获取服务配置

发现端点可以用来检索服务配置，例如发布者名称、公钥地址、支持的scope等信息。

返回响应

🟢200成功

application/json

Body

issuer

string

令牌发放者

必需

一般为授权认证服务器网关地址

jwks_uri

string

公钥接口

必需

authorization_endpoint

string

授权接口

必需

token_endpoint

string

令牌接口

必需

userinfo_endpoint

string

用户基本信息接口

必需

需要scope：profile

end_session_endpoint

string

会话终止接口

必需

可用于退出登录

check_session_iframe

string

iframe下的会话监测

必需

可用于监测用户是否退出登录

revocation_endpoint

string

撤销令牌接口

必需

撤销访问令牌(仅引用令牌)和刷新令牌

introspection_endpoint

string

引用令牌验证

必需

device_authorization_endpoint

string

设备授权接口

必需

用于请求设备和用户授权code

frontchannel_logout_supported

boolean

必需

frontchannel_logout_session_supported

boolean

必需

backchannel_logout_supported

boolean

必需

backchannel_logout_session_supported

boolean

必需

scopes_supported

array[string]

支持的scope

必需

claims_supported

array[string]

支持的声明

必需

grant_types_supported

array[string]

支持的授权方式

必需

response_types_supported

array[string]

支持的返回类型

必需

response_modes_supported

array[string]

必需

token_endpoint_auth_methods_supported

array[string]

必需

id_token_signing_alg_values_supported

array[string]

必需

subject_types_supported

array[string]

必需

code_challenge_methods_supported

array[string]

支持的PKCE认证方式

必需

request_parameter_supported

boolean

必需

示例

{
    "issuer": "https://accounts.zwsoft.cn",
    "jwks_uri": "https://accounts.zwsoft.cn/.well-known/openid-configuration/jwks",
    "authorization_endpoint": "https://accounts.zwsoft.cn/connect/authorize",
    "token_endpoint": "https://accounts.zwsoft.cn/connect/token",
    "userinfo_endpoint": "https://accounts.zwsoft.cn/connect/userinfo",
    "end_session_endpoint": "https://accounts.zwsoft.cn/connect/endsession",
    "check_session_iframe": "https://accounts.zwsoft.cn/connect/checksession",
    "revocation_endpoint": "https://accounts.zwsoft.cn/connect/revocation",
    "introspection_endpoint": "https://accounts.zwsoft.cn/connect/introspect",
    "device_authorization_endpoint": "https://accounts.zwsoft.cn/connect/deviceauthorization",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true,
    "backchannel_logout_supported": true,
    "backchannel_logout_session_supported": true,
    "scopes_supported": [
        "openid",
        "profile",
        "email",
        "phone",
        "offline_access",
        "ZMS.UserBasic.Write",
        "ZMS.UserDetails.Read",
        "ZMS.UserDetails.Write",
        "ZMS.Users.Read",
        "ZMS.Users.Create"
    ],
    "claims_supported": [
        "sub",
        "name",
        "family_name",
        "given_name",
        "preferred_username",
        "picture",
        "locale",
        "email",
        "phone_number",
        "role"
    ],
    "grant_types_supported": [
        "authorization_code",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "urn:ietf:params:oauth:grant-type:device_code"
    ],
    "response_types_supported": [
        "code",
        "token",
        "id_token",
        "id_token token",
        "code id_token",
        "code token",
        "code id_token token"
    ],
    "response_modes_supported": [
        "form_post",
        "query",
        "fragment"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post"
    ],
    "id_token_signing_alg_values_supported": [
        "RS256"
    ],
    "subject_types_supported": [
        "public"
    ],
    "code_challenge_methods_supported": [
        "plain",
        "S256"
    ],
    "request_parameter_supported": true
}

请求参数

示例代码

返回响应