Typescript (SDK)
Copy
import { Authlete } from "@authlete/typescript-sdk";
const authlete = new Authlete({
bearer: process.env["AUTHLETE_BEARER"] ?? "",
});
async function run() {
const result = await authlete.service.getConfiguration({
serviceId: "<id>",
});
console.log(result);
}
run();Copy
{
"issuer": "https://my-service.example.com",
"authorization_endpoint": "https://my-service.example.com/authz",
"token_endpoint": "https://my-service.example.com/token",
"scopes_supported": [
"history.read",
"timeline.read"
],
"response_types_supported": [
"code"
],
"response_modes_supported": [
"query",
"fragment",
"form_post",
"query.jwt",
"fragment.jwt",
"form_post.jwt",
"jwt"
],
"grant_types_supported": [
"authorization_code",
"password",
"refresh_token"
],
"subject_types_supported": [
"public",
"pairwise"
],
"id_token_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"PS256",
"PS384",
"PS512",
"ES256",
"ES384",
"ES512",
"ES256K",
"EdDSA"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"RSA-OEAP-256",
"ECDH-ES",
"ECDH-ES+A128KW",
"ECDH-ES+A192KW",
"ECDH-ES+A256KW",
"A128KW",
"A192KW",
"A256KW",
"dir",
"A128GCMKW",
"A192GCMKW",
"A256GCMKW",
"PBES2-HS256+A128KW",
"PBES2-HS384+A192KW",
"PBES2-HS512+A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC-HS256",
"A192CBC-HS384",
"A256CBC-HS512",
"A128GCM",
"A192GCM",
"A256GCM"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"PS256",
"PS384",
"PS512",
"ES256",
"ES384",
"ES512",
"ES256K",
"EdDSA",
"none"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"RSA-OEAP-256",
"ECDH-ES",
"ECDH-ES+A128KW",
"ECDH-ES+A192KW",
"ECDH-ES+A256KW",
"A128KW",
"A192KW",
"A256KW",
"dir",
"A128GCMKW",
"A192GCMKW",
"A256GCMKW",
"PBES2-HS256+A128KW",
"PBES2-HS384+A192KW",
"PBES2-HS512+A256KW"
],
"userinfo_encryption_enc_values_supported": [
"A128CBC-HS256",
"A192CBC-HS384",
"A256CBC-HS512",
"A128GCM",
"A192GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"PS256",
"PS384",
"PS512",
"ES256",
"ES384",
"ES512",
"ES256K",
"EdDSA"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"RSA-OEAP-256",
"ECDH-ES",
"ECDH-ES+A128KW",
"ECDH-ES+A192KW",
"ECDH-ES+A256KW",
"A128KW",
"A192KW",
"A256KW",
"dir",
"A128GCMKW",
"A192GCMKW",
"A256GCMKW",
"PBES2-HS256+A128KW",
"PBES2-HS384+A192KW",
"PBES2-HS512+A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC-HS256",
"A192CBC-HS384",
"A256CBC-HS512",
"A128GCM",
"A192GCM",
"A256GCM"
],
"authorization_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"PS256",
"PS384",
"PS512",
"ES256",
"ES384",
"ES512",
"ES256K",
"EdDSA"
],
"authorization_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"RSA-OEAP-256",
"ECDH-ES",
"ECDH-ES+A128KW",
"ECDH-ES+A192KW",
"ECDH-ES+A256KW",
"A128KW",
"A192KW",
"A256KW",
"dir",
"A128GCMKW",
"A192GCMKW",
"A256GCMKW",
"PBES2-HS256+A128KW",
"PBES2-HS384+A192KW",
"PBES2-HS512+A256KW"
],
"authorization_encryption_enc_values_supported": [
"A128CBC-HS256",
"A192CBC-HS384",
"A256CBC-HS512",
"A128GCM",
"A192GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"PS256",
"PS384",
"PS512",
"ES256",
"ES384",
"ES512",
"ES256K",
"EdDSA"
],
"display_values_supported": [
"page"
],
"claim_types_supported": [
"normal"
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": true,
"revocation_endpoint": "https://my-service.example.com/revocation",
"revocation_endpoint_auth_methods_supported": [],
"revocation_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"PS256",
"PS384",
"PS512",
"ES256",
"ES384",
"ES512",
"ES256K",
"EdDSA"
],
"introspection_endpoint": "https://my-service.example.com/introspection",
