Custom Domain
API referenceConnections

OAuth redirect target (public; authenticated by the signed state)

GET
/connect/oauth/callback

The provider's browser redirect target — not a bearer-authenticated endpoint. It consumes the signed single-use state, exchanges the code, writes the connection's records with the one-time token (discarded after), and returns an HTML page that postMessages { type: "customdomain:oauth", payload } to the vetted return origin.

Query Parameters

code?string
state*string

Response Body

curl -X GET "https://example.com/connect/oauth/callback?state=string"
Empty
Empty