> For the complete documentation index, see [llms.txt](https://docs.edgetag.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.edgetag.io/api/getting-started/oauth-2.0/implementation/creating-redirect.md).

# Creating redirect

The first step of OAuth is to add a button to your app that redirects the user to EdgeTag. Once the user clicks on the button, you should have a URL that looks like the one below.

For `edgeTagUrl` you should use the UI URL (see [Implementation page](/api/getting-started/oauth-2.0/implementation.md) for URLs).

{% code title="Example of how to redirect to our sandbox" %}

```javascript
const edgeTagUrl = 'https://app-sandbox.edgetag.io/oauth/app/login'
const verifier = 'my secret text'

const url = new URL(edgeTagUrl)
url.searchParams.append('client_id', 'd0272c42-7ecc-4899-a1a7-0801a8a9da2f')
url.searchParams.append('redirect_uri', 'https://yourwebsite.com/login/check')
url.searchParams.append('scope', 'full')
url.searchParams.append('response_type', 'code')
url.searchParams.append('code_challenge', sha256Base64(verifier))
url.searchParams.append('code_challenge_method', 'S256')

window.location.href = url.toString()
```

{% endcode %}

Let's look at each search parameter that you can set.

### client\_id

This is the ID that you got when you created the OAuth app inside EdgeTag UI.

### redirect\_uri

URI where you would like to redirect after the user completes OAuth inside EdgeTag. If you want to pass some additional property, you can use `state` param and store it in there as a base64 encoded string

### scope

Right now, we only support `full` , but will be adding more scopes later on.

### response\_type

This tells you what the exchange mechanism will be when we redirect back to your app. Right now, we support only `code`.

### code\_challenge

To enhance security, we added a code challenge option, which we then double-check when exchanging the code for the token. The code challenge should be `SHA-256` hashed and encoded with base64. Make sure that you store `verifier` as you will need to pass it when you exchange code for the token.

```javascript
const crypto = require('crypto')
const codeChallenge = crypto.createHash('sha256').update(verifier).digest().toString('base64url')
```

### code\_challenge\_method

At this point, we only support `S256` which is SHA-256 with base64 encoding.

### state

The "state" parameter is optional and can be included if you want to send any data from the starting point of the OAuth process back to your application. For instance, if you need to remember the user's selection before they were redirected to OAuth, you can use this parameter for that purpose. It's important to note that the value of "state" should be base64 encoded.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.edgetag.io/api/getting-started/oauth-2.0/implementation/creating-redirect.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.