Click here for OAuth2 defaults.

The RP must have obtained the key out-of-band during the registration process

The secret is also obtained out-of-band by the client during the registration process

The requested scopes

The authentication flow determines how the ID Token and Access Token are returned to the client. We don't support the Hybrid flows.

The Response Type request parameter 'response_type' determines which tokens are returned from the endpoints used.

Informs the OpenID Provider of the mechanism to be used for returning parameters from the Authorization Endpoint. The default and only option for the Authorization Code flow is 'query'. We don't support the 'query' response_mode for the Implicit flow.

Check the above to ensure we don't use the playground redirect-uri. Then after the authorization code is granted you will be redirected to the pre-configured redirect for this client. This of course depends on which authorization server you are using.

The access token endpoint of the OpenID Provider

The authorization endpoint of the OpenID Provider

The URL to redirect to for user authentication

The access token for all subsequent OAuth queries


The ID Token we have received


An endpoint on a Resource server.

JWK endpoint Configuration endpoint
HTTP Request

HTTP Response Headers

HTTP Response Body