traditional flow

Within this documentation, the OAuth flow that has users go through the URL https://galaxy.click/oauth is referred to as “traditional flow” because it most closely resembles the OAuth flows of other websites.

The consent works as follows:

1. Link user to https://galaxy.click/oauth
2. User decides to reject or accept authentication request
3. User gets sent to specified redirect URI, with an error or auth code

1. link user to galaxy’s oauth page

You can find the exact link you should be using by using the URL generator on the applications page. Redirect the user to this URL, generally by an action such as clicking on a “login with galaxy” button.

On this page, the user will be given the choice to “authorize” or “cancel”. They will be redirected to the specified redirect URI with certain search parameters depending on their choice.

2. redirect to redirect uri

If the user clicked “authorize”, the URL they are sent to will resemble the following, where [AUTH CODE] is the authentication code for use in step 3, and [STATE] is the state the state parameter you optionally specified.

https://example.com/callback/?code=[AUTH CODE]&state=[STATE]

If the user clicked “cancel”, the URL they are sent to will resemble:

https://example.com/callback/?error=access_denied&error_description=The user did not consent.

3. exchange auth code for token

See this page for info on how to complete this step.