Versions Compared

Old Version 3

changes.mady.by.user Kristoffer Kristoffer

Saved on

compared with

New Version 4

changes.mady.by.user Janny Kinende

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space PDOIDC and version master

Token is a standard endpoint used for requesting various combinations of ID TokenAccess Token and Refresh Token. The type of request (and corresponding response) is determined by the grant_type request parameter as described further below. 

...

URLhttps://<oidc-baseurl>/protocol/openid-connect/token
RequestPOST with parameters in body as application/x-www-form-urlencoded data
AuthenticationOIDC/OAuth2 client authentication according to supported methods
Success response200 OK with JSON containing response elements
Error response400 Bad request with JSON containing standard error reponse elements
ExampleSee below

...

NameDescription
grant_typeauthorization_code
codeValue from response of the foregoing Authorize  request
redirect_uri

redirect_uri used in the foregoing Authorize request.Note: Repeating this uri in the token request a countermeasure against code leakage attacks

Client Credentials

This grant type is associated with the Client credential flow. This grant type does not involve any end-user interaction and is not related to any preceeding Authorize request.

...