Comment on page
OIDC Client Configuration
Configure your OIDC Client to use Passage
OIDC app endpoints and client settings can be found under the ‘OIDC’ tab on the Settings page. All endpoints and client settings are fixed. You will need these values to configure Passage as an provider in your OIDC client library or IDP.
Field | Description |
OpenID Configuration | Provides configuration information about Passage to the OIDC relying party.
HTTP Method: GET
|
Authorization URL | After a user has successfully authenticated via Passkeys, MagicLink or OTP the element will return a JWT AccessToken for the user.
HTTP Method: POST |
JWKS endpoint | Contains the signing keys the relay party uses to validate signatures from Passage.
HTTP Method: GET |
Token URL | Exchange an authorization code or refresh token for an Access Token.
HTTP Method: POST |
UserInfo URL | OIDC endpoint that allows a requested server to get basic information about the user.
HTTP Method: GET |
Field | Description |
Client ID | The client id is used to allow Passage to identify your app. |
Client Secret | The client secret is used for authentication and token exchange. |
The following table lists the scopes currently supported by Passage. Please note, user metadata is not currently available in scopes.
Scope | Claims |
openid (required) | sub: stringUnique identifer in Passage for the user |
email | email: string email_verified: bool |
phone | phone_number: stringphone_number_verified: bool |
Last modified 4mo ago