OIDC Client Configuration
Configure your OIDC Client to use Passage
OIDC app endpoints and client settings
OIDC app endpoints and client settings can be found under the Authentication Experience tab on the Authentication page. All endpoints and client settings are fixed. You will need these values to configure Passage as an provider in your OIDC client library or IDP.
Endpoints
Field | Description |
---|---|
OpenID Configuration | Provides configuration information about Passage to the OIDC relying party. HTTP Method: GET |
Authorization URL | After a user has successfully authenticated via Passkeys, MagicLink or OTP the element will return a JWT AccessToken for the user. HTTP Method: POST |
JWKS endpoint | Contains the signing keys the relay party uses to validate signatures from Passage. HTTP Method: GET |
Token URL | Exchange an authorization code or refresh token for an Access Token. HTTP Method: POST |
UserInfo URL | OIDC endpoint that allows a requested server to get basic information about the user. HTTP Method: GET |
Client Settings
Field | Description |
---|---|
Client ID | The client id is used to allow Passage to identify your app. |
Client Secret | The client secret is used for authentication and token exchange. |
Supported Scopes
The following table lists the scopes currently supported by Passage. Please note, user metadata is not currently available in scopes.
Scope | Claims |
---|---|
openID (required) |
Unique identifier in Passage for the user |
| |
phone |
|