"introspection_endpoint_auth_methods_supported": [],
"introspection_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"PS256",
"PS384",
"PS512",
"ES256",
"ES384",
"ES512",
"ES256K",
"EdDSA"
],
"code_challenge_methods_supported": [
"plain",
"S256"
],
"tls_client_certificate_bound_access_tokens": false,
"backchannel_token_delivery_modes_supported": [],
"backchannel_authentication_request_signing_alg_values_supported": [
"RS256",
"RS384",
"RS512",
"PS256",
"PS384",
"PS512",
"ES256",
"ES384",
"ES512",
"ES256K",
"EdDSA"
],
"backchannel_user_code_parameter_supported": false,
"require_pushed_authorization_requests": false,
"authorization_details_supported": true,
"verified_claims_supported": false,
"dpop_signing_alg_values_supported": [
"RS256",
"RS384",
"RS512",
"PS256",
"PS384",
"PS512",
"ES256",
"ES384",
"ES512",
"ES256K",
"EdDSA"
],
"require_signed_request_object": false,
"authorization_response_iss_parameter_supported": true
}Service Management
Get Service Configuration
This API gathers configuration information about a service.
This API is supposed to be called from within the implementation of the configuration endpoint of the service where the service that supports OpenID Connect and OpenID Connect Discovery 1.0 must expose its configuration information in a JSON format. Details about the format are described in “3. OpenID Provider Metadata” in OpenID Connect Discovery 1.0.
GET
/
api
/
{serviceId}
/
service
/
configuration
Typescript (SDK)
Copy
import { Authlete } from "@authlete/typescript-sdk";
const authlete = new Authlete({
bearer: process.env["AUTHLETE_BEARER"] ?? "",
});
async function run() {
const result = await authlete.service.getConfiguration({
serviceId: "<id>",
});
console.log(result);
}
run();Copy
{
"issuer": "https://my-service.example.com",
"authorization_endpoint": "https://my-service.example.com/authz",
"token_endpoint": "https://my-service.example.com/token",
"scopes_supported": [
"history.read",
"timeline.read"
],
"response_types_supported": [
"code"
],
"response_modes_supported": [
"query",
"fragment",
"form_post",
"query.jwt",
"fragment.jwt",
"form_post.jwt",
"jwt"
],
"grant_types_supported": [
"authorization_code",
"password",
"refresh_token"
],
"subject_types_supported": [
"public",
"pairwise"
],
"id_token_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"PS256",
"PS384",
"PS512",
"ES256",
"ES384",
"ES512",
"ES256K",
"EdDSA"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"RSA-OEAP-256",
"ECDH-ES",
"ECDH-ES+A128KW",
"ECDH-ES+A192KW",
"ECDH-ES+A256KW",
"A128KW",
"A192KW",
"A256KW",
"dir",
"A128GCMKW",
"A192GCMKW",
"A256GCMKW",
"PBES2-HS256+A128KW",
"PBES2-HS384+A192KW",
"PBES2-HS512+A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC-HS256",
"A192CBC-HS384",
"A256CBC-HS512",
"A128GCM",
"A192GCM",
"A256GCM"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"PS256",
"PS384",
"PS512",
"ES256",
"ES384",
"ES512",
"ES256K",
"EdDSA",
"none"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"RSA-OEAP-256",
"ECDH-ES",
"ECDH-ES+A128KW",
"ECDH-ES+A192KW",
"ECDH-ES+A256KW",
"A128KW",
"A192KW",
"A256KW",
"dir",
"A128GCMKW",
"A192GCMKW",
"A256GCMKW",
"PBES2-HS256+A128KW",
"PBES2-HS384+A192KW",
"PBES2-HS512+A256KW"
],
"userinfo_encryption_enc_values_supported": [
"A128CBC-HS256",
"A192CBC-HS384",
"A256CBC-HS512",
"A128GCM",
"A192GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"PS256",
"PS384",
"PS512",
"ES256",
"ES384",
"ES512",
"ES256K",
"EdDSA"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"RSA-OEAP-256",
