# Third-Party Authentication

This section contains the API operations for the OAuth 2.0 Authorization Code Flow.

## Start an authorization code flow

 - [GET /zephr/oauth2](https://developer.zuora.com/zephr-api-reference/zephr-public-api/third-party-authentication/startoauth2flow.md): Starts OAuth2 Authorization Code Flow. The resource owner will be authenticated and be presented with the third-party application access request.

## Returns a list of your user's access scopes

 - [GET /zephr/oauth2/consent/{clientId}](https://developer.zuora.com/zephr-api-reference/zephr-public-api/third-party-authentication/listoauth2consentflow.md)

## Grant the access request

 - [POST /zephr/oauth2/grant](https://developer.zuora.com/zephr-api-reference/zephr-public-api/third-party-authentication/grantaccessrequest.md): The resource owner will consent or deny the third party application access request, and Zephr will return an authorization code upon user's consent.

## Retrieves the oauth2 configured fields

 - [GET /zephr/oauth2/config](https://developer.zuora.com/zephr-api-reference/zephr-public-api/third-party-authentication/getoauth2config.md): Gets the public oauth2 fields configured on the Third Party Authentication section of the site

## Get the OAuth2 error page

 - [GET /zephr/oauth2/error](https://developer.zuora.com/zephr-api-reference/zephr-public-api/third-party-authentication/getoauth2errorpage.md): Gets the OAuth2 error page.