LoginRadius DocsDocs
DocumentationAPI ReferencesSDKsChangelogs

OAuth Authorization Server Metadata (well-known URI, OAuth)

Returns OAuth 2.0 Authorization Server Metadata (RFC 8414) using the well-known URI pattern. Path format is /.well-known/oauth-authorization-server/service/oauth/{OAuthAppName}.

GET
/.well-known/oauth-authorization-server/service/oauth/{OAuthAppName}

Returns OAuth 2.0 Authorization Server Metadata (RFC 8414) using the well-known URI pattern. Path format is /.well-known/oauth-authorization-server/service/oauth/{OAuthAppName}.

Authorization

apikey<token>

Tenant API Key for authentication

In: query

Path Parameters

OAuthAppName*string

OAuth App Name

Response Body

application/json

application/json

application/json

curl -X GET "https://TenantName.hub.loginradius.com/.well-known/oauth-authorization-server/service/oauth/example_oauth_app"
{
  "issuer": "https://{TenantEndpoint}/service/oidc/{oidcAppName}",
  "authorization_endpoint": "https://{TenantEndpoint}/service/oidc/{oidcAppName}/authorize",
  "token_endpoint": "https://{TenantEndpoint}/api/oidc/{oidcAppName}/token",
  "jwks_uri": "https://{TenantEndpoint}/service/oidc/{oidcAppName}/jwks",
  "response_types_supported": [
    "code"
  ],
  "grant_types_supported": [
    "authorization_code",
    "refresh_token",
    "urn:ietf:params:oauth:grant-type:device_code"
  ],
  "token_endpoint_auth_methods_supported": [
    "none",
    "client_secret_post",
    "client_secret_basic"
  ],
  "registration_endpoint": "https://{TenantEndpoint}/api/oidc/{oidcAppName}/register",
  "scopes_supported": [
    "openid",
    "email",
    "phone",
    "profile",
    "address"
  ],
  "response_modes_supported": [
    "query",
    "form_post",
    "fragment"
  ],
  "code_challenge_methods_supported": [
    "S256"
  ],
  "revocation_endpoint": "https://{TenantEndpoint}/api/oidc/{oidcAppName}/revoke",
  "revocation_endpoint_auth_methods_supported": [
    "none",
    "client_secret_post",
    "client_secret_basic"
  ],
  "device_authorization_endpoint": "https://{TenantEndpoint}/service/oidc/{oidcAppName}/device/authorize",
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256"
  ],
  "subject_types_supported": [
    "public"
  ],
  "ClientIdMetadataDocumentSupported": true
}
{
  "error": "string",
  "error_description": "string"
}
{
  "error": "string",
  "error_description": "string"
}

OAuth Authorization Server Metadata (no app name) GET

Returns OAuth 2.0 Authorization Server Metadata (RFC 8414) for the OAuth flow without an app name in the path. Issuer and endpoints use the base path /oauth.

Retrieve OIDC device code POST

Retrieves an OIDC device code for device-based authentication.