OpenID Connect
Trivore ID supports OpenID Connect (OIDC), an identity layer built on top of the OAuth 2.0 Authorization Framework. It adds authentication on top of OAuth 2.0's authorization capabilities, allowing client applications to verify user identities and obtain basic profile information.
Trivore ID acts as an OpenID Connect Provider (OP). Registered client applications, called Relying Parties (RPs), can use it to authenticate users and obtain tokens representing their identity.
Discovery document
Up-to-date OIDC configuration for your Trivore ID instance — including endpoint URIs, supported scopes, and supported claims — is available at the discovery endpoint:
https://{your-instance}/.well-known/openid-configuration
A human-readable version is also available at /apidoc/oidc.
In this section
| Page | Description |
|---|---|
| Managing Applications | Register and manage OIDC client applications |
| Client Registration | Configure your client registration settings |
| Implementing an OIDC Client | Step-by-step guide to implementing authentication flows |
| Scopes and Claims | Available scopes and the user data claims they expose |
| Sign-out | RP-initiated logout, front-channel and back-channel logout |
| Re-authentication | Force users to re-authenticate before sensitive actions |
| AMR Values | Authentication Method Reference values in the ID token |
| Guides | Practical how-to guides for common use cases |