The metadata endpoint exposes the basic services and options available at Identity Server for OAuth 2.0 and OpenID Connect. This also contains URLs for the endpoints. This endpoint is in the following format:
https://<Identity Server URL: Port Number>/nidp/oauth/nam/.well-known/openid-configuration
Invoking the endpoint URL responds with a JSON document that contains the following information:
OAuth2.0 Endpoints
ID Token supported algorithms
JWKS Keys which can be used for verifying Access Token and ID token
Client Registration Endpoint
Scope and Resource Server registration Endpoint
JSON Web Key Set Endpoint
Sample Metadata Endpoint:
{"issuer": "https://example.netiq.com/nidp/oauth/nam", "authorization_endpoint": "https://am-test.lab.novell.com/nidp/oauth/nam/authz", "token_endpoint": "https://am-test.lab.novell.com/nidp/oauth/nam/token", "userinfo_endpoint": "https://am-test.lab.novell.com/nidp/oauth/nam/userinfo", "revocation_endpoint": "https://am-test.lab.novell.com/nidp/oauth/nam/revoke", "introspection_endpoint": "https://am-test.lab.novell.com/nidp/oauth/v1/nam/introspect", "jwks_uri": "https://am-test.lab.novell.com/nidp/oauth/nam/keys", "registration_endpoint": "https://am-test.lab.novell.com/nidp/oauth/nam/clients", "scopes_supported": [ "phone", "urn:netiq.com:nam:scope:oauth:registration:read", "address", "urn:netiq.com:nam:scope:oauth:registration:full", "email", "profile", "openid" ], "response_types_supported": [ "token", "id_token", "code", "token id_token", "code token", "code id_token token", "code id_token", "none" ], "response_modes_supported": [ "query", "fragment", "form_post" ], "grant_types_supported": [ "authorization_code", "implicit", "password", "client_credentials", "saml2-bearer", "refresh_token" ], "id_token_signing_alg_values_supported": [ "RS256" ], "claims_supported": [ "phone_number_verified", "phone_number", "read", "address", "add", "modify", "delete", "email_verified", "email", "website", "birthdate", "gender", "profile", "preferred_username", "given_name", "middle_name", "locale", "picture", "zone_info", "updated_at", "nickname", "name", "family_name" ], "code_challenge_methods_supported": [ "plain", "S256" ], "subject_types_supported": [ "public" ], "token_endpoint_auth_methods_supported": [ "client_secret_post", "client_secret_basic" ], "revocation_endpoint_auth_methods_supported": [ "client_secret_post", "client_secret_basic" ], "introspection_endpoint_auth_methods_supported": [ "client_secret_post", "client_secret_basic", "bearer" ] }