...
| Anchor | ||||
|---|---|---|---|---|
|
| Environment | KEYCLOAK_BASEURL | ARCHIE_BASEURL |
|---|---|---|
| Test | https://test-login.cochrane.org/ | https://test-archie.cochrane.org/ |
| Training | https://training-login.cochrane.org/ | https://training-archie.cochrane.org/ |
| Production | https://login.cochrane.org/ | https://archie.cochrane.org/ |
All endpoints require a secure connection (HTTPS). If plain HTTP is used an error status code 403 (forbidden) is returned.
...
At the authorization endpoint the end user will have to log into Cochrane Account if he or she is not logged in already. After the authentication, provided that the scope of the request is different from "none", the end user may be presented with a consent screen where he or she has to agree to give the client access to resources in Archie within the given scope before the flow may continue. Note: the consent screen is not shown for clients hosted on *.cochrane.org domains.
Once the authentication and possible consent is in order, i.e. the end user has authorized the client to access his or her data, the browser is redirected back to the redirect URI (using a HTTP 302 status code) with the following query parameters added:
...