Redirect to web authentication
Redirects the user’s browser to the Discovr authorization page to sign in and approve your app.
After sign-in, Discovr redirects back to your redirectURL with a refreshToken and your state value as query parameters.
clientID— your registered app ID, so Discovr knows which app is requesting access.state— your app’s CSRF token. Discovr echoes it back unchanged so you can verify the response came from Discovr and not a third party.redirectURL— where to send the user after sign-in. If omitted, Discovr uses the default callback page for your client.
Documentation Index
Fetch the complete documentation index at: https://docs.discovr.media/llms.txt
Use this file to discover all available pages before exploring further.
Query Parameters
The client ID of the third-party application
Optional custom redirect URL. If omitted, redirects to the hosted callback page at https://auth.discovr.media/callback.html which handles token exchange via postMessage for web popup flows or deep links for mobile apps. Must be URL encoded when provided.
Opaque value to prevent CSRF; echoed back in the callback response
Optional platform hint to help determine callback behavior (web popup, mobile deep link, etc.). Not currently used but reserved for future platform-specific optimizations.
web, mobile, tv Response
Successful operation (Documentation only). In practice, this endpoint always redirects (302).