--- title: OAuth 2.0 endpoints description: Client applications can use the following OAuth 2.0 authorization server endpoints: component: pingoneaic page_id: pingoneaic:am-oauth2:oauth2-client-endpoints canonical_url: https://docs.pingidentity.com/pingoneaic/am-oauth2/oauth2-client-endpoints.html keywords: ["OAuth 2.0", "Endpoints", "Authorization", "Clients", "REST API"] page_aliases: ["oauth2-guide:oauth2-client-endpoints.adoc"] --- # OAuth 2.0 endpoints Client applications can use the following OAuth 2.0 authorization server endpoints: | Endpoint | Description | | ---------------------- | -------------------------------------------------------------------------------------------------------------------------- | | `/oauth2/par` | Register a pushed authorization request and get a request URI (RFC 9126 PAR endpoint) | | `/oauth2/authorize` | Obtain consent and an authorization grant (RFC 6749 authorization endpoint) | | `/oauth2/bc-authorize` | Initiate backchannel authorization (Backchannel flow endpoint) | | `/oauth2/access_token` | Obtain an access token (RFC 6749 token endpoint) | | `/oauth2/device/code` | Obtain a device code (Device flow endpoint) | | `/oauth2/device/user` | Obtain consent and authorization grant (Device flow endpoint) | | `/oauth2/token/revoke` | Revoke access tokens and refresh tokens (RFC 7009 endpoint) | | `/oauth2/introspect` | Retrieve metadata about a token, such as approved scopes and the context in which the token was issued (RFC 7662 endpoint) | | `/json/token/macaroon` | Retrieve metadata about a macaroon, and add caveats. | For reference documentation on related endpoints, refer to: * [OAuth 2.0 administration endpoints](oauth2-admin-endpoints.html) * [OIDC 1.0 endpoints](../am-oidc1/oidc-client-endpoints.html)