---
title: OAuth rich authorization requests
description: PingFederate supports OAuth rich authorization requests.
component: pingfederate
version: 13.1
page_id: pingfederate:administrators_reference_guide:pf_oauth_rich_authorization_requests
canonical_url: https://docs.pingidentity.com/pingfederate/13.1/administrators_reference_guide/pf_oauth_rich_authorization_requests.html
llms_txt: https://docs.pingidentity.com/pingfederate/llms.txt
docs_for_agents: https://developer.pingidentity.com/build-with-ai/docs-for-agents.md
revdate: July 8, 2024
---

# OAuth rich authorization requests

PingFederate supports OAuth rich authorization requests.

The rich authorization request parameter, `authorization_details`, is used by some open banking and other deployments to carry fine-grained authorization data in OAuth messages.

Authorization details can be used in the same places where scope is used to specify authorization requirements. The following flows support authorization details:

* Authorization code

* Implicit

* Client Credentials

* Device Authorization

* CIBA

* Token Exchange (only available for mapping)

The `authorization_details` parameter is a JSON array of JSON objects, where `type` is the only required field for each object.

In the following example of an authorization detail, the `type` is `payment_initiation`:

```
[
  {
    "type": "payment_initiation",
    "locations": [
      "https://example.com/payments"
    ],
    "instructedAmount": {
      "currency": "EUR",
      "amount": "123.50"
    },
    "creditorName": "Merchant A",
    "creditorAccount": {
      "iban": "DE02100100109307118603"
    },
    "remittanceInformationUnstructured": "Ref Number Merchant"
  }
]
```

For more information about authorization details, see the [OAuth 2.0 Rich Authorization Requests](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-rar) specification.