Test OIDC Flow (Authorization Code with PKCE)

Discovery / Issuer URL (optional)

Use discovery to fill the editable endpoint fields below, or skip it and paste the endpoints directly.

Provider Endpoints

Minimum manual setup: authorization endpoint, token endpoint, and JWKS URI. UserInfo and issuer are optional.

Authorization Endpoint *

Token Endpoint *

JWKS URI *

UserInfo Endpoint (optional)

Issuer (optional)

Client Request

Client ID

Client Secret (optional — public clients use PKCE only)

Scope

Extra Authorization Query Parameters (optional)

Added to the authorization request URL. JSON object input is still accepted, for example {"prompt":"login"}.

Redirect URI

Callback endpoint:

⚠ Register this Redirect URI as an allowed redirect URI in your OIDC server to see details of issued token.

Open login in this window instead of a new window

Default opens a separate window. Use same-window mode when you want Chrome DevTools to stay attached to the login redirect flow.