# SSO Callback

This endpoint is the callback URL for the Single Sign-On (SSO) process. It receives an authorization code from the identity provider (e.g., Cognito) and exchanges it for an access token. The access token is then used to authenticate the user in the application.

Endpoint: GET /sso-callback
Version: v1
Security: apiKeyAuth

## Query parameters:

  - `state` (string, required)
    base64 encoded state

  - `code` (string, required)
    Authorization Code

## Response 200 fields (text/plain):

  - `data` (object)

  - `data.challengeName` (string,null)
    The name of the challenge.  This field will be filled if the Authentication process requires additional steps.  You may programatically build application logic based on this field's value. 
Valid values: NEW_PASSWORD_REQUIRED: For users who are required to change their passwords after successful first login.

  - `data.session` (string,null)
    The session that should pass both ways in challenge-response calls to the service. If the caller must pass another challenge, they return a session with other challenge parameters.

  - `data.authenticationResult` (object)

  - `data.authenticationResult.accessToken` (string,null)
    The ID token.

  - `data.authenticationResult.idToken` (string,null)
    The ID token.

  - `data.authenticationResult.refreshToken` (string,null)
    The ID token.

  - `data.authenticationResult.expiresIn` (integer)
    The expiration period of the authentication result in seconds.

  - `error` (object)

  - `error.detail` (string,null)
    A human-readable explanation specific to this occurrence of the problem.

  - `error.instance` (string,null)
    A URI reference that identifies the specific occurrence of the problem.It may
or may not yield further information if dereferenced.

  - `error.status` (integer)
    The HTTP status code([RFC7231], Section 6) generated by the origin server for
this occurrence of the problem.

  - `error.title` (string,null)
    A short, human-readable summary of the problem type.It SHOULD NOT change from
occurrence to occurrence of the problem, except for purposes of localization(e.g.,
using proactive content negotiation; see[RFC7231], Section 3.4).

  - `error.type` (string,null)
    A URI reference [RFC3986] that identifies the problem type. This specification
encourages that, when dereferenced, it provide human-readable documentation for
the problem type (e.g., using HTML [W3C.REC-html5-20141028]). When this member
is not present, its value is assumed to be "about:blank".

  - `debug` (object)

  - `debug.activityID` (string, required)


## Response 401 fields