentic / MCP-server registration paths (`/oauth2/v1/apps/agentic/{project_id}/{mcp_server_id}/authorize|token`) for AI agents that need delegated user credentials. Supports PKCE, JAR (RFC 9101) request objects, DPoP, and dynamic client registration via SCIM v2.

Descope OAuth Applications API is one of 5 APIs that Descope publishes on the APIs.io network, described by a machine-readable OpenAPI specification.

Tagged areas include OAuth, OIDC, Inbound Apps, Third-Party, and Federation. The published artifact set on APIs.io includes API documentation and an OpenAPI specification.

GitHub OpenAPI

Documentation

📖
Documentation
https://docs.descope.com/inbound-apps

Specifications

OpenAPI
https://raw.githubusercontent.com/api-evangelist/descope/refs/heads/main/openapi/descope-openapi.yml

OpenAPI Specification

descope-openapi.yml Raw ↑ 
openapi: 3.0.3
info:
  title: Descope API
  description: Descope API
  contact:
    name: Descope
    url: https://descope.com
    email: [email protected]
  version: 0.0.1
servers:
  - url: https://api.descope.com
    description: Descope Production
  - url: '{customUrl}'
    description: Custom server URL
    variables:
      customUrl:
        default: https://api.descope.com
        description: Your Descope API base URL
paths:
  /oauth2/v1/apps/agentic/{project_id}/{mcp_server_id}/authorize:
    get:
      tags: []
      description: Third Party application authorization GET endpoint by MCP server ID
      operationId: ThirdPartyApplicationAuthorizeGetByMcpServerID
      parameters:
        - name: project_id
          in: path
          required: true
          schema:
            type: string
        - name: mcp_server_id
          in: path
          required: true
          schema:
            type: string
        - name: response_type
          in: query
          description: >-
            RFC 9101 §6.3: when a JAR `request` parameter is present,
            response_type and
             redirect_uri may be omitted from the outer query and carried inside the JWT.
             The controller validates the resolved values after JAR processing.
          schema:
            type: string
        - name: scope
          in: query
          schema:
            type: string
        - name: client_id
          in: query
          schema:
            type: string
        - name: state
          in: query
          schema:
            type: string
        - name: redirect_uri
          in: query
          schema:
            type: string
        - name: code_challenge_method
          in: query
          description: PKCE
          schema:
            type: string
        - name: code_challenge
          in: query
          schema:
            type: string
        - name: nonce
          in: query
          schema:
            type: string
        - name: loginHint
          in: query
          schema:
            type: string
        - name: prompt
          in: query
          schema:
            type: string
        - name: flow
          in: query
          schema:
            type: string
        - name: flow_token
          in: query
          schema:
            type: string
        - name: resource
          in: query
          description: RFC 8707 - OAuth 2.0 Resource Indicators
          schema:
            type: array
            items:
              type: string
        - name: tenant
          in: query
          schema:
            type: string
        - name: style
          in: query
          schema:
            type: string
        - name: dpop_jkt
          in: query
          schema:
            type: string
        - name: request
          in: query
          schema:
            type: string
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application authorization GET endpoint by MCP server ID
        keywords: api, third party apps
    post:
      tags: []
      description: Third Party application authorization POST endpoint by MCP server ID
      operationId: ThirdPartyApplicationAuthorizePOSTByMcpServerID
      parameters:
        - name: project_id
          in: path
          required: true
          schema:
            type: string
        - name: mcp_server_id
          in: path
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ThirdPartyApplicationAuthZEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application authorization POST endpoint by MCP server ID
        keywords: api, third party apps
  /oauth2/v1/apps/agentic/{project_id}/{mcp_server_id}/token:
    post:
      tags: []
      description: Third Party application token endpoint by MCP server ID
      operationId: ThirdPartyApplicationTokenEndpointByMcpServerID
      parameters:
        - name: project_id
          in: path
          required: true
          schema:
            type: string
        - name: mcp_server_id
          in: path
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ThirdPartyApplicationTokenEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OIDCTokenEndpointResponse'
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application token endpoint by MCP server ID
        keywords: api, third party apps
  /oauth2/v1/apps/authorize:
    get:
