Standard OAuth 2.0 / OpenID Connect endpoints

The Connect2id server supports the following standard OAuth 2.0 server and OpenID Connect provider endpoints:

Endpoint Purpose
Server discovery Discover the OAuth 2.0 / OpenID Connect endpoints, capabilities, supported cryptographic algorithms and features.
Federation entity configuration Obtain the authorities, metadata and signing keys for a Connect2id server participating in a OpenID Connect federation.
Server JWK set Retrieve the public server JSON Web Key (JWK) to verify the signature of an issued token or to encrypt request objects to it.
Client registration Create, access, update or delete a client registration.
Federation client registration Create an explicit client registration with a Connect2id server participating in a OpenID Connect federation.
Pushed authorisation requests Submit the request parameters directly to the server before sending the end-user to the authorisation endpoint for login and consent.
Authorisation The client sends the end-user's browser here to request the user's authentication and consent. This endpoint is used in the code and implicit OAuth 2.0 flows which require end-user interaction.
Token Post an OAuth 2.0 grant (code, refresh token, resource owner password credentials, client credentials) to obtain an ID and / or access token.
Token introspection Validate an access token and retrieve its underlying authorisation (for resource servers).
Token revocation Revoke an obtained access or refresh token.
UserInfo Retrieve profile information and other attributes for a logged-in end-user.
Check session iframe Poll the OpenID provider for changes of end-user authentication status.
Logout (end-session) Sign out an end-user.