4.1.5. Initiation¶

To be able to send an identity authentication request, your library needs to know either the user’s identifier, or the OCP endpoint.

Your application will use the identifier and endpoint to send a WebFinger query to retreive details about the OpenID Connect provider. The response to this query includes (among other things):

Autorization Endpoint – this is always https://mojeid.cz/oidc/authorization/ and this address is used for identity authentication requests.
Token Endpoint – this is always https://mojeid.cz/oidc/token/ and this address is used for token requests.
UserInfo Endpoint – this is always https://mojeid.cz/oidc/userinfo/ and this address is used for user data requests.

An example of query for a specific user:

GET /oidc/.well-known/webfinger?resource=acct%3Ajoe%40mojeid.cz&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: mojeid.cz

An example of the server’s response:

HTTP/1.1 200 OK
Content-Type: application/jrd+json

{
 "subject": "acct:joe@mojeid.cz",
 "links": [
    {"rel": "http://openid.net/specs/connect/1.0/issuer",
     "href": "https://mojeid.cz/oidc/"}
 ]
}

4.1.5. Initiation¶

Tree of Content

More formats

Technical Support