      tags: []
      description: Third Party application authorization GET endpoint
      operationId: ThirdPartyApplicationAuthorizeGet
      parameters:
        - name: response_type
          in: query
          description: >-
            RFC 9101 §6.3: when a JAR `request` parameter is present,
            response_type and
             redirect_uri may be omitted from the outer query and carried inside the JWT.
             The controller validates the resolved values after JAR processing.
          schema:
            type: string
        - name: scope
          in: query
          schema:
            type: string
        - name: client_id
          in: query
          schema:
            type: string
        - name: state
          in: query
          schema:
            type: string
        - name: redirect_uri
          in: query
          schema:
            type: string
        - name: code_challenge_method
          in: query
          description: PKCE
          schema:
            type: string
        - name: code_challenge
          in: query
          schema:
            type: string
        - name: nonce
          in: query
          schema:
            type: string
        - name: loginHint
          in: query
          schema:
            type: string
        - name: prompt
          in: query
          schema:
            type: string
        - name: flow
          in: query
          schema:
            type: string
        - name: flow_token
          in: query
          schema:
            type: string
        - name: resource
          in: query
          description: RFC 8707 - OAuth 2.0 Resource Indicators
          schema:
            type: array
            items:
              type: string
        - name: project_id
          in: query
          schema:
            type: string
        - name: tenant
          in: query
          schema:
            type: string
        - name: mcp_server_id
          in: query
          schema:
            type: string
        - name: style
          in: query
          schema:
            type: string
        - name: dpop_jkt
          in: query
          schema:
            type: string
        - name: request
          in: query
          schema:
            type: string
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: thirdPartyApps
      security: []
      title: Get Authorization
      summary: Get Authorization Endpoint
      x-meta:
        title: Get Authorization Endpoint | Third Party Apps
        description: Third Party application authorization GET endpoint
        keywords: api, third party apps
    post:
      tags: []
      description: Third Party application authorization POST endpoint
      operationId: ThirdPartyApplicationAuthorize
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ThirdPartyApplicationAuthZEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: thirdPartyApps
      security: []
      title: Post Authorization
      summary: Post Authorization Endpoint
      x-meta:
        title: Post Authorization Endpoint | Third Party Apps
        description: Third Party application authorization POST endpoint
        keywords: api, third party apps
  /oauth2/v1/apps/bc-authorize:
    post:
      tags: []
      description: Third Party application CIBA backchannel authentication endpoint
      operationId: ThirdPartyApplicationCIBAEndpoint
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CIBAAuthRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CIBAAuthResponse'
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application CIBA backchannel authentication endpoint
        keywords: api, third party apps
  /oauth2/v1/apps/device:
    post:
      tags: []
      description: Third Party application device endpoint
      operationId: ThirdPartyApplicationDeviceEndpoint
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OIDCDeviceEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OIDCDeviceEndpointResponse'
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application device endpoint
        keywords: api, third party apps
  /oauth2/v1/apps/finish-authorize:
    post:
      tags: []
      description: Third Party application authorization finish endpoint
      operationId: ThirdPartyApplicationFinish
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ThirdPartyApplicationFinishEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: thirdPartyApps
      security: []
      title: Finish Authorization
      summary: Finish Authorization Endpoint
      x-meta:
        title: Finish Authorization Endpoint | Third Party Apps
        description: Third Party application authorization finish endpoint
        keywords: api, third party apps
  /oauth2/v1/apps/revoke:
    post:
      tags: []
      description: OIDC revoke endpoint
      operationId: ThirdPartyApplicationRevocationEndpoint
      requestBody:
        content:
          application/json:
            schema:
              $ref: >-
                #/components/schemas/ThirdPartyApplicationRevocationEndpointRequest
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: thirdPartyApps
      security: []
      title: OIDC revoke endpoint
