๐ OpenID Connect Authorization Server
๐ OIDC Endpoints
Discovery Endpoint
GET http://localhost:8080/.well-known/openid_configuration
Authorization Endpoint
GET http://localhost:8080/oauth2/authorize
Token Endpoint
POST http://localhost:8080/oauth2/token
UserInfo Endpoint
GET http://localhost:8080/userinfo
JWKS Endpoint
GET http://localhost:8080/oauth2/jwks
OIDC Info Endpoint
GET http://localhost:8080/oidc-info
๐ง Test Client Configuration
Test Client Details:
Client ID: test-client
Client Secret: test-secret
Redirect URIs:
- https://oauth.pstmn.io/v1/callback (for Postman testing)
- http://localhost:3000/callback (for local testing)
Scopes: openid, profile, email, read, write
Test Users:
Username: admin | Password: admin
Username: user | Password: password
๐งช Authorization Code Flow Example
1. Authorization Request:
GET http://localhost:8080/oauth2/authorize?
response_type=code&
client_id=test-client&
redirect_uri=https://oauth.pstmn.io/v1/callback&
scope=openid%20profile%20email&
state=xyz
2. Token Exchange:
POST http://localhost:8080/oauth2/token
Content-Type: application/x-www-form-urlencoded
Authorization: Basic dGVzdC1jbGllbnQ6dGVzdC1zZWNyZXQ=
grant_type=authorization_code&
code=AUTHORIZATION_CODE&
redirect_uri=https://oauth.pstmn.io/v1/callback
3. UserInfo Request:
GET http://localhost:8080/userinfo
Authorization: Bearer ACCESS_TOKEN