Type Alias: AuthorizationServerMetadata
type AuthorizationServerMetadata = {
authorization_endpoint: string;
code_challenge_methods_supported?: string[];
grant_types_supported?: string[];
introspection_endpoint?: string;
introspection_endpoint_auth_methods_supported?: string[];
introspection_endpoint_auth_signing_alg_values_supported?: string[];
issuer: string;
jwks_uri?: string;
op_policy_uri?: string;
op_tos_uri?: string;
registration_endpoint?: string;
response_modes_supported?: string[];
response_types_supported: string[];
revocation_endpoint?: string;
revocation_endpoint_auth_methods_supported?: string[];
revocation_endpoint_auth_signing_alg_values_supported?: string[];
scope_supported?: string[];
service_documentation?: string;
token_endpoint: string;
token_endpoint_auth_methods_supported?: string[];
token_endpoint_auth_signing_alg_values_supported?: string[];
ui_locales_supported?: string[];
userinfo_endpoint?: string;
};Schema for OAuth 2.0 Authorization Server Metadata as defined in RFC 8414.
Type declaration
authorization_endpoint
authorization_endpoint: string;URL of the authorization server's authorization endpoint [RFC6749]. This is REQUIRED unless no grant types are supported that use the authorization endpoint.
See
https://rfc-editor.org/rfc/rfc6749#section-3.1
code_challenge_methods_supported?
optional code_challenge_methods_supported: string[];JSON array containing a list of Proof Key for Code Exchange (PKCE) [RFC7636] code challenge methods supported by this authorization server.
grant_types_supported?
optional grant_types_supported: string[];JSON array containing a list of the OAuth 2.0 grant type values that this authorization server
supports. The array values used are the same as those used with the grant_types parameter
defined by "OAuth 2.0 Dynamic Client Registration Protocol" [RFC7591].
If omitted, the default value is ["authorization_code", "implicit"].
introspection_endpoint?
optional introspection_endpoint: string;URL of the authorization server's OAuth 2.0 introspection endpoint [RFC7662].
introspection_endpoint_auth_methods_supported?
optional introspection_endpoint_auth_methods_supported: string[];introspection_endpoint_auth_signing_alg_values_supported?
optional introspection_endpoint_auth_signing_alg_values_supported: string[];issuer
issuer: string;The authorization server's issuer identifier, which is a URL that uses the https scheme and
has no query or fragment components.
jwks_uri?
optional jwks_uri: string;URL of the authorization server's JWK Set [JWK]
document. The referenced document contains the signing key(s) the client uses to validate
signatures from the authorization server. This URL MUST use the https scheme.
op_policy_uri?
optional op_policy_uri: string;op_tos_uri?
optional op_tos_uri: string;registration_endpoint?
optional registration_endpoint: string;URL of the authorization server's OAuth 2.0 Dynamic Client Registration endpoint [RFC7591].
response_modes_supported?
optional response_modes_supported: string[];JSON array containing a list of the OAuth 2.0 response_mode values that this
authorization server supports, as specified in "OAuth 2.0 Multiple Response
Type Encoding Practices"
[OAuth.Responses].
If omitted, the default is ["query", "fragment"]. The response mode value "form_post" is
also defined in "OAuth 2.0 Form Post Response Mode"
[OAuth.FormPost].
response_types_supported
response_types_supported: string[];JSON array containing a list of the OAuth 2.0 response_type values that this authorization
server supports. The array values used are the same as those used with the response_types
parameter defined by "OAuth 2.0 Dynamic Client Registration Protocol"
[RFC7591].
revocation_endpoint?
optional revocation_endpoint: string;URL of the authorization server's OAuth 2.0 revocation endpoint [RFC7009].
revocation_endpoint_auth_methods_supported?
optional revocation_endpoint_auth_methods_supported: string[];revocation_endpoint_auth_signing_alg_values_supported?
optional revocation_endpoint_auth_signing_alg_values_supported: string[];scope_supported?
optional scope_supported: string[];service_documentation?
optional service_documentation: string;token_endpoint
token_endpoint: string;URL of the authorization server's token endpoint [RFC6749]. This is REQUIRED unless only the implicit grant type is supported.
See
https://rfc-editor.org/rfc/rfc6749#section-3.2
token_endpoint_auth_methods_supported?
optional token_endpoint_auth_methods_supported: string[];token_endpoint_auth_signing_alg_values_supported?
optional token_endpoint_auth_signing_alg_values_supported: string[];ui_locales_supported?
optional ui_locales_supported: string[];userinfo_endpoint?
optional userinfo_endpoint: string;URL of the OpenID Connect userinfo endpoint. This endpoint is used to retrieve information about the authenticated user.