      summary: OIDC revoke endpoint
      x-meta:
        title: OIDC revoke endpoint | Third Party Apps
        description: OIDC revoke endpoint
        keywords: api, third party apps
  /oauth2/v1/apps/token:
    post:
      tags: []
      description: Third Party application token endpoint
      operationId: ThirdPartyApplicationTokenEndpoint
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ThirdPartyApplicationTokenEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OIDCTokenEndpointResponse'
      x-publishYaml: thirdPartyApps
      security: []
      title: Third Party application token endpoint
      summary: Third Party application token endpoint
      x-meta:
        title: Third Party application token endpoint | Third Party Apps
        description: Third Party application token endpoint
        keywords: api, third party apps
  /oauth2/v1/apps/userinfo:
    get:
      tags: []
      description: Third Party application Get UserInfo endpoint
      operationId: ThirdPartyApplicationUserInfoEndpointGet
      parameters:
        - name: project_id
          in: query
          description: Can be empty as data arrived on the Authorization header token
          schema:
            type: string
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: >-
                  #/components/schemas/ThirdPartyApplicationUserInfoEndpointResponse
      x-publishYaml: thirdPartyApps
      security: []
      title: Get UserInfo
      summary: Third Party application Get UserInfo endpoint
      x-meta:
        title: Third Party application Get UserInfo endpoint | Third Party Apps
        description: Third Party application Get UserInfo endpoint
        keywords: api, third party apps
    post:
      tags: []
      description: Third Party application Post UserInfo endpoint
      operationId: ThirdPartyApplicationUserInfoEndpointPost
      requestBody:
        content:
          application/json:
            schema:
              $ref: >-
                #/components/schemas/ThirdPartyApplicationUserInfoEndpointRequest
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: >-
                  #/components/schemas/ThirdPartyApplicationUserInfoEndpointResponse
      x-publishYaml: thirdPartyApps
      security: []
      title: Post UserInfo
      summary: Third Party application Post UserInfo endpoint
      x-meta:
        title: Third Party application Post UserInfo endpoint | Third Party Apps
        description: Third Party application Post UserInfo endpoint
        keywords: api, third party apps
  /oauth2/v1/apps/{project_id}/authorize:
    get:
      tags: []
      description: Third Party application authorization GET endpoint
      operationId: ThirdPartyApplicationAuthorizeGetByProjectID
      parameters:
        - name: project_id
          in: path
          required: true
          schema:
            type: string
        - name: response_type
          in: query
          description: >-
            RFC 9101 §6.3: when a JAR `request` parameter is present,
            response_type and
             redirect_uri may be omitted from the outer query and carried inside the JWT.
             The controller validates the resolved values after JAR processing.
          schema:
            type: string
        - name: scope
          in: query
          schema:
            type: string
        - name: client_id
          in: query
          schema:
            type: string
        - name: state
          in: query
          schema:
            type: string
        - name: redirect_uri
          in: query
          schema:
            type: string
        - name: code_challenge_method
          in: query
          description: PKCE
          schema:
            type: string
        - name: code_challenge
          in: query
          schema:
            type: string
        - name: nonce
          in: query
          schema:
            type: string
        - name: loginHint
          in: query
          schema:
            type: string
        - name: prompt
          in: query
          schema:
            type: string
        - name: flow
          in: query
          schema:
            type: string
        - name: flow_token
          in: query
          schema:
            type: string
        - name: resource
          in: query
          description: RFC 8707 - OAuth 2.0 Resource Indicators
          schema:
            type: array
            items:
              type: string
        - name: tenant
          in: query
          schema:
            type: string
        - name: mcp_server_id
          in: query
          schema:
            type: string
        - name: style
          in: query
          schema:
            type: string
        - name: dpop_jkt
          in: query
          schema:
            type: string
        - name: request
          in: query
          schema:
            type: string
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application authorization GET endpoint
        keywords: api, third party apps
    post:
      tags: []
      description: Third Party application authorization POST endpoint
      operationId: ThirdPartyApplicationAuthorizePostByProjectID
      parameters:
