Iddawc OAuth2 Client Tester
Save Session
Export Session
Import Session
Clean Session
Run Auth
Run Token
Run Device Authorization
Clear tokens
Client
Client ID
Client secret
Redirect URI
Resource indicator
Client Private Key (JWKS)
Client KID
Token signature algorithm
None
HS256
HS384
HS512
RS256
RS384
RS512
ES256
ES384
ES512
EdDSA
PS256
PS384
PS512
Encrypted token key management algorithm
None
RSA1_5
RSA-OAEP
RSA-OAEP-256
A128KW
A192KW
A256KW
DIR
ECDH-ES
ECDH-ES+A128KW
ECDH-ES+A192KW
ECDH-ES+A256KW
A128GCMKW
A192GCMKW
A256GCMKW
PBES2+H256
PBES2+H384
PBES2+H512
Encrypted token encryption algorithm
None
A128CBC-HS256
A192CBC-HS384
A256CBC-HS512
A128GCM
A192GCM
A256GCM
DPoP KID
DPoP signature algorithm
None
HS256
HS384
HS512
RS256
RS384
RS512
ES256
ES384
ES512
EdDSA
PS256
PS384
PS512
TLS Key file
TLS Certificate file
Remote Server Certificate
Host verify peer
Host verify name
Proxy verify peer
Proxy verify name
Server Configuration
Configuration endpoint
Auth endpoint
Token endpoint
Userinfo endpoint
Revocation endpoint
Introspection endpoint
Registration endpoint
Device auth endpoint
Pushed auth endpoint
Server Public Keys (digest)
Server Public Key (JWKS)
Server KID
Other configuration details
Use Strict Server Configuration
Request
Response type
Scopes
Nonce
State
JTI
Auth Method
GET
POST
Token Method
None
Basic Authentication
Secret POST
TLS Certificate
JWT
Auth JWT Signature
No
Client Secret
Client private key
Auth JWT Encryption
No
Client Secret
Server public key
Use DPoP
Use Pushed Auth Request
Display
page
popup
touch
wap
Prompt
none
login
consent
select_account
ui_locales
Additional parameters
Tokens
Code
Decrypt Code
Refresh Token
Decrypt Refresh Token
Access Token
Decrypt Access Token
Verify JWT access token
Claims
Rich Auth Request
ID Token
ID Token
Decrypt ID Token
ID Token Payload
Userinfo
Payload
Introspection/Revocation
Access token
Refresh token
ID token
Introspection
Revocation
Client authentication
Access token authentication
No authentication
Use current Access Token
Proof Key for Code Exchange (PKCE)
PKCE Method
None
plain
S256
PKCE Code Verifier
Device Authorization
Device Authorization Code
Device Authorization User Code
Device Authorization Verification URI
@
Device Authorization Verification URI Complete
Device Authorization Expires In
Device Authorization Interval
Verification Result
Client Registration/Management
Register
Manage registration
Get registration
Update session with registration results
Redirect URI
Authentication method
None
Secret Basic
Secret Post
JWT using Client Secret
JWT using private key
TLS Certificate
Self Signed TLS Certificate
Grant Types
authorization_code
password
client_credentials
refresh_token
delete_token
device_authorization
Response Types
code
token
id_token
Application Type
Web
Native
Additional Parameters
Use Access Token for Registration (mandatory for management)
Use current Access Token
Raw Result
Resource Service Request
HTTP Method
GET
POST
PUT
DELETE
OPTIONS
HTTP URL
Additional headers
Body
JSON
URL Encode
Run request
Clean response
Iddawc OAuth2 Client Tester
×
Add Claim
×
Name
Target
All
userinfo
id_token
Essential
null
true
false
Ignore
Value
Add RAR
×
Type
Value