Displays an authorization form to the user. If approved, it will create and return an authorization code, then redirect to the desired `redirect_uri`, or show the authorization code if `urn:ietf:wg:oauth:2.0:oob` was requested. The authorization code can be used while requesting a token to obtain access to user-level methods.
**Returns:** String (URL) or HTML response\
**OAuth:** Public\
**Version history:**\
0.1.0 - added\
2.6.0 - added `force_login`\
3.5.0 - added `lang`
#### Request
##### Query parameters
response_type
: {{<required>}} String. Should be set equal to `code`.
client_id
: {{<required>}} String. The client ID, obtained during app registration.
redirect_uri
: {{<required>}} String. Set a URI to redirect the user to. If this parameter is set to `urn:ietf:wg:oauth:2.0:oob` then the authorization code will be shown instead. Must match one of the `redirect_uris` declared during app registration.
scope
: String. List of requested OAuth scopes, separated by spaces (or by pluses, if using query parameters). Must be a subset of `scopes` declared during app registration. If not provided, defaults to `read`.
force_login
: Boolean. Forces the user to re-login, which is necessary for authorizing with multiple accounts from the same instance.
: String. The well-formed BCP 47 language tag (parts other than language subtag may be discarded by the system) to use while rendering the authorization form.
If the authorization code is incorrect or has been used already, the request will fail.
```json
{
"error": "invalid_grant",
"error_description": "The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."
: {{<required>}} String. Set equal to `authorization_code` if `code` is provided in order to gain user-level access. Otherwise, set equal to `client_credentials` to obtain app-level access only.
code
: String. A user authorization code, obtained via [GET /oauth/authorize](#authorize).
client_id
: {{<required>}} String. The client ID, obtained during app registration.
: {{<required>}} String. Set a URI to redirect the user to. If this parameter is set to urn:ietf:wg:oauth:2.0:oob then the token will be shown instead. Must match one of the `redirect_uris` declared during app registration.
scope
: String. List of requested OAuth scopes, separated by spaces (or by pluses, if using query parameters). If `code` was provided, then this must be equal to the `scope` requested from the user. Otherwise, it must be a subset of `scopes` declared during app registration. If not provided, defaults to `read`.
#### Response
##### 200: OK
Store this access_token for later use with auth-required methods. The token should be passed as an HTTP `Authorization` header when making API calls, with the value `Bearer access_token`
: {{<required>}} String. The previously obtained token, to be invalidated.
#### Response
##### 200: OK
If you own the provided token, the API call will provide an empty response. This operation is idempotent, so calling this API multiple times will still return OK.
```json
{}
```
##### 403: Forbidden
If you provide a token you do not own, or no token at all, the API call will return a 403 error.
```json
{
"error": "unauthorized_client",
"error_description": "You are not authorized to revoke this token"