Identify the protocol in use by IdP

Identify which protocol the Identity Provider is using for SSO: core OAuth 2.0 or higher level OpenID Connect (OIDC) protocol.

An identity provider using OAuth can provide an SSO service with either the core OAuth 2.0 or higher level OpenID Connect (OIDC) protocols. You will need to know which protocol the IdP uses in order to configure your application for delegation correctly. Refer to the IdP documentation for information about the protocol.

In this task you test for the metadata page, which is provided by the OpenID Connect protocol but not provided by the OAuth2 protocol. The page is located at the web servers's standard "well-known" directory that is used for the purpose of sharing information that user agents may request. The path to the well-known URI for OpenID Connect is at /.well-known/openid-configuration. By entering the URL of the IdP's metadata page, you can discern the protocol in use by whether the page is found or not. This URL opens the metadata page for Google.
https://accounts.google.com/.well-known/openid-configuration
In the browser enter the URL of the IdP in the following format idp-url/.well-known/openid-configuration.
The page displayed, or not, should indicate the protocol:
  • A metadata page opens, then the protocol in use is OpenID Connect.
  • A metadata page does not open, then the protocol in use is OAuth2.