Discover OpenID Connect endpoints of Asgardeo
# Discover OpenID Connect endpoints of Asgardeo
When you build OpenID Connect login in your application using Asgardeo as your identity provider, you need to get the OpenID Connect endpoints and configurations from Asgardeo.
You can do this by invoking the discovery endpoint API or by using the Asgardeo Console as explained below.
# Prerequisite
To get started, you need to have an application registered in Asgardeo:
- Register a single-page app with OIDC.
- Register a web app with OIDC.
# Use the discovery endpoint
OpenID Connect Discovery allows you to discover the metadata such as endpoints, scopes, response types, claims, and supported client authentication methods of identity providers such as Asgardeo.
Applications can dynamically discover the OpenID Connect identity provider metadata by calling the OpenID Connect discovery endpoint. The structure of the request URL is as follows: <issuer>/.well-known/openid-configuration.
Issuer of Asgardeo
https://api.asgardeo.io/t/<organization_name>/oauth2/token
Discovery endpoint of Asgardeo
https://api.asgardeo.io/t/<organization_name>/oauth2/token/.well-known/openid-configuration
Sample request
Sample response
{
"introspection_endpoint" : "https://api.asgardeo.io/t/bifrost/oauth2/introspect",
"end_session_endpoint" : "https://api.asgardeo.io/t/bifrost/oidc/logout",
"registration_endpoint" : "https://api.asgardeo.io/t/bifrost/api/identity/oauth2/dcr/v1.0/register",
"token_endpoint" : "https://api.asgardeo.io/t/bifrost/oauth2/token",
"jwks_uri" : "https://api.asgardeo.io/t/bifrost/oauth2/jwks",
"revocation_endpoint" : "https://api.asgardeo.io/t/bifrost/oauth2/revoke",
"authorization_endpoint" : "https://api.asgardeo.io/t/bifrost/oauth2/authorize",
"issuer" : "https://api.asgardeo.io/t/bifrost/oauth2/token"
}
2
3
4
5
6
7
8
9
10
# Get endpoints from the console
Some applications and SDKs are not capable of dynamically resolving endpoints from OpenID Connect discovery. For such applications, you need to configure endpoints manually.
You can get the endpoints from the console as follows:
On the Asgardeo Console (opens new window), go to Applications.
Select an OIDC application from the list.
Go to the Info tab of the application and find the server endpoints to your organization.
# What's next?
Explore how OpenID Connect endpoints are used when you implement login to your applications:
- Implement login for single-page applications using the authorization code flow with PKCE.
- Implement login for traditional web applications using the authorization code flow.