Powershell / Salesforce Platform APIs / OpenID Connect Discovery Endpoint
Back to Collection Items
Add-Type -Path "C:\chilkat\ChilkatDotNet47-x64\ChilkatDotNet47.dll"
# This example assumes the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
$http = New-Object Chilkat.Http
$sbResponseBody = New-Object Chilkat.StringBuilder
$success = $http.QuickGetSb("https://login.salesforce.com{{site}}/.well-known/openid-configuration",$sbResponseBody)
if ($success -eq $false) {
$($http.LastErrorText)
exit
}
$jResp = New-Object Chilkat.JsonObject
$jResp.LoadSb($sbResponseBody)
$jResp.EmitCompact = $false
$("Response Body:")
$($jResp.Emit())
$respStatusCode = $http.LastStatus
$("Response Status Code = " + $respStatusCode)
if ($respStatusCode -ge 400) {
$("Response Header:")
$($http.LastHeader)
$("Failed.")
exit
}
# Sample JSON response:
# (Sample code for parsing the JSON response is shown below)
# {
# "end_session_endpoint": "https://<my_domain>/services/auth/idp/oidc/logout",
# "frontchannel_logout_supported": true,
# "frontchannel_logout_session_supported": false,
# "issuer": "https://<my_domain>",
# "authorization_endpoint": "https://<my_domain>/services/oauth2/authorize",
# "token_endpoint": "https://<my_domain>/services/oauth2/token",
# "revocation_endpoint": "https://<my_domain>/services/oauth2/revoke",
# "userinfo_endpoint": "https://<my_domain>/services/oauth2/userinfo",
# "jwks_uri": "https://<my_domain>/id/keys",
# "registration_endpoint": "https://<my_domain>/services/oauth2/register",
# "introspection_endpoint": "https://<my_domain>/services/oauth2/introspect",
# "scopes_supported": [
# "cdp_ingest_api",
# "custom_permissions",
# "cdp_segment_api",
# "content",
# "cdp_api",
# "chatbot_api",
# "cdp_identityresolution_api",
# "interaction_api",
# "wave_api",
# "web",
# "cdp_calculated_insight_api",
# "einstein_gpt_api",
# "offline_access",
# "id",
# "api",
# "eclair_api",
# "email",
# "pardot_api",
# "lightning",
# "visualforce",
# "cdp_query_api",
# "sfap_api",
# "address",
# "openid",
# "profile",
# "cdp_profile_api",
# "refresh_token",
# "phone",
# "user_registration_api",
# "pwdless_login_api",
# "chatter_api",
# "full",
# "forgot_password"
# ],
# "response_types_supported": [
# "code",
# "token",
# "token id_token"
# ],
# "subject_types_supported": [
# "public"
# ],
# "id_token_signing_alg_values_supported": [
# "RS256"
# ],
# "display_values_supported": [
# "page",
# "popup",
# "touch"
# ],
# "token_endpoint_auth_methods_supported": [
# "client_secret_post",
# "client_secret_basic",
# "private_key_jwt"
# ],
# "claims_supported": [
# "active",
# "address",
# "email",
# "email_verified",
# "family_name",
# "given_name",
# "is_app_installed",
# "language",
# "locale",
# "name",
# "nickname",
# "organization_id",
# "phone_number",
# "phone_number_verified",
# "photos",
# "picture",
# "preferred_username",
# "profile",
# "sub",
# "updated_at",
# "urls",
# "user_id",
# "user_type",
# "zoneinfo"
# ]
# }
# Sample code for parsing the JSON response...
# Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code
$end_session_endpoint = $jResp.StringOf("end_session_endpoint")
$frontchannel_logout_supported = $jResp.BoolOf("frontchannel_logout_supported")
$frontchannel_logout_session_supported = $jResp.BoolOf("frontchannel_logout_session_supported")
$issuer = $jResp.StringOf("issuer")
$authorization_endpoint = $jResp.StringOf("authorization_endpoint")
$token_endpoint = $jResp.StringOf("token_endpoint")
$revocation_endpoint = $jResp.StringOf("revocation_endpoint")
$userinfo_endpoint = $jResp.StringOf("userinfo_endpoint")
$jwks_uri = $jResp.StringOf("jwks_uri")
$registration_endpoint = $jResp.StringOf("registration_endpoint")
$introspection_endpoint = $jResp.StringOf("introspection_endpoint")
$i = 0
$count_i = $jResp.SizeOfArray("scopes_supported")
while ($i -lt $count_i) {
$jResp.I = $i
$strVal = $jResp.StringOf("scopes_supported[i]")
$i = $i + 1
}
$i = 0
$count_i = $jResp.SizeOfArray("response_types_supported")
while ($i -lt $count_i) {
$jResp.I = $i
$strVal = $jResp.StringOf("response_types_supported[i]")
$i = $i + 1
}
$i = 0
$count_i = $jResp.SizeOfArray("subject_types_supported")
while ($i -lt $count_i) {
$jResp.I = $i
$strVal = $jResp.StringOf("subject_types_supported[i]")
$i = $i + 1
}
$i = 0
$count_i = $jResp.SizeOfArray("id_token_signing_alg_values_supported")
while ($i -lt $count_i) {
$jResp.I = $i
