Overview#OpenID Connect Discovery is defined in the OpenID Connect Discovery Mechanism 1.0 incorporating errata set 1 Specification.
The OpenID Connect Discovery specification defines a Discovery Mechanism for an OpenID Connect Relying Party to discover the Resource Owner's Identity Provider (IDP) and obtain information needed to interact with the Identity Provider (IDP), including its OAuth 2.0 Endpoint locations.
OpenID Connect Discovery consists of two primary Discovery Mechanisms:
- OpenID Provider Issuer Discovery OpenID Connect uses WebFinger RFC 7033 to locate the OpenID Connect Provider for an End-User.
- OpenID Provider Metadata (Openid-configuration) - The Openid-configuration information for that OpenID Connect Provider is retrieved from a well-known location as a JSON document, including its OAuth 2.0 endpoint locations
More Information#There might be more information for this subject on one of the following:
- Authentication Context Class
- Best Practices OpenID Connect
- JWK Set
- OAuth 2.0 Authorization Server Metadata
- OAuth Dynamic Client Registration Metadata
- OAuth Token Request
- OpenAM Endpoints
- OpenID Connect Back-Channel Logout
- OpenID Connect Federation Async
- OpenID Connect Mobile Discovery Profile
- OpenID Connect Session Management
- OpenID Provider Issuer Discovery
- Web Blog_blogentry_120218_1
- Web Blog_blogentry_150617_1
- Why OpenID Connect