1. OpenID Guide
  2. OPENID
  3. Discovery/Well-known Endpoint Properties

1.1 Discovery/Well-known Endpoint Properties

These properties contain the information about the URLs and certain parameters supported by ASPSP that needs to be displayed to the TPP when requested. The information is displayed through discovery endpoint.

Table: DIGX_FW_CONFIG_ALL_B

Category-Id : OAuthDiscoveryEndpointConfig

Property ID Description Property Value
issuer This parameter represents Issuer’s endpoint. * {{ISSUER’S_URL}}

Example:https://server.example.com
authorization_endpoint This parameter represents ASPSP’s authorization endpoint. * {{AUTHORIZATION_ENDPOINT_URL}}

Example:https://server.example.com/connect/authorize
token_endpoint This parameter represents ASPSP’s token endpoint. * {{TOKEN_ENDPOINT_URL}}

Example:https://server.example.com/connect/token
userinfo_endpoint This parameter represents ASPSP’s userinfo endpoint. * {{USERINFO_ENDPOINT_URL}}

Example:https://server.example.com/connect/userinfo
jwks_uri This parameter represents ASPSP’s jwks uri. * {{JWKS_URI}}

Example:https://server.example.com/jwks.json
registration_endpoint This parameter represents ASPSP’s Dynamic Client Registration endpoint. * {{REGISTRATION_ENDPOINT_URL}}

Example:https://server.example.com/connect/register
response_types_supported This parameter represents ASPSP’s supported response Types code,code token,code id_token,code token id_token
grant_types_supported This parameter represents ASPSP’s supported grant types. AUTHORIZATION_CODE,PASSWORD,CLIENT_CREDENTIALS,REFRESH_TOKEN
subject_types_supported This parameter represents ASPSP’s supported subject type. public
id_token_signing_alg_values_supported This parameter represents ASPSP’s supported id_token signing algorithm. RS256,PS256
request_object_signing_alg_values_supported This parameter represents ASPSP’s supported request object signing algorithm. RS256,PS256
token_endpoint_auth_methods_supported This parameter represents ASPSP’s supported token endpoint authentication methods. client_secret_basic
identityDomain This parameter represents the default configured Identity Domain. * {{ IDENTITY_DOMAIN_NAME }}

Example:UKOPENBANKING
token_endpoint_auth_signing_alg_values_supported This parameter represents ASPSP’s supported token endpoint auth signing algorithm supported. RS256,PS256
claims_parameter_supported This parameter represents whether the ‘claims’ parameter is supported or not by ASPSP. Value can be true or false
request_parameter_supported This parameter represents whether the ‘request’ parameter is supported or not by ASPSP. Value can be true or false
tls_client_certificate_bound_access_tokens This parameter represents whether the TLS client certificate bound access tokens is supported or not by ASPSP. Value can be true or false
claims_supported This parameter represents ASPSP’s supported claims. acr,openbanking_intent_id

Parent topic: OPENID