OAuth Parameters (original) (raw)
issuer
Authorization server's issuer identifier URL
IESG
authorization_endpoint
URL of the authorization server's authorization endpoint
IESG
token_endpoint
URL of the authorization server's token endpoint
IESG
jwks_uri
URL of the authorization server's JWK Set document
IESG
registration_endpoint
URL of the authorization server's OAuth 2.0 Dynamic Client Registration Endpoint
IESG
scopes_supported
JSON array containing a list of the OAuth 2.0 "scope" values that this authorization server supports
IESG
response_types_supported
JSON array containing a list of the OAuth 2.0 "response_type" values that this authorization server supports
IESG
response_modes_supported
JSON array containing a list of the OAuth 2.0 "response_mode" values that this authorization server supports
IESG
grant_types_supported
JSON array containing a list of the OAuth 2.0 grant type values that this authorization server supports
IESG
token_endpoint_auth_methods_supported
JSON array containing a list of client authentication methods supported by this token endpoint
IESG
token_endpoint_auth_signing_alg_values_supported
JSON array containing a list of the JWS signing algorithms supported by the token endpoint for the signature on the JWT used to authenticate the client at the token endpoint
IESG
service_documentation
URL of a page containing human-readable information that developers might want or need to know when using the authorization server
IESG
ui_locales_supported
Languages and scripts supported for the user interface, represented as a JSON array of language tag values from BCP 47 [RFC5646]
IESG
op_policy_uri
URL that the authorization server provides to the person registering the client to read about the authorization server's requirements on how the client can use the data provided by the authorization server
IESG
op_tos_uri
URL that the authorization server provides to the person registering the client to read about the authorization server's terms of service
IESG
revocation_endpoint
URL of the authorization server's OAuth 2.0 revocation endpoint
IESG
revocation_endpoint_auth_methods_supported
JSON array containing a list of client authentication methods supported by this revocation endpoint
IESG
revocation_endpoint_auth_signing_alg_values_supported
JSON array containing a list of the JWS signing algorithms supported by the revocation endpoint for the signature on the JWT used to authenticate the client at the revocation endpoint
IESG
introspection_endpoint
URL of the authorization server's OAuth 2.0 introspection endpoint
IESG
introspection_endpoint_auth_methods_supported
JSON array containing a list of client authentication methods supported by this introspection endpoint
IESG
introspection_endpoint_auth_signing_alg_values_supported
JSON array containing a list of the JWS signing algorithms supported by the introspection endpoint for the signature on the JWT used to authenticate the client at the introspection endpoint
IESG
code_challenge_methods_supported
PKCE code challenge methods supported by this authorization server
IESG
signed_metadata
Signed JWT containing metadata values about the authorization server as claims
IESG
device_authorization_endpoint
URL of the authorization server's device authorization endpoint
IESG
tls_client_certificate_bound_access_tokens
Indicates authorization server support for mutual-TLS client certificate-bound access tokens.
IESG
mtls_endpoint_aliases
JSON object containing alternative authorization server endpoints, which a client intending to do mutual TLS will use in preference to the conventional endpoints.
