33 lines
1.6 KiB
Text
33 lines
1.6 KiB
Text
[id="con-server-oidc-uri-endpoints_{context}"]
|
|
|
|
==== {project_name} server OIDC URI endpoints
|
|
[role="_abstract"]
|
|
The following is a list of OIDC endpoints that {project_name} publishes. These endpoints can be used when a non-{project_name} client adapter uses OIDC to communicate with the authentication server. They are all relative URLs. The root of the URL consists of the HTTP(S) protocol, hostname, and optionally the path: For example
|
|
|
|
[source, subs="attributes"]
|
|
----
|
|
https://localhost:8080{kc_base_path}
|
|
----
|
|
|
|
/realms/{realm-name}/protocol/openid-connect/auth::
|
|
Used for obtaining a temporary code in the Authorization Code Flow or obtaining tokens using the Implicit Flow, Direct Grants, or Client Grants.
|
|
|
|
/realms/{realm-name}/protocol/openid-connect/token::
|
|
Used by the Authorization Code Flow to convert a temporary code into a token.
|
|
|
|
/realms/{realm-name}/protocol/openid-connect/logout::
|
|
Used for performing logouts.
|
|
|
|
/realms/{realm-name}/protocol/openid-connect/userinfo::
|
|
Used for the User Info service described in the OIDC specification.
|
|
|
|
/realms/{realm-name}/protocol/openid-connect/revoke::
|
|
Used for OAuth 2.0 Token Revocation described in https://datatracker.ietf.org/doc/html/rfc7009[RFC7009].
|
|
|
|
/realms/{realm-name}/protocol/openid-connect/certs::
|
|
Used for the JSON Web Key Set (JWKS) containing the public keys used to verify any JSON Web Token (jwks_uri)
|
|
|
|
/realms/{realm-name}/protocol/openid-connect/auth/device::
|
|
Used for Device Authorization Grant to obtain a device code and a user code.
|
|
|
|
In all of these, replace {realm-name} with the name of the realm.
|