Build the request

After you define the scopes that you want to require consent for, prepare an authentication or authorization request with the correct values for prompt and consent_method.

Obtain the following values from your OpenID Connect application, both of which can be found on the application's General tab:
- Client ID
- Redirect URI
Use the default Custom Authorization Server's authorization endpoint:

Note: See Authorization Servers for more information on the types of authorization servers available to you and what you can use them for.

A default Custom Authorization endpoint looks like this where the ${authServerId} is default:
```
 `https://${yourOktaDomain}/oauth2/default/v1/authorize`
```
Add the following query parameters to the URL:
- Your OpenID Connect application's client_id and redirect_uri
- The openid and phone scopes
- The response type, which for an ID token is id_token and an access token is token
Note: The examples in this guide use the Implicit flow. For the Authorization Code flow, the response type is code. You can exchange an authorization code for an ID token and/or an access token using the /token endpoint.
- Values for state and nonce, which can be anything
Note: All of the values are fully documented on the Obtain an Authorization Grant from a user page.

The resulting URL requesting an access token looks something like this:
```
curl -X GET
"https://${yourOktaDomain}/oauth2/${authServerId}/v1/authorize?client_id=examplefa39J4jXdcCwWA
&response_type=token
&scope=openid%20phone
&redirect_uri=https%3A%2F%2FyourRedirectUriHere.com
&state=myState
&nonce=${myNonceValue}"
```
Note: The response_type for an ID token looks like this: &response_type=id_token.
Paste the request URL into a browser. The User Consent dialog box appears. Click Allow to create the grant.

Note: The user only has to grant consent once for an attribute per authorization server.

Next: Verification

Build the request

On This Page