# Requesting the Authorization Code

## Get OAuth 2.0 Authorization Code

Once your application has been registered and you’ve obtained the **Client ID**, the next step is to request an **authorization code**. This code is a temporary credential that you will later exchange for an access token.

This step is executed directly by the third-party system via an HTTP `GET` request to Evia Sign’s authorization endpoint.

### Authorization Code Request URL

<mark style="color:green;">`GET`</mark> `/_apis/falcon/auth/oauth2/authorize`

Initiates the OAuth 2.0 Authorization Code Flow.&#x20;

This endpoint is used to request an authorization code by passing your application's credentials and configuration details as query parameters. The response will redirect to your registered `redirect_url` with an authorization code that can be used to request an access token.

### Required Query Parameters

| Parameter           | Required | Description                                                               |
| ------------------- | -------- | ------------------------------------------------------------------------- |
| `application_state` | ✅ Yes    | Static value, typically set to `external` for external integrations.      |
| `resource`          | ✅ Yes    | The resource type being accessed; usually `RESOURCE_APPLICATION`.         |
| `client_id`         | ✅ Yes    | Your application's unique **Client ID** received during app registration. |
| `scope`             | ✅ Yes    | The permission scope being requested (e.g., `Sign Falcon Licensing`).     |
| `response_type`     | ✅ Yes    | Must be set to `code` to receive an authorization code.                   |

### Example Authorization URL

```http
http://evia.enadocapp.com/_apis/falcon/auth/oauth2/authorize?
application_state=external&
resource=RESOURCE_APPLICATION&
client_id=YOUR_CLIENT_ID&
scope=Sign%20Falcon%20Licensing&
response_type=code
```

### How It Works

1. **Build the URL** using your `client_id`, desired `scope`, and other parameters.
2. **Send the request** using a server-side `GET` call to the authorization URL.
3. If the request is valid, Evia Sign will **redirect** the response to your provided `redirect_url`, appending the **authorization code** in the URL.

### Example Redirect Response

If the request is successful, the user is redirected to your application’s callback URL:

```json
?code=received-auth-code
```

Your application must **extract the `code` parameter** from this URL. This `code` is then used in the next step (token exchange) to receive an access token.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.sign.enadocapp.com/evia-sign-api/v2/authorization-and-authentication/requesting-the-authorization-code.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.