openid-configuration
eSignet's openid-configuration
well-known endpoint holds the map, which is the same as the openid-configuration's well-known specification.
{
"issuer": "https://esignet.collab.mosip.net",
"authorization_endpoint": "https://esignet.collab.mosip.net/authorize",
"token_endpoint": "https://esignet.collab.mosip.net/v1/esignet/oauth/v2/token",
"userinfo_endpoint": "https://esignet.collab.mosip.net/v1/esignet/oidc/userinfo",
"jwks_uri": "https://esignet.collab.mosip.net/v1/esignet/oauth/.well-known/jwks.json",
"scopes_supported": [
"profile",
"email",
"phone"
],
"response_types_supported": [
"code"
],
"acr_values_supported": [
"mosip:idp:acr:password",
"mosip:idp:acr:generated-code",
"mosip:idp:acr:linked-wallet",
"mosip:idp:acr:biometrics"
],
"userinfo_signing_alg_values_supported": [
"RS256"
],
"userinfo_encryption_alg_values_supported": [
"RSAXXXXX"
],
"response_modes_supported": [
"query"
],
"token_endpoint_auth_methods_supported": [
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"RS256"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"claim_types_supported": [
"normal"
],
"claims_supported": [
"name",
"address",
"gender",
"birthdate",
"picture",
"email",
"phone_number"
],
"claims_locales_supported": [
"en"
],
"display_values_supported": [
"page",
"popup",
"touch",
"wap"
],
"ui_locales_supported": [
"en"
],
"claims_in_verified_claims_supported" : [
"name",
"address",
"gender",
"birthdate",
"picture",
"email",
"phone_number"
]
}
issuer
: The base URL or identifier of the OpenID Connect provider. The value comes from the configuration property mosip.esignet.discovery.issuer-id.authorization_endpoint
: The URL where the authorization request can be initiated.token_endpoint
: The URL where the token exchange occurs to obtain an access token.userinfo_endpoint
: The URL where additional user information can be requested.introspection_endpoint
: The URL where the token introspection can be performed to validate token information.jwks_uri
: The URL where the JSON Web Key Set (JWKS) can be retrieved. The JWKS contains the public keys used to verify ID tokens and other JWTs.scopes_supported
: The supported scopes that can be requested during the authentication process. The value comes from the configuration propertymosip.esignet.supported.openid.scopes
.response_types_supported
: The supported response types for the authorization request. The value comes from the configuration property mosip.esignet.supported.response.types.response_modes_supported
: The supported response modes for the authorization request. The value is ["query"], indicating that only the query response mode is supported.token_endpoint_auth_methods_supported
: The supported authentication methods for the token endpoint. The value is based on the configuration propertymosip.esignet.supported.client.auth.methods
.token_endpoint_auth_signing_alg_values_supported
: The supported signing algorithms for the authentication of the token endpoint. In this case, the value is ["RS256"], indicating that only the RS256 (RSA with SHA-256) algorithm is supported.userinfo_signing_alg_values_supported
: The supported signing algorithms for the user information endpoint. The value is ["RS256"], indicating that only the RS256 algorithm is supported for signing user information.userinfo_encryption_alg_values_supported
: The supported encryption algorithms for the user information endpoint. The value is ["RSAXXXXX"], suggesting that a specific encryption algorithm (represented as "RSAXXXXX") is supported. The actual algorithm should be provided.userinfo_encryption_enc_values_supported
: The supported encryption methods for the user information endpoint. The value is ["A128GCM"], indicating that only the A128GCM encryption method is supported.id_token_signing_alg_values_supported
: The supported signing algorithms for ID tokens. The value is ["RS256"], indicating that only the RS256 algorithm is supported for signing ID tokens.claim_types_supported
: The supported claim types. The value is ["normal"], suggesting that only normal claims are supported.claims_parameter_supported
: Specifies whether the claims parameter is supported in authorization requests. The value is true, indicating that the claims parameter is supported.display_values_supported
: The supported display values for the user interface. The value is based on the configuration property mosip.esignet.supported.ui.displays.subject_types_supported
: The supported subject types. The value is ["pairwise"], indicating that only pairwise subject types are supported.claims_supported
: The supported claims that can be included in ID tokens and user info responses. The value is a list of claim names, such as "iss
", "sub
", "acr
", "name
", etc.acr_values_supported
: The supported authentication context class references (ACR). The value is an empty object {}, indicating that no specific ACR values are supported.request_parameter_supported
: Specifies whether the request parameter is supported in authorization requests. The value is false, indicating that the request parameter is not supported.ui_locales_supported
: The supported user interface locales. The value is an empty object {}, suggesting that no specific UI locales are supported.claims_in_verified_claims_supported:
Supported verified claim names.
Last updated
Was this helpful?