Sample OpenId-Connect request
Authorization code flow
1. The client application creates a random String, named nonce, and sends to he user the following URL:
https://<identityprovider>/authorization? redirect_uri=https://<serviceprovider>/response& client_id=MYCLIENT& nonce=12345679801234567890& scope=openid& response_type=code |
2. Then, the user will be asked for a username and password, or any other means of authentication. After authenticating the user, the browser will be redirected to the URL configured in the service provider page, adding a one-time authorization code.
https://<serviceprovider>/response/? |
3. Once the service provider has received the one-time authorization code, it can connect to the identity provider to retrieve the oauth token, as well as the OpenID token.
POST https://<YOUR_SERVER>:2443/token Accept: application/json Authorization: Basic dGVzdDp0ZXN0 Content-Type: application/x-www-form-urlencoded
grant_type=authorization_code&code=XXXXXXXXXXXX |
&&TODO&&
1. The cl
1. The cl