Skip to main content

Sample OpenId-Connect request

Authorization code flow

1. The client application creates a random String, named nonce, and sends to he user the following URL:

https://<identityprovider>/authorization?

redirect_uri=https://<serviceprovider>/response&

client_id=MYCLIENT&

nonce=12345679801234567890&

scope=openid&

response_type=code

2. Then, the user will be asked for a username and password, or any other means of authentication. After authenticating the user, the browser will be redirected to the URL configured in the service provider page, adding a one-time authorization code.

https://<serviceprovider>/response/?
code=XXXXXXXXXXXXXXX&
nonce=12345679801234567980

3. Once the service provider has received the one-time authorization code, it can connect to the identity provider to retrieve the oauth token, as well as the OpenID token.

POST https://<YOUR_SERVER>:2443/token

Accept: application/json

Authorization: Basic dGVzdDp0ZXN0

Content-Type: application/x-www-form-urlencoded

 

grant_type=authorization_code&code=XXXXXXXXXXXX

 

&&TODO&&

1. The cl

 

 

1. The cl