OptionalcodeOptionalscopeThe scope to request during the authorization code grant flow. As defined per the OAuth Specification: "...a list of space-delimited, case-sensitive strings. The strings are defined by the authorization server. If the value contains multiple space-delimited strings, their order does not matter, and each string adds an additional access range to the requested scope." Source: https://www.rfc-editor.org/rfc/rfc6749#section-3.3.
OptionalstateSome state that the authorization server adds to the redirect URI after the resource owner authenticates. The state should not include unencrypted, sensitive values.
A cryptographically unique string to use to verify the client is the only entity able to trade the authorization code for an access token. Use the
genCodeVerifiermethod to securely generate a code verifier.