$strVal = $jResp.StringOf("id_token_signing_alg_values_supported[i]")
$i = $i + 1
}
$i = 0
$count_i = $jResp.SizeOfArray("display_values_supported")
while ($i -lt $count_i) {
$jResp.I = $i
$strVal = $jResp.StringOf("display_values_supported[i]")
$i = $i + 1
}
$i = 0
$count_i = $jResp.SizeOfArray("token_endpoint_auth_methods_supported")
while ($i -lt $count_i) {
$jResp.I = $i
$strVal = $jResp.StringOf("token_endpoint_auth_methods_supported[i]")
$i = $i + 1
}
$i = 0
$count_i = $jResp.SizeOfArray("claims_supported")
while ($i -lt $count_i) {
$jResp.I = $i
$strVal = $jResp.StringOf("claims_supported[i]")
$i = $i + 1
}
Curl Command
curl -X GET
https://login.salesforce.com{{site}}/.well-known/openid-configuration
Postman Collection Item JSON
{
"name": "OpenID Connect Discovery Endpoint",
"request": {
"auth": {
"type": "noauth"
},
"method": "GET",
"header": [
],
"url": {
"raw": "{{url}}{{site}}/.well-known/openid-configuration",
"host": [
"{{url}}{{site}}"
],
"path": [
".well-known",
"openid-configuration"
]
}
},
"response": [
{
"name": "Successful OpenID Connect Discovery Endpoint",
"originalRequest": {
"method": "GET",
"header": [
],
"url": {
"raw": "{{url}}{{site}}/.well-known/openid-configuration",
"host": [
"{{url}}{{site}}"
],
"path": [
".well-known",
"openid-configuration"
]
}
},
"status": "OK",
"code": 200,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Date",
"value": "Thu, 16 Nov 2023 15:53:35 GMT"
},
{
"key": "Strict-Transport-Security",
"value": "max-age=63072000; includeSubDomains"
},
{
"key": "X-Content-Type-Options",
"value": "nosniff"
},
{
"key": "X-XSS-Protection",
"value": "1; mode=block"
},
{
"key": "X-Robots-Tag",
"value": "none"
},
{
"key": "Cache-Control",
"value": "no-cache,must-revalidate,max-age=0,no-store,private"
},
{
"key": "Content-Type",
"value": "application/json;charset=UTF-8"
},
{
"key": "Access-Control-Allow-Credentials",
"value": "false"
},
{
"key": "Access-Control-Allow-Origin",
"value": "*"
},
{
"key": "Vary",
"value": "Accept-Encoding"
},
{
"key": "Content-Encoding",
"value": "gzip"
},
{
"key": "Transfer-Encoding",
"value": "chunked"
}
],
"cookie": [
],
"body": "{\n \"end_session_endpoint\": \"https://<my_domain>/services/auth/idp/oidc/logout\",\n \"frontchannel_logout_supported\": true,\n \"frontchannel_logout_session_supported\": false,\n \"issuer\": \"https://<my_domain>\",\n \"authorization_endpoint\": \"https://<my_domain>/services/oauth2/authorize\",\n \"token_endpoint\": \"https://<my_domain>/services/oauth2/token\",\n \"revocation_endpoint\": \"https://<my_domain>/services/oauth2/revoke\",\n \"userinfo_endpoint\": \"https://<my_domain>/services/oauth2/userinfo\",\n \"jwks_uri\": \"https://<my_domain>/id/keys\",\n \"registration_endpoint\": \"https://<my_domain>/services/oauth2/register\",\n \"introspection_endpoint\": \"https://<my_domain>/services/oauth2/introspect\",\n \"scopes_supported\": [\n \"cdp_ingest_api\",\n \"custom_permissions\",\n \"cdp_segment_api\",\n \"content\",\n \"cdp_api\",\n \"chatbot_api\",\n \"cdp_identityresolution_api\",\n \"interaction_api\",\n \"wave_api\",\n \"web\",\n \"cdp_calculated_insight_api\",\n \"einstein_gpt_api\",\n \"offline_access\",\n \"id\",\n \"api\",\n \"eclair_api\",\n \"email\",\n \"pardot_api\",\n \"lightning\",\n \"visualforce\",\n \"cdp_query_api\",\n \"sfap_api\",\n \"address\",\n \"openid\",\n \"profile\",\n \"cdp_profile_api\",\n \"refresh_token\",\n \"phone\",\n \"user_registration_api\",\n \"pwdless_login_api\",\n \"chatter_api\",\n \"full\",\n \"forgot_password\"\n ],\n \"response_types_supported\": [\n \"code\",\n \"token\",\n \"token id_token\"\n ],\n \"subject_types_supported\": [\n \"public\"\n ],\n \"id_token_signing_alg_values_supported\": [\n \"RS256\"\n ],\n \"display_values_supported\": [\n \"page\",\n \"popup\",\n \"touch\"\n ],\n \"token_endpoint_auth_methods_supported\": [\n \"client_secret_post\",\n \"client_secret_basic\",\n \"private_key_jwt\"\n ],\n \"claims_supported\": [\n \"active\",\n \"address\",\n \"email\",\n \"email_verified\",\n \"family_name\",\n \"given_name\",\n \"is_app_installed\",\n \"language\",\n \"locale\",\n \"name\",\n \"nickname\",\n \"organization_id\",\n \"phone_number\",\n \"phone_number_verified\",\n \"photos\",\n \"picture\",\n \"preferred_username\",\n \"profile\",\n \"sub\",\n \"updated_at\",\n \"urls\",\n \"user_id\",\n \"user_type\",\n \"zoneinfo\"\n ]\n}"
}
]
}
