/.well-known/openid-configuration

OpenID Connect discovery metadata for sso.user.m7.org.

Endpoint

• Methods: GET or HEAD
• URL: https://sso.user.m7.org/.well-known/openid-configuration
• Response: JSON

What it returns

The current discovery document advertises:

• issuer
• authorization_endpoint
• pushed_authorization_request_endpoint
• registration_endpoint
• token_endpoint
• end_session_endpoint
• jwks_uri
• userinfo_endpoint
• revocation_endpoint
• introspection_endpoint
• device_authorization_endpoint
• response_types_supported
• response_modes_supported
• grant_types_supported
• code_challenge_methods_supported
• token, revocation, and introspection auth method support

Example

{
  "issuer": "https://sso.user.m7.org",
  "authorization_endpoint": "https://sso.user.m7.org/authorize",
  "pushed_authorization_request_endpoint": "https://sso.user.m7.org/par",
  "registration_endpoint": "https://sso.user.m7.org/register",
  "token_endpoint": "https://sso.user.m7.org/token",
  "end_session_endpoint": "https://sso.user.m7.org/end-session",
  "jwks_uri": "https://sso.user.m7.org/jwks.json",
  "userinfo_endpoint": "https://sso.user.m7.org/userinfo",
  "revocation_endpoint": "https://sso.user.m7.org/revoke",
  "introspection_endpoint": "https://sso.user.m7.org/introspect",
  "device_authorization_endpoint": "https://sso.user.m7.org/device_authorization"
}

Notes

• Use this endpoint when your client expects OpenID Connect discovery.
• The current server builds endpoint URLs from the request origin, so the document is host-local to the SSO surface you queried.