Authentication Endpoints
Purpose: define authentication entry and callback contracts.
GET /api/auditauth/login
- Method:
GET - Path:
/api/auditauth/login - Required headers: none
- Cookies set: none
- Behavior: starts auth flow and redirects to managed AuditAuth login
- Status codes:
302,404,5xx
GET /api/auditauth/callback
- Method:
GET - Path:
/api/auditauth/callback - Required query:
code - Required headers: none
- Cookies set:
auditauth_session,auditauth_access,auditauth_refresh - Behavior: exchanges authorization code, sets auth cookies, redirects
- Status codes:
302,401,5xx
Notes
- Authentication is externalized to AuditAuth.
- Application code must not validate credentials directly.
Last updated on