OpenID Connect 1.0 Endpoints
When acting as an OpenID Connect provider, AM exposes the following endpoints:
OpenID Connect 1.0 Endpoints
| Endpoint | Description |
|---|---|
"/oauth2/userinfo" | Retrieve information about an authenticated user. It requires a valid token issued with, at least, the openid scope (OpenID Connect userinfo endpoint). |
"/oauth2/idtokeninfo" | Validates unencrypted ID tokens (AM-specific endpoint). |
"/oauth2/connect/checkSession" | Retrieves OpenID Connect session information (OpenID Connect Session Management endpoint). |
"/oauth2/connect/endSession" | Invalidates OpenID Connect sessions (OpenID Connect Session Management endpoint). |
"/oauth2/register" | Register, read, and delete OAuth 2.0 clients (RFC7592 and RFC7591) |
"/.well-known/webfinger" | Retrieve the URL of the OpenID provider during OpenID Connect discovery. |
"/oauth2/.well-known/openid-configuration" | Retrieve provider configuration during OpenID Connect discovery. |
"/oauth2/connect/jwk_uri" | Expose the public keys that clients can use to verify the signature of client-based tokens and to encrypt OpenID Connect requests sent as a JWT. |
Tip
When AM acts as an OpenID Connect provider, the OAuth 2.0 endpoints support OpenID Connect specific parameters, such as prompt and ui_locales.
For a complete list of the endpoints and parameters AM supports as an OAuth 2.0/OpenID Connect provider, see OAuth 2.0 Endpoints and OAuth 2.0 Administration and Supporting REST Endpoints.