        - name: project_id
          in: path
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ThirdPartyApplicationAuthZEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application authorization POST endpoint
        keywords: api, third party apps
  /oauth2/v1/apps/{project_id}/bc-authorize:
    post:
      tags: []
      description: Third Party application CIBA backchannel authentication endpoint
      operationId: ThirdPartyApplicationCIBAEndpoint
      parameters:
        - name: project_id
          in: path
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CIBAAuthRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CIBAAuthResponse'
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application CIBA backchannel authentication endpoint
        keywords: api, third party apps
  /oauth2/v1/apps/{project_id}/device:
    post:
      tags: []
      description: Third Party application device endpoint
      operationId: ThirdPartyApplicationDeviceEndpoint
      parameters:
        - name: project_id
          in: path
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OIDCDeviceEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OIDCDeviceEndpointResponse'
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application device endpoint
        keywords: api, third party apps
  /oauth2/v1/apps/{project_id}/revoke:
    post:
      tags: []
      description: Third Party application revoke endpoint by project ID
      operationId: ThirdPartyApplicationRevocationEndpointByProjectID
      parameters:
        - name: project_id
          in: path
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: >-
                #/components/schemas/ThirdPartyApplicationRevocationEndpointRequest
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application revoke endpoint by project ID
        keywords: api, third party apps
  /oauth2/v1/apps/{project_id}/token:
    post:
      tags: []
      description: Third Party application token endpoint by project ID
      operationId: ThirdPartyApplicationTokenEndpointByProjectID
      parameters:
        - name: project_id
          in: path
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ThirdPartyApplicationTokenEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OIDCTokenEndpointResponse'
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application token endpoint by project ID
        keywords: api, third party apps
  /oauth2/v1/apps/{project_id}/userinfo:
    get:
      tags: []
      description: Third Party application Get UserInfo endpoint by project ID
      operationId: ThirdPartyApplicationUserInfoEndpointGetByProjectID
      parameters:
        - name: project_id
          in: path
          description: Can be empty as data arrived on the Authorization header token
          required: true
          schema:
            type: string
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: >-
                  #/components/schemas/ThirdPartyApplicationUserInfoEndpointResponse
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application Get UserInfo endpoint by project ID
        keywords: api, third party apps
    post:
      tags: []
      description: Third Party application POST UserInfo endpoint by project ID
      operationId: ThirdPartyApplicationUserInfoEndpointPostByProjectID
      parameters:
        - name: project_id
          in: path
          description: Can be empty as data arrived on the Authorization header token
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: >-
                #/components/schemas/ThirdPartyApplicationUserInfoEndpointRequest
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: >-
                  #/components/schemas/ThirdPartyApplicationUserInfoEndpointResponse
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Third Party application POST UserInfo endpoint by project ID
        keywords: api, third party apps
  /v1/mgmt/inboundapp/app/{projectId}/register:
    post:
      tags: []
      description: Register Third Party Application according to RFC 7591
      operationId: RegisterThirdPartyApplication
      parameters:
        - name: projectId
          in: path
          description: Auto fill by proto from the requested URL
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: >-
                #/components/schemas/managementv1.RegisterThirdPartyApplicationRequest
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: >-
                  #/components/schemas/managementv1.RegisterThirdPartyApplicationResponse
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Register Third Party Application according to RFC 7591
        keywords: api, third party apps
  /v1/mgmt/mcp/client/{projectId}/{mcpServerId}/register:
    post:
      tags: []
      description: Register MCP Server client according to RFC 7591
      operationId: RegisterMcpServerClient
      parameters:
        - name: projectId
          in: path
          description: Auto fill by proto from the requested URL
          required: true
          schema:
            type: string
        - name: mcpServerId
          in: path
          description: Auto fill by proto from the requested URL (only in agentic hub)
