OpenID Connect Discovery Endpoint
This OpenID Connect endpoint allows clients to dynamically discover information about the OpenID endpoints.
For all apps using the JWT Signing certificate at tenant level:
https://www.theidentityhub.com/{tenant}/.well-known/openid-configuration
For apps using a JWT Signing certificate at app level (see app detail page):
https://www.theidentityhub.com/{tenant}/App/{appid}/.well-known/openid-configuration
For more information on OpenID Connect see the specifications
Name |
Values |
Description |
authorization_endpoint |
https://www.theidentityhub.com/{tenant}/oauth2/v1/auth |
URL of the OAuth 2.0 Authorization Endpoint. |
claims_supported |
|
JSON array containing a list of the Claim Names of the Claims that the OpenID Provider MAY be able to supply values for. |
id_token_signing_alg_values_supported |
|
JSON array containing a list of the JWS signing algorithms (alg values) supported for the ID Token to encode the Claims in a JWT. |
issuer |
https://www.theidentityhub.com/{tenant} |
URL using the https scheme with no query or fragment component that The Identity Hub asserts as its Issuer Identifier. |
jwks_uri |
https://www.theidentityhub.com/{tenant}/oauth2/v1/certs |
URL of the The Identity Hub's JSON Web Key Set for apps using the certificate at tenant level. |
response_types_supported |
|
JSON array containing a list of the OAuth 2.0 response_type values that The Identity Hub supports. |
grant_types_supported |
|
JSON array containing a list of the OAuth 2.0 Grant Type values that The Identity Hub supports. |
claims_parameter_supported |
false |
Boolean value specifying whether the The Identity Hub supports use of the claims parameter. |
scopes_supported |
|
JSON array containing a list of the OAuth 2.0 scope values that this server supports. |
subject_types_supported |
|
JSON array containing a list of the Subject Identifier types that The Identity Hub supports. |
token_endpoint_auth_methods_supported |
|
JSON array containing a list of Client Authentication methods supported by this Token Endpoint. |
token_endpoint |
https://www.theidentityhub.com/{tenant}/oauth2/v1/token |
URL of The Identity Hub's OAuth 2.0 Token Endpoint. |
userinfo_endpoint |
https://www.theidentityhub.com/{tenant}/oauth2/v1/userinfo |
URL of The Identity Hub's UserInfo Endpoint. |
Example result
{
"authorization_endpoint": "https://www.theidentityhub.com/{tenant}/oauth2/v1/auth",
"claims_supported": [ "phone_number_verified", "phone_number", "email_verified", "locale", "nickname", "picture", "middle_name", "gender", "role", "birthdate", "email", "family_name", "given_name", "ppid", "sub", "unique_name", "iss", "iat", "nbf", "exp" ],
"id_token_signing_alg_values_supported": [ "RS256", "RS1" ],
"issuer": "https://www.theidentityhub.com/{tenant}",
"jwks_uri": "https://www.theidentityhub.com/{tenant}/oauth2/v1/certs",
"response_types_supported": [ "code", "token id_token", "id_token" ],
"grant_types_supported": [ "authorization_code", "implicit", "refresh_token" ],
"claims_parameter_supported": false,
"scopes_supported": [ "openid", "profile", "email", "address", "phone" ],
"subject_types_supported": [ "public" ],
"token_endpoint_auth_methods_supported": [ "client_secret_post", "client_secret_basic" ],
"token_endpoint": "https://www.theidentityhub.com/{tenant}/oauth2/v1/token",
"userinfo_endpoint": "https://www.theidentityhub.com/{tenant}/oauth2/v1/userinfo"
}