> ## Documentation Index
> Fetch the complete documentation index at: https://docs.phosra.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Get OAuth authorize URL

> Get OAuth authorization URL for a platform



## OpenAPI

````yaml GET /platforms/{platformID}/oauth/authorize
openapi: 3.1.0
info:
  title: Phosra API
  description: Universal Parental Controls API - Define once, push everywhere
  version: 1.0.0
  contact:
    name: Phosra Developer Support
    url: https://docs.phosra.com
  license:
    name: Proprietary
    url: https://phosra.com/terms
servers:
  - url: https://phosra-api-sandbox-production.up.railway.app/api/v1
    description: >-
      Hosted sandbox — the one canonical, stable, partner-facing testing
      endpoint (seeded demo family + phosra_test_ keys). Default so the inline
      Try it never touches production. Same base the CLI uses.
  - url: https://prodapi.phosra.com/api/v1
    description: Production
  - url: http://localhost:8080/api/v1
    description: Local development
security:
  - BearerAuth: []
paths:
  /platforms/{platformID}/oauth/authorize:
    parameters:
      - name: platformID
        in: path
        required: true
        schema:
          type: string
    get:
      tags:
        - Platforms
      summary: Get OAuth authorization URL for a platform
      description: >-
        Returns the platform's OAuth 2.0 authorization URL (PKCE S256) to
        redirect the parent to. Completing the flow links the platform to the
        family.
      operationId: getOauthAuthorizationUrlForAPlatform
      parameters:
        - name: state
          in: query
          schema:
            type: string
        - name: redirect_uri
          in: query
          schema:
            type: string
      responses:
        '200':
          description: Authorization URL
          content:
            application/json:
              schema:
                type: object
                properties:
                  authorize_url:
                    type: string
              example:
                authorize_url: https://api.nextdns.io/oauth2/authorize
        '400':
          description: Platform does not support OAuth
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
        '429':
          $ref: '#/components/responses/RateLimited'
        '500':
          $ref: '#/components/responses/ServerError'
        '502':
          $ref: '#/components/responses/BadGateway'
        '503':
          $ref: '#/components/responses/ServiceUnavailable'
      security: []
      x-codeSamples:
        - lang: Shell
          label: cURL
          source: >
            curl -sS
            "https://phosra-api-sandbox-production.up.railway.app/api/v1/platforms/fire_tablet/oauth/authorize"
        - lang: JavaScript
          label: Node.js
          source: >
            const BASE =
            "https://phosra-api-sandbox-production.up.railway.app/api/v1";

            const res = await
            fetch(`${BASE}/platforms/fire_tablet/oauth/authorize`);

            console.log(res.status, await res.json());
        - lang: Python
          label: Python
          source: |
            import requests

            BASE = "https://phosra-api-sandbox-production.up.railway.app/api/v1"
            res = requests.get(
                f"{BASE}/platforms/fire_tablet/oauth/authorize",
            )
            print(res.status_code, res.json())
        - lang: Go
          label: Go
          source: "package main\n\nimport (\n\t\"fmt\"\n\t\"io\"\n\t\"net/http\"\n)\n\nfunc main() {\n\tbase := \"https://phosra-api-sandbox-production.up.railway.app/api/v1\"\n\treq, _ := http.NewRequest(\"GET\", base+\"/platforms/fire_tablet/oauth/authorize\", nil)\n\tresp, err := http.DefaultClient.Do(req)\n\tif err != nil {\n\t\tpanic(err)\n\t}\n\tdefer resp.Body.Close()\n\tout, _ := io.ReadAll(resp.Body)\n\tfmt.Println(resp.Status, string(out))\n}\n"
components:
  responses:
    Unauthorized:
      description: >-
        Authentication failed. Send a Bearer WorkOS JWT, or a
        `phosra_live_`/`phosra_test_` developer API key, in the `Authorization`
        header.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            error: Unauthorized
            message: missing or invalid Authorization header
            code: 401
    NotFound:
      description: No resource matches the identifier supplied in the path.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            error: Not Found
            message: policy not found
            code: 404
    RateLimited:
      description: >-
        Too many requests. Back off and retry after the interval given in the
        `Retry-After` response header.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            error: Too Many Requests
            message: rate limit exceeded
            code: 429
    ServerError:
      description: >-
        An unexpected error occurred inside Phosra. The request is safe to retry
        with exponential backoff; contact support if it persists.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            error: Internal Server Error
            message: internal error
            code: 500
    BadGateway:
      description: >-
        A downstream provider returned an invalid response while Phosra was
        fulfilling the request. Retry with backoff.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            error: Bad Gateway
            message: downstream provider error
            code: 502
    ServiceUnavailable:
      description: >-
        A downstream provider or dependency is temporarily unavailable. Retry
        with backoff.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            error: Service Unavailable
            message: downstream provider unavailable
            code: 503
  schemas:
    Error:
      type: object
      properties:
        error:
          type: string
          description: >-
            Short, stable, machine-readable error class — matches the HTTP
            status text (e.g. `Not Found`).
        message:
          type: string
          description: >-
            Human-readable explanation of what went wrong and, where possible,
            how to fix it.
        code:
          type: integer
          description: Numeric HTTP status code, duplicated in the body for convenience.
      description: Standard error envelope returned for every 4xx and 5xx response.
      example:
        error: Not Found
        message: policy not found
        code: 404
      additionalProperties: true
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT

````