# Authentication

Endpoints for OAuth 2.0 authentication and authorization. These endpoints handle the OAuth 
discovery document, authorization flow, token exchange, and user information retrieval.


## OAuth discovery document

 - [GET /auth/oauth-discovery](https://developer.reachreporting.com/openapi/authentication/paths/~1auth~1oauth-discovery/get.md): Retrieves OAuth 2.0 discovery document with authorization server configuration.

## OAuth Authorization Endpoint

 - [GET /oauth2/authorize](https://developer.reachreporting.com/openapi/authentication/paths/~1oauth2~1authorize/get.md): Initiates the OAuth authorization flow. This endpoint redirects the user to an authorization page 
where they can grant or deny access. After user interaction, they are redirected back to the 
client's redirect_uri with an authorization code in the URL parameters.

## OAuth Token Endpoint

 - [POST /oauth2/token](https://developer.reachreporting.com/openapi/authentication/paths/~1oauth2~1token/post.md): Exchanges authorization code for access and refresh tokens.

## Get User Information

 - [GET /oauth2/user-info](https://developer.reachreporting.com/openapi/authentication/paths/~1oauth2~1user-info/get.md): Retrieves authenticated user information and list of accessible companies.