Skip to content

Silent Authorization

To identify whether a user has already signed in to Unidy from another service or directly into Unidy you can perform a silent authorization request. Instead of redirecting the user back to the login form it always redirects back to the initiator with an error or with the requested login details. To do this add the prompt parameter to the authorization requests. The prompt parameter must be set to none in this case.

Authorize Request


Signed out redirect location

The redirect url will contain the following fragments:

Signed in redirect location

This example is using the PKCE Flow

Redirect location:

Creating Access Token

  Content-Type: application/x-www-formurlencoded 



UNIDY sessions are kept alive until the browser is closed or users clear the browser session data.


When a service integrates the RP-Initiated Logout Open ID Connect - Unidy Documentation users get signed out from UNIDY. This will not automatically end sessions/ sign out users in different services. The silent login can be performed in all services even when a user is still signed in within the service. In case Unidy returns an error the service could clear its session and sign out the user if needed.