OAuth 2.0 Authorization

curl --request GET \
  --url https://whitebit.com/auth/login

Usage

OAuth 2.0 Authorization

This endpoint initiates the OAuth 2.0 authorization flow for user authentication and obtaining an authorization code.

Using the State Parameter (Best Practice)

The state parameter is crucial for security in OAuth flows:

Generate a cryptographically secure random string
Store it in the user’s session before redirecting
Validate it matches when handling the callback
This prevents CSRF attacks

Note: OAuth scopes are predefined during client application setup and cannot be modified during the authorization request. The access token will include all scopes that were approved during client creation.

GET

auth

OAuth 2.0 Authorization

curl --request GET \
  --url https://whitebit.com/auth/login

Query Parameters

clientId

string

required

Your application's client ID

Example:

"YOUR_CLIENT_ID"

state

string

A secure random string used to maintain state between the request and callback and prevent CSRF attacks (Recommended)

Example:

"SECURE_RANDOM_STATE"

Response

302

Redirect to authorization page

Overview Get Access Token

⌘I