Authorization endpoint

GET

https://passport.freedompay.kz/openid

You need to redirect the user to this method to pass authentication on the FreedomID side.
After authentication and access rights are granted, the user will be redirected to redirect_uri.

Using state + nonce fields you can pass the signature of your request for subsequent validation on your side.

Request

Query Params

scope

string

required

Whitespace separated grants. OPENID grant is required.

Example:

openid read.profile

state

string

required

State field

Example:

PUJNUsZq4YTXLsgNSurd4brpcE3JumGF

response_type

string

required

Response type must be CODE

Example:

code

client_id

string

required

Partner`s client identifier

Example:

c388f3cd-7722-4040-9bb2-94b0a05093aa

redirect_uri

string

required

A valid URL to redirect to after successful authentication on the FreedomID side

Example:

https://example.com/login

nonce

string

required

Randomized string for JWT token validation

Example:

LzfMhpRWU5Dzwy7vHvlTHmq5sEiYBXMb

Request samples

Shell

JavaScript

Java

Swift

PHP

Python

HTTP

Objective-C

Ruby

OCaml

Dart

curl --location --request GET 'https://passport.freedompay.kz/openid?scope=openid read.profile&state=PUJNUsZq4YTXLsgNSurd4brpcE3JumGF&response_type=code&client_id=c388f3cd-7722-4040-9bb2-94b0a05093aa&redirect_uri=https://example.com/login&nonce=LzfMhpRWU5Dzwy7vHvlTHmq5sEiYBXMb'

Responses

🟢200Success

This response does not have a body.

Modified at 2025-04-21 12:01:18

Update user

Token exchange