Skip to content
Connect2id
Connect2id server

Published complete OAuth 2.0 / OpenID Connect endpoint reference

Today we published a complete API reference for the standard OAuth 2.0 / OpenID Connect endpoints provided by the Connect2id server.

Client application developers should now have an easier job integrating the Connect2id server into their login / SSO and authorisation flows. The reference comes with examples and further pointers to the underlying IETF and OpenID specifications.

The following endpoints are covered:

  • Server discovery – enables discovery of the OAuth 2.0 / OpenID Connect endpoint URLs, supported authentication methods and other features.

  • Server JWK set – for retrieval of the public server JSON Web Key (JWK) required to verify the authenticity of issued ID and access tokens.

  • Client registration – to register new client applications with the server, and to access, update and delete existing registrations.

  • Authorisation – the endpoint where the browser is sent to request the end-user’s authentication and authorisation. This endpoint is used in the code and implicit OAuth 2.0 flows which require end-user interaction.

  • Token – To post an OAuth 2.0 grant (code, refresh token, resource owner password credentials, client credentials) to obtain an ID and / or access token.

  • Token revocation – to revoke an obtained access or refresh token.

  • UserInfo – protected OpenID Connect resource, enables retrieval of profile information and other attributes for a logged-in end-user.