IESG
nfv_token_signing_alg_values_supported
JSON array containing a list of the JWS signing algorithms supported by the server for signing the JWT used as NFV Token
[ETSI]
nfv_token_encryption_alg_values_supported
JSON array containing a list of the JWE encryption algorithms (alg values) supported by the server to encode the JWT used as NFV Token
[ETSI]
nfv_token_encryption_enc_values_supported
JSON array containing a list of the JWE encryption algorithms (enc values) supported by the server to encode the JWT used as NFV Token
[ETSI]
userinfo_endpoint
URL of the OP's UserInfo Endpoint
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Discovery 1.0, Section 3]
acr_values_supported
JSON array containing a list of the Authentication Context Class References that this OP supports
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Discovery 1.0, Section 3]
subject_types_supported
JSON array containing a list of the Subject Identifier types that this OP supports
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Discovery 1.0, Section 3]
id_token_signing_alg_values_supported
JSON array containing a list of the JWS "alg" values supported by the OP for the ID Token
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Discovery 1.0, Section 3]
id_token_encryption_alg_values_supported
JSON array containing a list of the JWE "alg" values supported by the OP for the ID Token
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Discovery 1.0, Section 3]
id_token_encryption_enc_values_supported
JSON array containing a list of the JWE "enc" values supported by the OP for the ID Token
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Discovery 1.0, Section 3]
userinfo_signing_alg_values_supported
JSON array containing a list of the JWS "alg" values supported by the UserInfo Endpoint
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Discovery 1.0, Section 3]
userinfo_encryption_alg_values_supported
JSON array containing a list of the JWE "alg" values supported by the UserInfo Endpoint
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Discovery 1.0, Section 3]
userinfo_encryption_enc_values_supported
JSON array containing a list of the JWE "enc" values supported by the UserInfo Endpoint
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Discovery 1.0, Section 3]
request_object_signing_alg_values_supported
JSON array containing a list of the JWS "alg" values supported by the OP for Request Objects
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Discovery 1.0, Section 3]
request_object_encryption_alg_values_supported
JSON array containing a list of the JWE "alg" values supported by the OP for Request Objects
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Discovery 1.0, Section 3]
request_object_encryption_enc_values_supported
JSON array containing a list of the JWE "enc" values supported by the OP for Request Objects
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Discovery 1.0, Section 3]
display_values_supported
JSON array containing a list of the "display" parameter values that the OpenID Provider supports
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Discovery 1.0, Section 3]
claim_types_supported
JSON array containing a list of the Claim Types that the OpenID Provider supports
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Discovery 1.0, Section 3]
claims_supported
JSON array containing a list of the Claim Names of the Claims that the OpenID Provider MAY be able to supply values for
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Discovery 1.0, Section 3]
claims_locales_supported
Languages and scripts supported for values in Claims being returned, represented as a JSON array of BCP 47 [RFC5646] language tag values
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Discovery 1.0, Section 3]
claims_parameter_supported
Boolean value specifying whether the OP supports use of the "claims" parameter
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Discovery 1.0, Section 3]
request_parameter_supported
Boolean value specifying whether the OP supports use of the "request" parameter
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Discovery 1.0, Section 3]
request_uri_parameter_supported
Boolean value specifying whether the OP supports use of the "request_uri" parameter
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Discovery 1.0, Section 3]
require_request_uri_registration
Boolean value specifying whether the OP requires any "request_uri" values used to be pre-registered
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Discovery 1.0, Section 3]
require_signed_request_object
Indicates where authorization request needs to be protected as Request Object and provided through either request or request_uri parameter.
IETF
pushed_authorization_request_endpoint
URL of the authorization server's pushed authorization request endpoint
IESG
require_pushed_authorization_requests
Indicates whether the authorization server accepts authorization requests only via PAR.
IESG
introspection_signing_alg_values_supported
JSON array containing a list of algorithms supported by the authorization server for introspection response signing
IETF
introspection_encryption_alg_values_supported
JSON array containing a list of algorithms supported by the authorization server for introspection response content key encryption (alg value)
IETF
introspection_encryption_enc_values_supported
JSON array containing a list of algorithms supported by the authorization server for introspection response content encryption (enc value)
IETF
authorization_response_iss_parameter_supported
Boolean value indicating whether the authorization server provides the iss parameter in the authorization response.
