To retrieve authorization for already connected members, you need to make an authorization request in silence mode with the parameter prompt=none
REQUEST
| Type | Endpoint |
|---|---|
| GET |
PARAMETERS
|
Name |
Value |
Required |
|---|---|---|
| response_type | The value of this field should be code for authorization code flow or token for implicit flow | Yes |
| client_id | The appId key value generated when you register your application. | Yes |
| redirect_uri | The URL your users are sent back to after authorization. | Yes |
| scope | URL-encoded, space-delimited list of member permissions your application is requesting on behalf of the user. | Yes |
| state |
Only for authentication code flow |
No |
| nonce | Only for authentication code flow String value used to associate a Client session with an ID Token, and to mitigate replay attacks. The value is passed through unmodified from the Authentication Request to the ID Token. If present in the ID Token, Clients MUST verify that the nonce Claim Value is equal to the value of the nonce parameter sent in the Authentication Request. If present in the Authentication Request, Authorization Servers MUST include a nonce Claim in the ID Token with the Claim Value being the nonce value sent in the Authentication Request. Authorization Servers SHOULD perform no other processing on nonce values used. The nonce value is a case sensitive string. |
No |
| prompt | Used to display the authentication page (empty) or not (none). Use prompt=none when the user is already authenticated on another website (e.g. all.accor) | No |
| ui_locales | Language code (2 digits) | No |
| persistent | Should be yes for activating the “remember me” checkbox | No |
EXAMPLE OF REQUEST
GET https://login.accor.com/as/authorization.oauth2?response_type=code&client_id={your_client_id}&redirect_uri=https://yourdomain/callback&scope={list_of_scopes}&prompt=none