1. Get the user's authorization

To begin an Authorization Code flow, your application should first send the user to the authorization URL:

https://auth.seismic.com/tenants/<your tenant>/connect/authorize?
    client_id=<your client id>&
    redirect_uri=<your redirect URL>&
    scope=seismic.reporting offline_access&
    state=<your opaque value>


response_type: Denotes the kind of credential that Seismic will return (code vs token). For this flow, the value must be code.

client_id: The client_id for your authorization_code client app provided by Seismic.

redirect_uri: The URL to which Seismic will redirect the browser after authorization has been granted by the user. The Authorization Code will be available in the code URL parameter.

scope: The scopes which you want to request authorization for. These must be separated by a space. You can request any scopes which your application has access to. Be sure to include offline_access if you would like to get a long-term Refresh Token.

state: An opaque value the application adds to the initial request that Seismic includes when redirecting back to the application. This value must be used by the application to prevent CSRF attacks, click here to learn more.