Features
This page details our compliance level with the OpenID Connect specifications.
The following features are fully supported in our current implementation.
- Authorization code flow
- Implicit flow
- UserInfo endpoint
- Manual client management through an administrator console
- HTTP Basic Auth for client authentication
- Webfinger discovery endpoint
- OpenID Configuration discovery endpoint
- JWK public key endpoint
- Standard scopes: openid, phone, address, email, profile
- Additional arbitrary scopes
- Signed JWT access tokens
- RSA Signing
- HMAC Signing
- RSA Encryption
- Dynamic registration endpoint
- Client filter
- Client filter dynamic registration
- Account chooser / third party login
- Request Objects (signed)
- Introspection Endpoint
- Revocation Endpoint
- Token chaining
The following features are not supported yet, but will be at some point. If we have a projected target for a given feature it will be listed here; if there is no projected target, that only means that we haven't set a target yet, not that it won't happen.
- Session management (FY13)
- Request File (Signed / Encrypted)