IETF
check_session_iframe
URL of an OP iframe that supports cross-origin communications for session state information with the RP Client, using the HTML5 postMessage API
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Session Management 1.0, Section 3.3]
frontchannel_logout_supported
Boolean value specifying whether the OP supports HTTP-based logout, with true indicating support
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Front-Channel Logout 1.0, Section 3]
backchannel_logout_supported
Boolean value specifying whether the OP supports back-channel logout, with true indicating support
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Back-Channel Logout 1.0, Section 2]
backchannel_logout_session_supported
Boolean value specifying whether the OP can pass a sid (session ID) Claim in the Logout Token to identify the RP session with the OP
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect Back-Channel Logout 1.0, Section 2]
end_session_endpoint
URL at the OP to which an RP can perform a redirect to request that the End-User be logged out at the OP
[OpenID_Foundation_Artifact_Binding_Working_Group]
[OpenID Connect RP-Initiated Logout 1.0, Section 2.1]
backchannel_token_delivery_modes_supported
Supported CIBA authentication result delivery modes
[OpenID_Foundation_MODRNA_Working_Group]
[OpenID Connect Client-Initiated Backchannel Authentication Flow - Core 1.0, Section 4]
backchannel_authentication_endpoint
CIBA Backchannel Authentication Endpoint
[OpenID_Foundation_MODRNA_Working_Group]
[OpenID Connect Client-Initiated Backchannel Authentication Flow - Core 1.0, Section 4]
backchannel_authentication_request_signing_alg_values_supported
JSON array containing a list of the JWS signing algorithms supported for validation of signed CIBA authentication requests
[OpenID_Foundation_MODRNA_Working_Group]
[OpenID Connect Client-Initiated Backchannel Authentication Flow - Core 1.0, Section 4]
backchannel_user_code_parameter_supported
Indicates whether the OP supports the use of the CIBA user_code parameter.
[OpenID_Foundation_MODRNA_Working_Group]
[OpenID Connect Client-Initiated Backchannel Authentication Flow - Core 1.0, Section 4]
authorization_details_types_supported
JSON array containing the authorization details types the AS supports
IETF
dpop_signing_alg_values_supported
JSON array containing a list of the JWS algorithms supported for DPoP proof JWTs
IETF
client_registration_types_supported
Client Registration Types Supported
[OpenID_Foundation_Artifact_Binding_Working_Group]
[Section 5.1.3 of OpenID Federation 1.0]
federation_registration_endpoint
Federation Registration Endpoint
[OpenID_Foundation_Artifact_Binding_Working_Group]
[Section 5.1.3 of OpenID Federation 1.0]
request_authentication_methods_supported
Authentication request authentication methods supported
[OpenID_Foundation_Artifact_Binding_Working_Group]
[Section 5.1.3 of OpenID Federation 1.0]
request_authentication_signing_alg_values_supported
JSON array containing the JWS signing algorithms supported for the signature on the JWT used to authenticate the request
[OpenID_Foundation_Artifact_Binding_Working_Group]
[Section 5.1.3 of OpenID Federation 1.0]
signed_jwks_uri
URL referencing a signed JWT having this authorization server's JWK Set document as its payload
[OpenID_Foundation_Artifact_Binding_Working_Group]
[Section 5.2.1 of OpenID Federation 1.0]
jwks
JSON Web Key Set document, passed by value
[OpenID_Foundation_Artifact_Binding_Working_Group]
[Section 5.2.1 of OpenID Federation 1.0]
organization_name
Human-readable name representing the organization owning this authorization server
[OpenID_Foundation_Artifact_Binding_Working_Group]
[Section 5.2.2 of OpenID Federation 1.0]
contacts
Array of strings representing ways to contact people responsible for this authorization server, typically email addresses
[OpenID_Foundation_Artifact_Binding_Working_Group]
[Section 5.2.2 of OpenID Federation 1.0]
logo_uri
URL that references a logo for the organization owning this authorization server
[OpenID_Foundation_Artifact_Binding_Working_Group]
[Section 5.2.2 of OpenID Federation 1.0]
homepage_uri
URL of a Web page for the organization owning this authorization server
[OpenID_Foundation_Artifact_Binding_Working_Group]
[Section 5.2.2 of OpenID Federation 1.0]
protected_resources
JSON array containing a list of resource identifiers for OAuth protected resources
IETF