The first step in getting access to data via Akoya is to send your user to an Akoya authorization URL. Akoya will direct your user through their appropriate data provider's login and account authorization process and on success, will redirect them back to a URL you specify with an authorization code.
Include the following parameters in your URL's path:
URL path parameter
Sandbox authorization URL :
The Akoya identifier for the data provider your user will be logging in to. Akoya takes this identifier and directs the user through the appropriate FI's login flow.
For sandbox testing purposes, use
Your application's client ID from Akoya.
The redirect URI that you registered with Akoya for that client ID. Akoya will validate that the redirect URI exactly matches the one registered, to prevent malicious redirects.
The OAuth 2 grant type being requested. Akoya only accepts
Space separated values to request levels of access.
Any random string generated by your application. Akoya will include this state value back to your application upon completion of the authorization request for you to validate, in order to prevent CSRF attacks.
This is a browser redirect that will return an authorization code and not an API response.
Once your app receives the authorization code, you can present the code to Akoya in exchange for an ID token.
Each authorization grant code expires in 5 minutes.
For more on the authorization request process and tokens used in the Akoya Data Access Network, see: "Token flow".
Use the authorization URL in a browser window, complete the consent flow, and get the authorization code.
Replace the parameters below and copy into a browser window
https://sandbox-idp.ddp.akoya.com/auth? connector=mikomo &response_type=code &client_id=YWsxNTkxOTA1MEAtMTg6 &redirect_uri=https://example-app.com/callback &scope=openid%20email%20profile%20offline_access &state=123abc
Example success URL: https://example-app.com/callback?code=fogeqqbz2xi23hvgvlu4ka2kq&state=123abc
"Go to login" opens in a new tab.