Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
URLhttps://<baseurl>/oauth/.well-known/openid-configuration
RequestGET
AuthenticationNone (public)
Request parametersNone
Response elementsJSON structure according to standard.
ExampleSee below

Openid-configuration is a standard endpoint that returns a JSON-formatted response containing configuration metadata in terms of key properties of the OIDC Provider. Among other things this endpoint is used to prepare for token signature validation.

Anchor
example
example
Example

The following example shows a request / response pair for the openid-configuration endpoint at the BankID pilot in pre-production

Code Block
languagexml
themeConfluence
titleRequest / Response
GET /oidc/oauth/.well-known/openid-configuration HTTP/1.1
Host: preprod.bankidapis.no
Connection: close
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.8
 
HTTP/1.1 200 OK
Content-Type: application/json;charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Date: Tue, 23 May 2017 20:42:14 GMT
Connection: close
Content-Length: 1369
{
    "authorization_endpoint": "https://preprod.bankidapis.no/oidc/oauth/authorize",
    "claim_types_supported": [
        "normal"
    ],
    "claims_parameter_supported": false,
    "claims_supported": [
        "preferred_username",
        "name",
        "sub",
        "iat",
        "iss",
        "auth_time",
        "exp",
        "birthdate",
        "nonce",
        "amr",
        "azp",
        "bid_code",
        "aud",
        "at_hash",
        "c_hash",
        "nnin",
        "address",
        "phone"
    ],
    "grant_types_supported": [
        "authorization_code"
    ],
    "id_token_signing_alg_values_supported": [
        "RS256"
    ],
    "issuer": "https://preprod.bankidapis.no",
    "jwks_uri": "https://preprod.bankidapis.no/oidc/oauth/userinfo/jwk",
    "login_hint_supported": "[BIM|BID][:\\d{11}][:\\d{8}][:\\d{6}] for respectively client_type, nnin, phoneNo, birthday",
    "response_modes_supported": [
        "query",
        "fragment",
        "form_post"
    ],
    "response_types_supported": [
        "code",
        "token",
        "id_token",
        "id_token token",
        "code token",
        "code id_token",
        "code id_token token"
    ],
    "scopes_supported": [
        "standard_bankid",
        "address",
        "phone",
        "operational-status-read",
        "nnin",
        "openid",
        "profile",
        "operational-status-write",
        "email"
    ],
    "serverVersion": "bankid-oauth-api 1.2.7",
    "subject_types_supported": [
        "public"
    ],
    "token_endpoint": "https://preprod.bankidapis.no/oidc/oauth/token",
    "token_endpoint_auth_methods_supported": [
        "client_secret_post",
        "client_secret_basic"
    ],
    "ui_locales_supported": [
        "no",
        "en"
    ],
    "userinfo_endpoint": "https://preprod.bankidapis.no/oidc/oauth/userinfo",
    "userinfo_signing_alg_values_supported": [
        "RS256",
        "none"
    ]
}