This is a mock OIDC provider for testing purposes. The discovery document is available at https://oidcmock.dev/.well-known/openid-configuration

Authorization

To start the OIDC flow, redirect the user to the authorization endpoint:

GET https://oidcmock.dev/oauth/authorize?client_id=<your_client_id>&response_type=<response_type>&redirect_uri=<your_redirect_uri>
&state=<your_state>

client_id can be any string, there is no client registration step. The Client ID Metadata Document draft specification is supported.

The followingresponse_type values are supported:

• code
• id_token
• token

The followingresponse_mode values are supported:

• query
• fragment
• form_post

The following link can be used to test an implicit authorization flow:

https://oidcmock.dev/oauth/authorize?client_id=foo&response_type=id_token&redirect_uri=https://jwt.io

Authorization Code Exchange

To exchange an authorization code for a token, make a POST request to the token endpoint:

client_secret_post

POST https://oidcmock.dev/oauth/token
Content-Type: application/x-www-form-urlencoded

grant_type=authorization_code
&code=<authorization_code>
&redirect_uri=<your_redirect_uri>
&client_id=<your_client_id>
&client_secret=test-client-secret

The default client secret is:test-client-secret

private_key_jwt

POST https://oidcmock.dev/oauth/token
Content-Type: application/x-www-form-urlencoded

grant_type=authorization_code
&code=<authorization_code>
&redirect_uri=<your_redirect_uri>
&client_id=<your_client_id>
&client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer
&client_assertion=<client_assertion_jwt>

If a Client ID Metadata Document client_id is provided, the token_endpoint_auth_method and jwks_uri will be fetched from the document automatically. Otherwise, a jwks_uri must be provided in the /oauth/authorize form.