-
OAuth 2.0 debugger - https://oauthdebugger.com/
-
OpenID Connect debugger - https://oidcdebugger.com/
OpenID Connect |
---|
OAuth 2.0 |
HTTP |
https://login.microsoftonline.com/te/{tenant-name}.onmicrosoft.com/{policy_name}/oauth1/authresp
https://login.microsoftonline.com/{tenant-name}.onmicrosoft.com/v2.0/.well-known/openid-configuration?p={policy-name}
Using the Issuer location discovered as described in Section 2 or by other means, the OpenID Provider's configuration information can be retrieved.
OpenID Providers supporting Discovery MUST make a JSON document available at the path formed by concatenating the string
/.well-known/openid-configuration
to the Issuer. The syntax and semantics of .well-known are defined in RFC 5785 and apply to the Issuer value when it contains no path component. openid-configuration MUST point to a JSON document compliant with this specification and MUST be returned using the application/json content type.
Example:
'https://accounts.google.com' + '/.well-known/openid-configuration'
'https://contoso.auth0.com' + '/.well-known/openid-configuration'
Test: https://accounts.google.com/.well-known/openid-configuration https://contoso.auth0.com/.well-known/openid-configuration
Authorize URI: https://login.microsoftonline.com/tfp/compromised.onmicrosoft.com/b2c_1_signupsignin/oauth2/v2.0/authorize
Redirect URI: https://oidcdebugger.com/debug
Client Id: 53a271ca-b41c-45d9-b5eb-02e5f235e824
Scope: openid offline_access openid offline_access