Before authorization begins, it first generates a random string to use for the state
parameter. The client will need to store this to be used in the next step.
/authorize?
response_type=code
&client_id=
&redirect_uri=/authorization-code.html
&scope=photo+offline_access
&state=
For this demo, we've gone ahead and generated a random state parameter (shown above) and saved it in a cookie.
Click "Authorize" below to be taken to the authorization server. You'll need to enter the username and password that was generated for you.