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: >-
                #/components/schemas/managementv1.RegisterThirdPartyApplicationRequest
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: >-
                  #/components/schemas/managementv1.RegisterThirdPartyApplicationResponse
      x-publishYaml: thirdPartyApps
      security: []
      x-meta:
        title: undefined | Third Party Apps
        description: Register MCP Server client according to RFC 7591
        keywords: api, third party apps
  /oauth2/v1/authorize:
    get:
      tags: []
      summary: OIDC Authorize
      description: OIDC GET authorization endpoint start
      operationId: OIDCAuthZEndpointGetStart
      parameters:
        - name: response_type
          in: query
          schema:
            type: string
        - name: scope
          in: query
          schema:
            type: string
        - name: client_id
          in: query
          schema:
            type: string
        - name: state
          in: query
          schema:
            type: string
        - name: redirect_uri
          in: query
          schema:
            type: string
        - name: code_challenge_method
          in: query
          description: PKCE
          schema:
            type: string
        - name: code_challenge
          in: query
          schema:
            type: string
        - name: dynamic_val
          in: query
          schema:
            type: string
        - name: nonce
          in: query
          schema:
            type: string
        - name: ssoAppId
          in: query
          schema:
            type: string
        - name: loginHint
          in: query
          schema:
            type: string
        - name: prompt
          in: query
          schema:
            type: string
        - name: flow
          in: query
          schema:
            type: string
        - name: flow_token
          in: query
          schema:
            type: string
        - name: tenant
          in: query
          schema:
            type: string
        - name: style
          in: query
          schema:
            type: string
        - name: dpop_jkt
          in: query
          schema:
            type: string
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: federatedApps
      security: []
      x-meta:
        title: OIDC Authorize | Federated Apps
        description: OIDC GET authorization endpoint start
        keywords: api, federated apps
    post:
      tags: []
      summary: OIDC Authorize
      description: OIDC POST authorization endpoint start
      operationId: OIDCAuthZEndpointPostStart
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OIDCAuthZEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: federatedApps
      security: []
      x-meta:
        title: OIDC Authorize | Federated Apps
        description: OIDC POST authorization endpoint start
        keywords: api, federated apps
  /oauth2/v1/authorize/entramfa:
    post:
      tags: []
      summary: OIDC Authorize Entra MFA
      description: OIDC Entra MFA authorization endpoint
      operationId: OIDCAuthZEndpointEntraMFA
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OIDCAuthZEntraMFAEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: federatedApps
      security: []
      x-meta:
        title: OIDC Authorize Entra MFA | Federated Apps
        description: OIDC Entra MFA authorization endpoint
        keywords: api, federated apps
  /oauth2/v1/device:
    post:
      tags: []
      summary: OIDC Device
      description: OIDC device endpoint
      operationId: OIDCDeviceEndpoint
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OIDCDeviceEndpointRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OIDCDeviceEndpointResponse'
      x-publishYaml: federatedApps
      security: []
      x-meta:
        title: OIDC Device | Federated Apps
        description: OIDC device endpoint
        keywords: api, federated apps
  /oauth2/v1/finish-authorize:
    get:
      tags: []
      summary: OIDC Finish Authorize
      description: OIDC POST authorization endpoint finish
      operationId: OIDCAuthZEndpointFinishPost
      parameters:
        - name: state_id
          in: query
          schema:
            type: string
        - name: sso_app_id
          in: query
          schema:
            type: string
        - name: error_redirect_uri
          in: query
          schema:
            type: string
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OperationResponse'
      x-publishYaml: federatedApps
      security: []
      x-meta:
        title: OIDC Finish Authorize | Federated Apps
        description: OIDC POST authorization endpoint finish
        keywords: api, federated apps
    post:
      tags: []
      summary: OIDC Finish Authorize
      description: OIDC GET authorization endpoint finish
      operationId: OIDCAuthZEndpointFinishGet
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OIDCAuthZEndpointFinishRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
          

# --- truncated at 32 KB (807 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/descope/refs/heads/main/openapi/descope-openapi.yml