Specifications

SimpleIdServer implements the following specifications

OpenID Connect

• OpenID Connect Core 1.0 (specification)
• OpenID Connect Discovery 1.0 (specification)
• OpenID Connect RP-Initiated Logout 1.0 (specification)
• OpenID Connect Session Management 1.0 (specification)
• OpenID Connect Front-Channel Logout 1.0 (specification)
• OpenID Connect Back-Channel Logout 1.0 (specification)
• OAuth 2.0 Multiple Response Type Encoding Practices (specification)
• OAuth 2.0 Form Post Response Mode (specification)

OAuth 2

• OAuth 2.0 (RFC 6749)
• OAuth 2.0 Bearer Token Usage (RFC 6750)
• JSON Web Token (RFC 7519)
• OAuth 2.0 Token Revocation (RFC 7009)
• OAuth 2.0 Token Introspection (RFC 7662)
• Proof Key for Code Exchange by OAuth Public Clients (RFC 7636)
• OAuth 2.0 JSON Web Tokens for Client Authentication (RFC 7523)
• OAuth 2.0 Device Authorization Grant (RFC 8628)
• Proof-of-Possession Key Semantics for JSON Web Tokens (RFC 7800)
• OAuth 2.0 Mutual TLS Client Authentication and Certificate-Bound Access Tokens (RFC 8705)
• OAuth 2.0 Token Exchange (RFC 8693)
• JWT Secured Authorization Request / JAR (RFC 9101)
• JWT Profile for OAuth 2.0 Access Tokens (RFC 9068)
• OAuth 2.0 Authorization Server Issuer Identifier in Authorization Response (RFC 9207)
• Business Edition: OAuth 2.0 Dynamic Client Registration Protocol (RFC 7591)
• Enterprise Edition: Resource Indicators for OAuth 2.0 (RFC 8707)
• OAuth 2.0 Rich Authorization Requests (RFC 9396)
• OAuth 2.0 Pushed Authorization Requests (RFC 9126)
• Grant Management for OAuth 2.0 (specification)