The authorization_code the application asked for. The application can use the authorization code to ask for an access token for the target source. Authorization codes are short lived. Typically, they expire immediately after about 10 minutes.The shopper really should deliver the consumer back for the /authorize endpoint with the right scope to set