Examples

Client and server-side code examples using the SDK.

OAuth 2.0

Core:

• Authorisation request
• Token request
• Protected resource request
• Access token introspection

Extensions:

• Client registration
• Proof Key for Code Exchange (PKCE)
• DPoP sender-constrained access tokens
• JWT-secured authorisation request (JAR)
• JWT-secured authorisation responses (JARM)
• Rich authorisation requests (RAR)
• Token exchange
• Request object endpoint (JAR, FAPI), obsoleted by PAR

Extras:

• Redirect URI validation

OpenID Connect

Core:

• Authentication request
• Token request
• ID token validation
• UserInfo request

Extensions:

• OpenID provider configuration request
• OpenID relying party registration
• OpenID Connect native SSO
• Logout tokens
• Identity Assurance / eKYC
• OpenID Federation
• Client-Initiated Back-channel Authentication (CIBA)

HTTP, TLS and X.509 certificate utilities

• Self-signed client X.509 certificate for mTLS
• HTTPS request with custom trust store for server certificates
• HTTPS request with client certificate
• How to use a custom HTTP client