"ECDH-ES",
"ECDH-ES+A128KW",
"ECDH-ES+A192KW",
"ECDH-ES+A256KW",
"A128KW",
"A192KW",
"A256KW",
"dir",
"A128GCMKW",
"A192GCMKW",
"A256GCMKW",
"PBES2-HS256+A128KW",
"PBES2-HS384+A192KW",
"PBES2-HS512+A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC-HS256",
"A192CBC-HS384",
"A256CBC-HS512",
"A128GCM",
"A192GCM",
"A256GCM"
],
"authorization_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"PS256",
"PS384",
"PS512",
"ES256",
"ES384",
"ES512",
"ES256K",
"EdDSA"
],
"authorization_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"RSA-OEAP-256",
"ECDH-ES",
"ECDH-ES+A128KW",
"ECDH-ES+A192KW",
"ECDH-ES+A256KW",
"A128KW",
"A192KW",
"A256KW",
"dir",
"A128GCMKW",
"A192GCMKW",
"A256GCMKW",
"PBES2-HS256+A128KW",
"PBES2-HS384+A192KW",
"PBES2-HS512+A256KW"
],
"authorization_encryption_enc_values_supported": [
"A128CBC-HS256",
"A192CBC-HS384",
"A256CBC-HS512",
"A128GCM",
"A192GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"PS256",
"PS384",
"PS512",
"ES256",
"ES384",
"ES512",
"ES256K",
"EdDSA"
],
"display_values_supported": [
"page"
],
"claim_types_supported": [
"normal"
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": true,
"revocation_endpoint": "https://my-service.example.com/revocation",
"revocation_endpoint_auth_methods_supported": [],
"revocation_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"PS256",
"PS384",
"PS512",
"ES256",
"ES384",
"ES512",
"ES256K",
"EdDSA"
],
"introspection_endpoint": "https://my-service.example.com/introspection",
"introspection_endpoint_auth_methods_supported": [],
"introspection_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"PS256",
"PS384",
"PS512",
"ES256",
"ES384",
"ES512",
"ES256K",
"EdDSA"
],
"code_challenge_methods_supported": [
"plain",
"S256"
],
"tls_client_certificate_bound_access_tokens": false,
"backchannel_token_delivery_modes_supported": [],
"backchannel_authentication_request_signing_alg_values_supported": [
"RS256",
"RS384",
"RS512",
"PS256",
"PS384",
"PS512",
"ES256",
"ES384",
"ES512",
"ES256K",
"EdDSA"
],
"backchannel_user_code_parameter_supported": false,
"require_pushed_authorization_requests": false,
"authorization_details_supported": true,
"verified_claims_supported": false,
"dpop_signing_alg_values_supported": [
"RS256",
"RS384",
"RS512",
"PS256",
"PS384",
"PS512",
"ES256",
"ES384",
"ES512",
"ES256K",
"EdDSA"
],
"require_signed_request_object": false,
"authorization_response_iss_parameter_supported": true
}Authorizations
Authenticate every request with a Service Access Token or Organization Token.
Set the token value in the Authorization: Bearer <token> header.
Service Access Token: Scoped to a single service. Use when automating service-level configuration or runtime flows.
Organization Token: Scoped to the organization; inherits permissions across services. Use for org-wide automation or when managing multiple services programmatically.
Both token types are issued by the Authlete console or provisioning APIs.
Path Parameters
A service ID.
Query Parameters
This boolean value indicates whether the JSON in the response should be formatted or not. If true, the JSON in the response is pretty-formatted. The default value is false.
Get the JSON Patch RFC 6902 JavaScript Object Notation (JSON) Patch to be applied.
Response
Service configuration retrieved successfully
An object representing OpenID Provider configuration information. See OpenID Provider Metadata and OpenID Provider Configuration Response for more details.
Was this page helpful?
⌘I