OpenID Connect 1.0 Endpoints
AM exposes the following OpenID Connect-related endpoints:
|AM Acting As...||Endpoint||Description|
Retrieves information about an authenticated user. It requires a valid token issued with, at least, the
|Provider||Validates unencrypted ID tokens (AM-specific endpoint).|
|Provider||Retrieves OpenID Connect session information (OpenID Connect Session Management endpoint).|
|Provider||Invalidates OpenID Connect sessions (OpenID Connect Session Management endpoint).|
|Provider||Registers, reads, and deletes OAuth 2.0 clients (RFC7592 and RFC7591)|
|Provider||Exposes the URL of the OpenID provider during OpenID Connect discovery.|
|Provider||Exposes provider configuration for OpenID Connect discovery.|
Exposes the public keys that clients can use to verify the signature of client-based tokens and to encrypt OpenID Connect requests sent as a JWT.
|Relying Party|| |
Exposes AM client public keys. Providers can use them to encrypt ID tokens sent to AM, and to verify JWT and object signatures coming from AM.
When AM acts as an OpenID Connect provider, the OAuth 2.0 endpoints support OpenID Connect specific parameters, such as
For a complete list of the endpoints and parameters AM supports as an OAuth 2.0/OpenID Connect provider, see OAuth 2.0 Endpoints and OAuth 2.0 Administration and Supporting REST Endpoints.