Published complete OAuth 2.0 / OpenID Connect endpoint reference

Today we published a complete API reference for the standard OAuth 2.0 / OpenID Connect endpoints provided by the Connect2id server.

Client application developers should now have an easier job integrating the Connect2id server into their login / SSO and authorisation flows. The reference comes with examples and further pointers to the underlying IETF and OpenID specifications.

The following endpoints are covered:

  • Server discovery -- enables discovery of the OAuth 2.0 / OpenID Connect endpoint URLs, supported authentication methods and other features.

  • Server JWK set -- for retrieval of the public server JSON Web Key (JWK) required to verify the authenticity of issued ID and access tokens.

  • Client registration -- to register new client applications with the server, and to access, update and delete existing registrations.

  • Authorisation -- the endpoint where the browser is sent to request the end-user's authentication and authorisation. This endpoint is used in the code and implicit OAuth 2.0 flows which require end-user interaction.

  • Token -- To post an OAuth 2.0 grant (code, refresh token, resource owner password credentials, client credentials) to obtain an ID and / or access token.

  • Token revocation -- to revoke an obtained access or refresh token.

  • UserInfo -- protected OpenID Connect resource, enables retrieval of profile information and other attributes for a logged-in end-user.