OIDCConfig#
- pydantic model gafaelfawr.models.oidc.OIDCConfig#
Schema for the
/.well-known/openid-configurationendpoint.- Parameters:
data (
Any) –
Show JSON schema
{ "title": "OIDCConfig", "description": "Schema for the ``/.well-known/openid-configuration`` endpoint.", "type": "object", "properties": { "issuer": { "examples": [ "https://example.com/" ], "title": "iss value for JWTs", "type": "string" }, "authorization_endpoint": { "examples": [ "https://example.com/auth/openid/login" ], "title": "URL to start login", "type": "string" }, "token_endpoint": { "examples": [ "https://example.com/auth/openid/token" ], "title": "URL to get token", "type": "string" }, "userinfo_endpoint": { "examples": [ "https://example.com/auth/openid/userinfo" ], "title": "URL to get user metadata", "type": "string" }, "jwks_uri": { "description": "Endpoint will return a JWKS", "examples": [ "https://example.com/.well-known/jwks.json" ], "title": "URL to get signing keys", "type": "string" }, "scopes_supported": { "default": [ "openid" ], "description": "`openid` is the only supported scope", "examples": [ [ "openid" ] ], "items": { "type": "string" }, "title": "Supported scopes", "type": "array" }, "response_types_supported": { "default": [ "code" ], "description": "`code` is the only supported response type", "examples": [ [ "code" ] ], "items": { "type": "string" }, "title": "Supported response types", "type": "array" }, "grant_types_supported": { "default": [ "authorization_code" ], "description": "`authorization_code` is the only supported grant type", "examples": [ [ "authorization_code" ] ], "items": { "type": "string" }, "title": "Supported grant types", "type": "array" }, "subject_types_supported": { "default": [ "public" ], "description": "`public` is the only supported subject type", "examples": [ [ "public" ] ], "items": { "type": "string" }, "title": "Supported subject types", "type": "array" }, "id_token_signing_alg_values_supported": { "default": [ "RS256" ], "description": "`RS256` is the only supported signing algorithm", "examples": [ [ "RS256" ] ], "items": { "type": "string" }, "title": "Supported JWT signing algorithms", "type": "array" }, "token_endpoint_auth_methods_supported": { "default": [ "client_secret_post" ], "description": "`client_secret_post` is the only supported auth method", "examples": [ [ "client_secret_post" ] ], "items": { "type": "string" }, "title": "Supported client auth methods", "type": "array" } }, "required": [ "issuer", "authorization_endpoint", "token_endpoint", "userinfo_endpoint", "jwks_uri" ] }
- Fields:
- field authorization_endpoint: str [Required]#
- field grant_types_supported: list[str] = ['authorization_code']#
authorization_code is the only supported grant type
- field id_token_signing_alg_values_supported: list[str] = ['RS256']#
RS256 is the only supported signing algorithm
- field issuer: str [Required]#
- field jwks_uri: str [Required]#
Endpoint will return a JWKS
- field response_types_supported: list[str] = ['code']#
code is the only supported response type
- field scopes_supported: list[str] = ['openid']#
openid is the only supported scope
- field subject_types_supported: list[str] = ['public']#
public is the only supported subject type
- field token_endpoint: str [Required]#
- field token_endpoint_auth_methods_supported: list[str] = ['client_secret_post']#
client_secret_post is the only supported auth method
- field userinfo_endpoint: str [Required]#