/oauth/authorize

Authorize — server-rendered login + consent (GET shows the page, POST submits)

OAuth 2.1 authorization endpoint. GET renders a login + consent page (PKCE S256 required; CSRF-protected; framebusting). POST authenticates the user against the FinRadar login and, on Allow, redirects to `redirect_uri?code=...&state=...`. Loopback `redirect_uri` (http://127.0.0.1:<any-port>/...) is allowed for native clients (RFC 8252).

free

Parameters

Name	In	Required	Default	Allowed	Description	Example
response_type	query	required	—	—	Must be `code`.	code
client_id	query	required	—	—	Registered client id.	cursor
redirect_uri	query	required	—	—	Must match a registered redirect (loopback any-port allowed).	http://127.0.0.1:51000/callback
scope	query	optional	mcp	—	Single `mcp` scope.	mcp
state	query	required	—	—	CSRF/correlation value echoed back.	xyz
code_challenge	query	required	—	—	PKCE S256 challenge (base64url SHA-256 of the verifier).	E2okHPeE...
code_challenge_method	query	required	—	—	Must be `S256` (plain is rejected).	S256

Response schema

Schema not yet documented

Full response schema, sample response, and curated examples for this endpoint are landing in Phase 59. The hero, parameters, code samples, and metadata above remain accurate today.

Errors

Status	Label	Description
200	OK	Request succeeded.
400	Bad Request	Invalid query, body, or path parameter.
401	Unauthorized	Missing or invalid Authorization header / api_Token.
402	Payment Required	Insufficient token balance for this call. Top up
429	Too Many Requests	Rate limit exceeded for your tier (see /pricing for tier limits). Tier limits
500	Server Error	Unexpected server-side failure. Retry with backoff; report if persistent.

Code samples

Reveal credentials

curl "https://api.finradar.ai/oauth/authorize" \
  -H "Authorization: Bearer YOUR_JWT_TOKEN"

Generate an API key in /account/credentials to run live queries (literal YOUR_API_KEY placeholder shown until then).