How to integrate the Next Identity Hosted Journeys workflow to retrieve the OIDC discovery document
The discovery document, also referred to as the "well-known endpoint," contains OpenID Connect values that can be retrieved by OIDC clients. The discovery document enables OIDC clients to configure themselves in order to be able to access your implementation of Next Identity. A client that connects to your discovery document can do any of the following:
- Identify the claims and grant types that you support
- Retrieve the URLs of your introspection server and your JSON Web Keys
- Determine which PKCE (Proof Key for Code Exchange) challenge methods you support
These can be done automatically, without requiring anyone to configure these values into the client. The OIDC clients can also obtain discovery documents on their own. Your well-known endpoint can always be reached by adding the string value /.well-known/openid-configuration to the end of your base domain, for example https://id.eu.nextreason.com/.well-known/openid-configuration.
Integration
Your well-known endpoint can always be reached by adding the string value /.well-known/openid-configuration to the end of your base domain, for example https://id.eu.nextreason.com/.well-known/openid-configuration.
Parameters
The /.well-known endpoint adheres to the OIDC authentication protocol. To view the parameters that must be and can be included in the discovery document, please refer to the official OIDC documentation.
Your specific parameters may vary depending on your configuration; if you're unclear on the parameters to use, please contact your Next Reason integration consultant.