OAuth user-facing pages
The PingFederate OAuth authorization server provides five windows that are presented to end-users, or resource owners, during certain OAuth transactions. You can customize and brand these windows as needed..
Page title and template file name | Purpose | Message type | Action |
---|---|---|---|
Client Access oauth.access.grants.page.template.html |
Provides a means for the end users, or resource owners, to revoke persistent access grants. |
Normal |
User input required |
Request for Approval oauth.approval.page.template.html |
Advises resource owners that their information is being requested by the identified OAuth client when the default, internal, consent user interface is used. Resource owners can approve or deny individual scopes. Consent approval is applicable to the Device Authorization, Implicit, and Authorization Code grant types. For the latter two, PingFederate might prompt once at first or repeatedly depending on the Reuse Existing Persistent Access Grants for Grant Types setting in System → OAuth Settings → Authorization Server Settings.. In addition, the OAuth client configuration provides an option to bypass this approval page entirely, as needed for trusted clients. When applicable, select the Bypass Authorization Approval check box in the client configuration window. When an external consent user interface is used, PingFederate does not make use of this template file. |
Normal |
User input required |
Connect a device (user code prompt) oauth.device.user-code.page.template.html |
This page appears for the OAuth device authorization grant type. It allows resource owners to identify an authorization session that was initiated by the device client. This page appears after the resource owner goes to the OAuth verification URL and logs in. The user types the user code that they received from the device client, and then clicks Submit. |
Normal |
User input and confirmation required |
Connect a device (pre-populated user code prompt) oauth.device.user-code-confirm.page.template.html |
This page appears for the OAuth device authorization grant type. It allows resource owners to identify an authorization session that was initiated by the device client. This page appears after the resource owner goes to the OAuth verification URL and logs in. The user confirms the pre-populated user code by clicking Confirm. |
Normal |
User confirmation required |
Connect a device (result) oauth.device.messages.page.template.html |
This page appears for the OAuth device authorization grant type. It advises resource owners whether the OAuth device authorization was successful and provides any relevant error messages. By default, this page does not link to any other pages. |
Normal |
No action |