Anonymous requests are allowed.

This end-point returns a JSON-formatted response containing key properties of the OIDC Provider.

Among other things this end-point is used to prepare for token validation.

Below is an example response from /openid-configuration for the OIDC Provider in its BankID configuration in pre-production:

"standard_bankid", "address", "phone",
"nnin", "openid", "profile",
"code", "token", "id_token",
"id_token token", "code token", "code id_token",
"code id_token token"
"query", "fragment", "form_post"
"RS256", "none"
"client_secret_post", "client_secret_basic"
"preferred_username", "name", "sub",
"iat", "iss", "auth_time",
"exp", "birthdate", "nonce",
"amr", "azp", "bid_code",
"aud", "at_hash", "c_hash",
"nnin", "address", "phone"
"login_hint_supported":"[BIM|BID][:\\d{11}][:\\d{8}][:\\d{6}] for respectively client_type, nnin, phoneNo, birthday",
"serverVersion":"bankid-oauth-api 1.2.0"