PingAM 7.5.1

OpenID Connect 1.0 endpoints

Your applications can use the following OpenID Connect (OIDC) endpoints:

Endpoint Description AM is the…​

Retrieve information about an authenticated end user (UserInfo endpoint); requires a valid token with at least the openid scope.

Provider

Validate an unencrypted ID token (AM-specific endpoint).

Provider

Retrieve OpenID Connect session information (session management endpoint).

Provider

Terminate an OpenID Connect session (session management endpoint).

Provider

Register, read, or delete a client profile (dynamic client registration endpoint)

Provider

Let a client application discover the OpenID provider URL of an end user (WebFinger discovery endpoint).

Provider

Let a relying party discover the OpenID provider configuration.

Provider

Retrieve the OpenID provider’s public keys to verify client-side token signatures or to encrypt OIDC JWTs in requests.

Provider

Retrieve AM client public keys for providers to encrypt ID tokens and verify signatures.

Relying party

Many OAuth 2.0 endpoints also support OIDC. For reference documentation, refer to: