Get OIDC Configuration

Get OIDC Configuration

This endpoint follows the specification defined at http://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata. It provides a mechanism for an OpenID Connect Relying Party to discover the End-User's OpenID Provider and obtain information needed to interact with it, including its OAuth 2.0 endpoint locations.

Request
URI
GET
https://{api_host}/acs/t/{tenant}/.well-known/openid-configuration
COPY
Path Parameters
string
tenant
Required

The VMware Identity Services tenant ID

tenant example
my-tenant
Authentication
This operation uses the following authentication methods.
Responses
200

The OpenID configuration document as defined by the specification: http://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata

Returns OIDCDiscovery of type(s) application/json 
{
    "issuer": "\"https://acme.vmwareidentity.com/acs\"",
    "authorization_endpoint": "\"https://acme.vmwareidentity.com/acs/authorize\"",
    "token_endpoint": "\"https://acme.vmwareidentity.com/acs/token\"",
    "jwks_uri": "\"https://acme.vmwareidentity.com/SAAS/API/1.0/REST/auth/token?attribute=publicKey&format=jwks\"",
    "subject_types_supported": [
        "string"
    ],
    "response_types_supported": [
        "string"
    ],
    "id_token_signing_alg_values_supported": [
        "string"
    ],
    "token_endpoint_auth_methods_supported": [
        "string"
    ],
    "userinfo_endpoint": "\"https://acme.vmwareidentity.com/acs/userinfo\"",
    "end_session_endpoint": "\"https://acme.vmwareidentity.com/post_logout\"",
    "claims_supported": [
        "string"
    ],
    "scopes_supported": [
        "string"
    ]
}
string
issuer
Required

the identifier of the token's issuer. This is identical to the 'iss' Claim value in ID Tokens.

string
authorization_endpoint
Required

URL of the OAuth 2.0 Authorization endpoint

string
token_endpoint
Required

URL of the OAuth 2.0 Token endpoint

string
jwks_uri
Required

URL of JSON Web Key Set document

array of string
subject_types_supported
Required

list of the Subject Identifier types that VMware Identity Manager supports

Possible values are : pairwise, public,
array of string
response_types_supported
Required

list of the OAuth 2.0 response_type values that VMware Identity Manager supports

array of string
id_token_signing_alg_values_supported
Required

list of the JWS signing algorithms supported for the ID Token to encode the Claims in a JWT

array of string
token_endpoint_auth_methods_supported
Optional

list of the auth methods supported by OAuth 2.0 token endpoint

string
userinfo_endpoint
Optional

URL of the user info endpoint

string
end_session_endpoint
Optional

URL at the OP to which an RP can perform a redirect to request that the End-User belogged out at the OP

array of string
claims_supported
Optional

list of the claims VMware Identity Manager may be able to supply values for. Note that for privacy or other reasons, this might not be an exhaustive list

array of string
scopes_supported
Optional

list of the OAuth 2.0 scope values that VMware Identity Manager supports


Code Samples
COPY
                    curl -H 'Authorization: <value>' https://{api_host}/acs/t/{tenant}/.well-known/openid-configuration
On This Page
Authentication Operations
GET
Get Jwk Keys
GET
Get OIDC Configuration
GET
Logout Get
POST
Logout Post
GET
Get User Info
POST
Get User Info Post