Redirect to web authentication
Initiates the web authentication flow by redirecting the user to the hosted authentication page.
This is the first step in the Web Flow. The user is redirected to the Discovr hosted auth page
(webflow.com) where they sign in. After login, the hosted page calls the Discovr callback
endpoint to exchange the Firebase token for a Discovr auth token server-side, then redirects the
user to your redirectURL with authToken and state query parameters. Firebase tokens are
never exposed to clients.
Documentation Index
Fetch the complete documentation index at: https://docs.discovr.media/llms.txt
Use this file to discover all available pages before exploring further.
Query Parameters
The client ID of the third-party application
Optional custom redirect URL. If omitted, redirects to the hosted callback page at https://auth.discovr.media/callback.html which handles token exchange via postMessage for web popup flows or deep links for mobile apps. Must be URL encoded when provided.
Opaque value to prevent CSRF; echoed back in the callback response
Optional platform hint to help determine callback behavior (web popup, mobile deep link, etc.). Not currently used but reserved for future platform-specific optimizations.
web, mobile, tv Response
Successful operation (Documentation only). In practice, this endpoint always redirects (302).