OAuth Authorization Server Metadata

🔥More exclusive content: https://productioncoder.com/you-decid...
Twitter:   / _jgoebel  
Website: https://jangoebel.com
Blog: https://productioncoder.com
OAuth Authorization Metadata RFC: https://datatracker.ietf.org/doc/html...

This extension allows OAuth and OpenID Connect authorization servers to expose their metadata at a well-known URL. The exposed metadata contains all relevant endpoints and configurations that the deployment of the authorization server supports (e.g. grant types, scopes and URLs for the token endpoint, dynamic client registration, token introspection, ...).

Instead of configuring all different authorization servers on clients with environment variables, the client can just reach out to 1 URL, fetch all the metadata and then run with this. This also makes running the client much easier because even if the OAuth server changes the location of an endpoint, the service only needs to re-pull the authorization server's configuration.