Authorize

OAuth API
GEThttps://www.mollie.com/oauth2/authorize

Note

You should construct the Authorize URL from the endpoint above with the parameters below. Then, you should redirect the resource owner to the Authorize endpoint.

The Authorize endpoint is the endpoint on Mollie web site where the merchant logs in, and grants authorization to your client application. E.g. when the merchant clicks on the Connect with Mollie button, you should redirect the merchant to the Authorize endpoint.

The resource owner can then grant the authorization to your client application for the scopes you have requested.

Mollie will then redirect the resource owner to the redirect_uri you have specified. The redirect_uri will be appended with a code parameter, which will contain the auth token. You should then exchange the auth token for an access token using the Tokens API.

Parameters

client_idstringrequired
The client ID you receive when registering your app.
redirect_uristringoptional
The URL the merchant is sent back to once the request has been authorized. If given, it must match the URL you set when registering your app.
statestringrequired
A random string generated by your app to prevent CSRF attacks.
scopestringrequired
A space separated list of permissions your app requires. Refer to Permissions for more information about the available scopes.
response_typestringrequired

Mollie only replies with code responses.

Possible values: code

approval_promptstringrequired

This parameter can be set to force to force showing the consent screen to the merchant, even when it is not necessary. Note that already active authorizations will be revoked when the user creates the new authorization.

Possible values: auto force

localestringoptional

Allows you to preset the language to be used in the login / sign up / authorize flow if the merchant is not known by Mollie. When this parameter is omitted, the browser language will be used instead. You can provide any xx_XX format ISO 15897 locale, but the authorize flow currently only supports the following languages:

Possible values: en_US nl_NL nl_BE fr_FR fr_BE de_DE es_ES it_IT

Response

301 Redirect

codestring
The auth code, with which you can request an access token.
statestring
The random string you’ve sent with your request to prevent CSRF attacks. Please always check if this matches the expected value.
errorstring
If the request is canceled by the merchant, or fails for any other reason, the merchant will be redirected back with an error field. The field will contain a code indicating the type of error.
error_descriptionstring
If the error field is present, this field will be present as well with an explanation of the error code.

Example

Please refer to the documentation of the Mollie API client you are using.