Overview#

OpenID Connect Discovery is defined in the OpenID Connect Discovery Mechanism 1.0 incorporating errata set 1 Specification.

The OpenID Connect Discovery specification defines a Discovery Mechanism for an OpenID Connect Relying Party to discover the Resource Owner's Identity Provider (IDP) and obtain information needed to interact with the Identity Provider (IDP), including its OAuth 2.0 Endpoint locations.

OpenID Connect Discovery consists of two primary Discovery Mechanisms:

• OpenID Provider Issuer Discovery OpenID Connect uses WebFinger RFC 7033 to locate the OpenID Connect Provider for an End-User.
• OpenID Provider Metadata (Openid-configuration) - The Openid-configuration information for that OpenID Connect Provider is retrieved from a well-known location as a JSON document, including its OAuth 2.0 endpoint locations

More Information#

There might be more information for this subject on one of the following:

• Authentication Context Class
• Authorization_endpoint
• Backchannel_logout_session_supported
• Backchannel_logout_supported
• Best Practices OpenID Connect
• Check_session_iframe
• Default_acr_values
• JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants
• JWK Set
• Login_hint_token
• Mobile Operator Discovery, Registration & Authentication
• OAuth 2.0 Authorization Server Metadata
• OAuth Dynamic Client Registration Metadata
• OAuth Token Request
• OpenAM Endpoints
• OpenID Connect Back-Channel Logout
• OpenID Connect Federation
• OpenID Connect Federation Async
• OpenID Connect Mobile Discovery Profile
• OpenID Connect Session Management
• OpenID Provider Issuer Discovery
• OpenID.Discovery
• Openid-configuration
• Request_uri_parameter_supported
• Revocation_endpoint
• Self-Issued OpenID Provider
• Sub
• Subject_type
• Why OpenID Connect