Docstash

A selected OpenAPI slice covering the endpoints used by the interactive OAuth and OIDC flows.

This page intentionally covers only the endpoints the studio uses on day one: authorize, token exchange, discovery, JWKS, and UserInfo.

GET/oauth2/authorize

Query Parameters

client_id*string

redirect_uri*string

Formaturi

response_type*string

Value in"code"

scope?string

state?string

code_challenge*string

code_challenge_method*string

Value in"S256"

subject?string

Phase 2 demo shortcut for a pre-authenticated user. Useful for local study flows.

nonce?string

OIDC only.

Response Body

curl -X GET "http://localhost:8080/oauth2/authorize?client_id=string&redirect_uri=http%3A%2F%2Fexample.com&response_type=code&code_challenge=string&code_challenge_method=S256"

Empty

POST/oauth2/token

Request Body

application/x-www-form-urlencoded

TypeScript Definitions

Use the request body type in TypeScript.

grant_type*string

Value in"authorization_code"

code*string

redirect_uri*string

Formaturi

client_id*string

code_verifier*string

Response Body

`application/json`

curl -X POST "http://localhost:8080/oauth2/token" \  -H "Content-Type: application/x-www-form-urlencoded" \  -d 'grant_type=authorization_code&code=string&redirect_uri=http%3A%2F%2Fexample.com&client_id=string&code_verifier=string'

{
  "access_token": "string",
  "token_type": "Bearer",
  "expires_in": 0,
  "refresh_token": "string",
  "id_token": "string",
  "scope": "string"
}

Empty

GET/.well-known/openid-configuration

Response Body

curl -X GET "http://localhost:8080/.well-known/openid-configuration"

Empty

GET/.well-known/jwks.json

Response Body

curl -X GET "http://localhost:8080/.well-known/jwks.json"

Empty

GET/userinfo

Authorization

bearerAuth

AuthorizationBearer <token>

In: header

Response Body

curl -X GET "http://localhost:8080/userinfo"

Empty

API Reference

302

400

200application/json

400

200

200

200

401

`application/json`