OAuth 2.0 Endpoints
When acting as an OAuth 2.0 authorization server, AM exposes the following endpoints:
OAuth 2.0 Endpoints
| Endpoint | Description |
|---|---|
/oauth2/authorize | Obtain consent and an authorization grant (RFC 6749 authorization endpoint) |
/oauth2/bc-authorize | Initiate backchannel authorization (Backchannel flow endpoint) |
/oauth2/access_token | Obtain an access token (RFC 6749 token endpoint) |
/oauth2/device/code | Obtain a device code (Device flow endpoint) |
/oauth2/device/user | Obtain consent and authorization grant (Device flow endpoint) |
/oauth2/token/revoke | Revoke both access and refresh tokens (RFC 7009 endpoint) |
/oauth2/introspect | Retrieve metadata about a token, such as approved scopes and the context in which the token was issued (RFC 7662 endpoint) |
/json/token/macaroon | Retrieve metadata about a macaroon, and add caveats. |
Tip
As an OAuth 2.0/OpenID Connect/UMA provider, AM also exposes the following:
OAuth 2.0 endpoints to perform administrative tasks, such as creating clients. For more information, see OAuth 2.0 Administration and Supporting REST Endpoints
OpenID Connect-specific endpoints. For more information, see OpenID Connect 1.0 Endpoints.
UMA-specific endpoints. For more information, see UMA Endpoints.