In OAuth 2.0 authorization, the third-party client requests access to the resources that are controlled by the resource owner. Instead of using the resource owner's credentials to access the protected resources, the third-party client obtains an access token. The third-party clients can be web applications, mobile phones, handheld devices, and desktop applications.
You can find the public key to verify the JWT in the following path:
https://<AAserver>/osp/a/<tenant_id>/auth/oauth2/.well-known/openid-configuration. It contains the jwks_uri.
You can specify TOP for the tenant_id parameter, if the Multitenancy mode is disabled or you are not in Advanced Authentication as a Service (SaaS).
This section contains the following topics:
For information on the following see the respective link:
To create an OAuth 2.0 event, see Creating an OAuth 2.0 / OpenID Connect Event.
Other configurations related to OAuth 2.0, see Downloading the Identity Provider SAML Metadata.