> ## Documentation Index
> Fetch the complete documentation index at: https://docs.fanfare.io/llms.txt
> Use this file to discover all available pages before exploring further.

# POST /auth/external/authorize

> Create a one-time exchange code for an external identity (server-to-server)



## OpenAPI

````yaml /api/openapi/consumer-api.json post /auth/external/authorize
openapi: 3.1.0
info:
  description: Consumer API for Fanfare
  title: Fanfare Consumer API
  version: 1.0.0
servers:
  - description: Production
    url: https://consumer.fanfare.io/api
  - description: Local development
    url: http://localhost:4802
security: []
paths:
  /auth/external/authorize:
    post:
      tags:
        - Auth
      description: >-
        Create a one-time exchange code for an external identity
        (server-to-server)
      operationId: postAuthExternalAuthorize
      requestBody:
        content:
          application/json:
            schema:
              properties:
                claims:
                  properties:
                    email:
                      type: string
                    fullName:
                      type: string
                    name:
                      type: string
                  required: []
                  type: object
                issuer:
                  type: string
                provider:
                  type: string
                subject:
                  type: string
              required:
                - provider
                - issuer
                - subject
              type: object
      responses:
        '200':
          content:
            application/json:
              schema:
                properties:
                  exchangeCode:
                    type: string
                  expiresAt:
                    type: string
                required:
                  - exchangeCode
                  - expiresAt
                type: object
          description: Exchange code created
        '400':
          content:
            application/json:
              schema:
                properties:
                  error:
                    const: validation_error
                  issues:
                    items:
                      properties:
                        expected:
                          type: string
                        kind:
                          type: string
                        message:
                          type: string
                        path:
                          items:
                            properties:
                              input: {}
                              key:
                                type: string
                              origin:
                                type: string
                              type:
                                type: string
                            required:
                              - type
                              - origin
                              - input
                              - key
                            type: object
                          type: array
                        received:
                          type: string
                        type:
                          type: string
                      required:
                        - kind
                        - type
                        - expected
                        - received
                        - message
                        - path
                      type: object
                    type: array
                required:
                  - error
                  - issues
                type: object
          description: Bad Request - Invalid input schema
        '401':
          content:
            application/json:
              schema:
                properties:
                  error:
                    type: string
                required:
                  - error
                type: object
          description: Unauthorized - Authentication required
        '403':
          content:
            application/json:
              schema:
                properties:
                  error:
                    type: string
                required:
                  - error
                type: object
          description: Forbidden - User must be authenticated
        '500':
          content:
            application/json:
              schema:
                properties:
                  error:
                    type: string
                required:
                  - error
                type: object
          description: Internal server error

````