Standard endpoints
The Connect2id server supports the following standard OAuth 2.0 server and OpenID Connect provider endpoints:
Endpoint | Purpose |
---|---|
Server discovery | Discover the OAuth 2.0 / OpenID Connect endpoints, capabilities, supported cryptographic algorithms and features. |
Federation entity configuration | Obtain the authorities, metadata and signing keys for a Connect2id server participating in a OpenID Connect federation. |
Server JWK set | Retrieve the public server JSON Web Key (JWK) to verify the signature of an issued token or to encrypt request objects to it. |
Client registration | Create, access, update or delete a client registration. |
Federation client registration | Create an explicit client registration with a Connect2id server participating in a OpenID Connect federation. |
Pushed authorisation requests | Submit the request parameters directly to the server before sending the end-user to the authorisation endpoint for login and consent. |
Authorisation | The client sends the end-user's browser here to request the user's authentication and consent. This endpoint is used in the code and implicit OAuth 2.0 flows which require end-user interaction. |
Token | Post an OAuth 2.0 grant (code, refresh token, resource owner password credentials, client credentials) to obtain an ID and / or access token. |
Token introspection | Validate an access token and retrieve its underlying authorisation (for resource servers). |
Token revocation | Revoke an obtained access or refresh token. |
UserInfo | Retrieve profile information and other attributes for a logged-in end-user. |
Check session iframe | Poll the OpenID provider for changes of end-user authentication status. |
Logout (end-session) | Sign out an end-user. |