Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
OpenID Provider Metadata provides information about the OpenID connect provider, as described in [OIDCDiscovery] section 3.
Note:
The end_session_endpoint metadata field defined in [OIDCFrontChanLO] section 4 is required for the OpenID Connect 1.0 Protocol Extensions.<3>
The frontchannel_logout_supported and frontchannel_logout_session_supported metadata fields defined in [OIDCFrontChanLO] section 3 are required for the OpenID Connect 1.0 Protocol Extensions.<4>
The device_authorization_endpoint metadata fields defined in [RFC8628] section 4 are required for the OpenID Connect 1.0 Protocol Extensions.<5>
The OpenID Connect 1.0 Protocol Extensions extend OpenID Provider Metadata by adding a number of fields. See [OIDCDiscovery] section 3 for the OpenID Provider Metadata with the standard fields. The extended fields are defined as follows.
access_token_issuer: OPTIONAL. A string that specifies the issuer for access tokens issued by the OpenID provider.
microsoft_multi_refresh_token: OPTIONAL. A Boolean value that indicates whether the OpenID provider supports multi-resource refresh tokens, which are refresh tokens that can be redeemed for an access token for any resource registered with the AD FS server.
capabilities: OPTIONAL. A JSON array of strings describing additional protocol capabilities that are supported by the AD FS server.<6>