Authorization Server

OAuth 2 Authorization Server endpoints.

OAuth 2 Authorization Server is responsible for the authorization process, issuing and maintaining tokens. Authorization process consists of login flow, where resource owner authenticates itself; and consent flow, where authenticated resource owner gives its permission for accessing specified resources.

OAuth 2 protocol requires two endpoints to be implemented on Authorization Server: authorization and token. Other protocols can require additional endpoints, depending on specific Authorization Server.

All endpoints described below are implemented in Humanode OAuth 2 Service.

Authorization endpoint

This endpoint is an essential part of OAuth 2.0 protocol.

/oauth2/auth

Used by the client to obtain authorization from the resource owner.

Token endpoint

This endpoint is an essential part of OAuth 2.0 protocol.

/oauth2/token

Used by the client to exchange an authorization grant for an access token.

Token revoke

This endpoint is a part of OAuth 2.0 protocol.

/oauth2/revoke

Makes given token (access or refresh) invalid. Every OAuth 2 Client can revoke only its own tokens.

JSON Web Keys

This endpoint is a part of OpenID Connect protocol.

/.well-known/jwks.json

Returns JSON with public keys for JWT verification.

OpenID Connect Discovery

This endpoint is a part of OpenID Connect protocol.

/.well-known/openid-configuration

Returns JSON with information for OpenID Connect clients.

PreviousWhat is OAuth 2?NextOAuth 2 Client

Last updated 2 years ago