Connect Discovery

Simplify HyperID integration by discovering endpoints

Connect Discovery plays a critical role in simplifying HyperID integration. It allows you to discover the HyperID endpoints and access essential information about the URLs required for authentication, supported claims, public signing keys, and more.

You can find the publicly accessible HyperID configuration document at the following URL:

https://login.hypersecureid.com/auth/realms/HyperID/.well-known/openid-configuration

Alternatively, you can use the following HTTP requests to retrieve the same information:

Configuration Request

GET /auth/realms/HyperID/.well-known/openid-configuration
Host: login.hypersecureid.com

The configuration metadata is returned in JSON format, as shown in the following example (truncated for brevity):

Configuration JSON

{
    "issuer":"https://login.hypersecureid.com/auth/realms/HyperID",
    "authorization_endpoint":"https://login.hypersecureid.com/auth/realms/HyperID/protocol/openid-connect/auth",
    "token_endpoint":"https://login.hypersecureid.com/auth/realms/HyperID/protocol/openid-connect/token",
    "introspection_endpoint":"https://login.hypersecureid.com/auth/realms/HyperID/protocol/openid-connect/token/introspect",
    "userinfo_endpoint":"https://login.hypersecureid.com/auth/realms/HyperID/protocol/openid-connect/userinfo",
    "end_session_endpoint":"https://login.hypersecureid.com/auth/realms/HyperID/protocol/openid-connect/logout",
    ...
    "jwks_uri":"https://login.hypersecureid.com/auth/realms/HyperID/protocol/openid-connect/certs",
    ...
    "revocation_endpoint":"https://login.hypersecureid.com/auth/realms/HyperID/protocol/openid-connect/revoke",
    ...
}

The essential elements of the configuration are:

• issuer represents the HyperID entity that issues and verifies digital identities and access tokens;

• authorization_endpoint is used to initiate the authentication process;

• token_endpoint is used to request an access token and optionally a refresh token;

• introspection_endpoint allows for inspecting the details of a token, such as whether it's still valid and what permissions it holds;

• userinfo_endpoint provides information about the authenticated user;

• end_session_endpoint to log the user out of their current session;

• jwks_uri is the location where the public keys used to verify the authenticity of JWT (JSON Web Tokens) are stored. Applications can use these keys to perform local tokens validation.

• revocation_endpoint allows an issued access token to be revoked, rendering it invalid.

For complete details, refer to the OpenID Connect Discovery configuration document.