fix: validated authorization code flow with rar article (#656)

lrzhou25 · web-flow · commit 9c4a5555a0e0 · 2026-02-23T08:24:37.000-08:00
* fix: validated authorization code flow with rar article

* Fixed language in code sample

* Fixed language
diff --git a/main/docs/get-started/authentication-and-authorization-flow/authorization-code-flow/authorization-code-flow-with-rar.mdx b/main/docs/get-started/authentication-and-authorization-flow/authorization-code-flow/authorization-code-flow-with-rar.mdx
@@ -1,6 +1,7 @@
 ---
 description: Learn how to use Rich Authorization Requests (RAR) with the Authorization Code Flow.
 title: Authorization Code Flow with Rich Authorization Requests (RAR)
+validatedOn: 2026-02-20
 ---
 
 Using [Rich Authorization Requests (RAR)](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-rar), clients can request and obtain <Tooltip tip="Fine-grained Authorization (FGA): Auth0 product allowing individual users access to specific objects or resources." cta="View Glossary" href="/docs/glossary?term=fine-grained+authorization">fine-grained authorization</Tooltip> data from <Tooltip tip="Resource Owner: Entity (such as a user or application) capable of granting access to a protected resource." cta="View Glossary" href="/docs/glossary?term=resource+owners">resource owners</Tooltip>, such as end users.  Clients can pass RAR data to the Pushed Authorization Request (PAR) endpoint as part of the Authorization Code Flow. To learn more, read [Configure Pushed Authorization Requests](/docs/get-started/applications/configure-par).
@@ -19,11 +20,11 @@ You must pass the `authorization_details` parameter to the `/par` endpoint, whic
 
 To complete the Authorization Code Flow, exchange the authorization code at the `/oauth/token` endpoint, as in the following example:
 
-```json lines
-POST https://$tenant/oauth/token
+```http lines
+POST https://{YOUR_DOMAIN}.auth0.com/oauth/token
 Content-Type: application/x-www-form-urlencoded
 
-grant_type=authorization_code&client_id=[CLIENT_ID]&client_secret=[CLIENT_SECRET]&code=[AUTHZ_CODE]&redirect_uri=https://jwt.io
+grant_type=authorization_code&client_id={YOUR_CLIENT_ID}&client_secret={YOUR_CLIENT_SECRET}&code={AUTHORIZATION_CODE}&redirect_uri=https://jwt.io
 ```
 
 
@@ -97,7 +98,7 @@ To configure RAR for the Authorization Code Flow, you need to:
 
 To learn more, read [Configure Rich Authorization Requests](/docs/get-started/apis/configure-rich-authorization-requests).
 
-### Access `authorization_details` in Actions
+## Access `authorization_details` in Actions
 
 <Callout icon="file-lines" color="#0EA5E9" iconType="regular">
 
