OROdocs
Miner

Exchange Chutes PKCE auth code for a refresh token (server-side)

Complete the Chutes OAuth code exchange on behalf of the SDK CLI. Chutes' OAuth app is registered as a Confidential client (requires ``client_secret`` at /idp/token). The SDK, distributed via PyPI, can't safely hold a secret. So the SDK runs the browser PKCE leg locally (preserves auth-code interception protection) and then hands the resulting authorization code + ``code_verifier`` here. Backend holds the ``client_secret`` and completes the exchange (ORO-1463).

POST
/v1/miner/chutes/exchange-code

Request Body

application/json

TypeScript Definitions

Use the request body type in TypeScript.

Response Body

application/json

application/json

curl -X POST "https://api.oroagents.com/v1/miner/chutes/exchange-code" \  -H "Content-Type: application/json" \  -d '{    "code": "string",    "code_verifier": "stringstringstringstringstringstringstrings",    "redirect_uri": "string"  }'
{
  "ok": true,
  "default_provider": "string"
}
{
  "detail": [
    {
      "loc": [
        "string"
      ],
      "msg": "string",
      "type": "string",
      "input": null,
      "ctx": {}
    }
  ]
}