SQL Server / Salesforce Platform APIs / OpenID Connect Discovery Endpoint
Back to Collection Items
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
DECLARE @hr int
-- Important: Do not use nvarchar(max). See the warning about using nvarchar(max).
DECLARE @sTmp0 nvarchar(4000)
-- This example assumes the Chilkat API to have been previously unlocked.
-- See Global Unlock Sample for sample code.
DECLARE @http int
-- Use "Chilkat_9_5_0.Http" for versions of Chilkat < 10.0.0
EXEC @hr = sp_OACreate 'Chilkat.Http', @http OUT
IF @hr <> 0
BEGIN
PRINT 'Failed to create ActiveX component'
RETURN
END
DECLARE @success int
DECLARE @sbResponseBody int
-- Use "Chilkat_9_5_0.StringBuilder" for versions of Chilkat < 10.0.0
EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbResponseBody OUT
EXEC sp_OAMethod @http, 'QuickGetSb', @success OUT, 'https://login.salesforce.com{{site}}/.well-known/openid-configuration', @sbResponseBody
IF @success = 0
BEGIN
EXEC sp_OAGetProperty @http, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @http
EXEC @hr = sp_OADestroy @sbResponseBody
RETURN
END
DECLARE @jResp int
-- Use "Chilkat_9_5_0.JsonObject" for versions of Chilkat < 10.0.0
EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @jResp OUT
EXEC sp_OAMethod @jResp, 'LoadSb', @success OUT, @sbResponseBody
EXEC sp_OASetProperty @jResp, 'EmitCompact', 0
PRINT 'Response Body:'
EXEC sp_OAMethod @jResp, 'Emit', @sTmp0 OUT
PRINT @sTmp0
DECLARE @respStatusCode int
EXEC sp_OAGetProperty @http, 'LastStatus', @respStatusCode OUT
PRINT 'Response Status Code = ' + @respStatusCode
IF @respStatusCode >= 400
BEGIN
PRINT 'Response Header:'
EXEC sp_OAGetProperty @http, 'LastHeader', @sTmp0 OUT
PRINT @sTmp0
PRINT 'Failed.'
EXEC @hr = sp_OADestroy @http
EXEC @hr = sp_OADestroy @sbResponseBody
EXEC @hr = sp_OADestroy @jResp
RETURN
END
-- Sample JSON response:
-- (Sample code for parsing the JSON response is shown below)
-- {
-- "end_session_endpoint": "https://<my_domain>/services/auth/idp/oidc/logout",
-- "frontchannel_logout_supported": true,
-- "frontchannel_logout_session_supported": false,
-- "issuer": "https://<my_domain>",
-- "authorization_endpoint": "https://<my_domain>/services/oauth2/authorize",
-- "token_endpoint": "https://<my_domain>/services/oauth2/token",
-- "revocation_endpoint": "https://<my_domain>/services/oauth2/revoke",
-- "userinfo_endpoint": "https://<my_domain>/services/oauth2/userinfo",
-- "jwks_uri": "https://<my_domain>/id/keys",
-- "registration_endpoint": "https://<my_domain>/services/oauth2/register",
-- "introspection_endpoint": "https://<my_domain>/services/oauth2/introspect",
-- "scopes_supported": [
-- "cdp_ingest_api",
-- "custom_permissions",
-- "cdp_segment_api",
-- "content",
-- "cdp_api",
-- "chatbot_api",
-- "cdp_identityresolution_api",
-- "interaction_api",
-- "wave_api",
-- "web",
-- "cdp_calculated_insight_api",
-- "einstein_gpt_api",
-- "offline_access",
-- "id",
-- "api",
-- "eclair_api",
-- "email",
-- "pardot_api",
-- "lightning",
-- "visualforce",
-- "cdp_query_api",
-- "sfap_api",
-- "address",
-- "openid",
-- "profile",
-- "cdp_profile_api",
-- "refresh_token",
-- "phone",
-- "user_registration_api",
-- "pwdless_login_api",
-- "chatter_api",
-- "full",
-- "forgot_password"
-- ],
-- "response_types_supported": [
-- "code",
-- "token",
-- "token id_token"
-- ],
-- "subject_types_supported": [
-- "public"
-- ],
-- "id_token_signing_alg_values_supported": [
-- "RS256"
-- ],
-- "display_values_supported": [
-- "page",
-- "popup",
-- "touch"
-- ],
-- "token_endpoint_auth_methods_supported": [
-- "client_secret_post",
-- "client_secret_basic",
-- "private_key_jwt"
-- ],
-- "claims_supported": [
-- "active",
-- "address",
-- "email",
-- "email_verified",
-- "family_name",
-- "given_name",
-- "is_app_installed",
-- "language",
-- "locale",
-- "name",
-- "nickname",
-- "organization_id",
-- "phone_number",
-- "phone_number_verified",
-- "photos",
-- "picture",
-- "preferred_username",
-- "profile",
-- "sub",
-- "updated_at",
-- "urls",
-- "user_id",
-- "user_type",
-- "zoneinfo"
-- ]
-- }
-- Sample code for parsing the JSON response...
-- Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code
DECLARE @strVal nvarchar(4000)
DECLARE @end_session_endpoint nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @end_session_endpoint OUT, 'end_session_endpoint'
DECLARE @frontchannel_logout_supported int
EXEC sp_OAMethod @jResp, 'BoolOf', @frontchannel_logout_supported OUT, 'frontchannel_logout_supported'
DECLARE @frontchannel_logout_session_supported int
EXEC sp_OAMethod @jResp, 'BoolOf', @frontchannel_logout_session_supported OUT, 'frontchannel_logout_session_supported'
DECLARE @issuer nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @issuer OUT, 'issuer'
DECLARE @authorization_endpoint nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @authorization_endpoint OUT, 'authorization_endpoint'
DECLARE @token_endpoint nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @token_endpoint OUT, 'token_endpoint'
DECLARE @revocation_endpoint nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @revocation_endpoint OUT, 'revocation_endpoint'
DECLARE @userinfo_endpoint nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @userinfo_endpoint OUT, 'userinfo_endpoint'
DECLARE @jwks_uri nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @jwks_uri OUT, 'jwks_uri'
DECLARE @registration_endpoint nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @registration_endpoint OUT, 'registration_endpoint'
DECLARE @introspection_endpoint nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @introspection_endpoint OUT, 'introspection_endpoint'
DECLARE @i int
SELECT @i = 0
DECLARE @count_i int
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_i OUT, 'scopes_supported'
WHILE @i < @count_i
BEGIN
EXEC sp_OASetProperty @jResp, 'I', @i
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'scopes_supported[i]'
SELECT @i = @i + 1
END
SELECT @i = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_i OUT, 'response_types_supported'
WHILE @i < @count_i
BEGIN
EXEC sp_OASetProperty @jResp, 'I', @i
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'response_types_supported[i]'
SELECT @i = @i + 1
END
SELECT @i = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_i OUT, 'subject_types_supported'
WHILE @i < @count_i
BEGIN
EXEC sp_OASetProperty @jResp, 'I', @i
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'subject_types_supported[i]'
SELECT @i = @i + 1
END
SELECT @i = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_i OUT, 'id_token_signing_alg_values_supported'
WHILE @i < @count_i
BEGIN
EXEC sp_OASetProperty @jResp, 'I', @i
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'id_token_signing_alg_values_supported[i]'
SELECT @i = @i + 1
END
SELECT @i = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_i OUT, 'display_values_supported'
WHILE @i < @count_i
BEGIN
EXEC sp_OASetProperty @jResp, 'I', @i
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'display_values_supported[i]'
SELECT @i = @i + 1
END
SELECT @i = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_i OUT, 'token_endpoint_auth_methods_supported'
WHILE @i < @count_i
BEGIN
EXEC sp_OASetProperty @jResp, 'I', @i
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'token_endpoint_auth_methods_supported[i]'
SELECT @i = @i + 1
END
SELECT @i = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_i OUT, 'claims_supported'
WHILE @i < @count_i
BEGIN
EXEC sp_OASetProperty @jResp, 'I', @i
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'claims_supported[i]'
SELECT @i = @i + 1
END
EXEC @hr = sp_OADestroy @http
EXEC @hr = sp_OADestroy @sbResponseBody
EXEC @hr = sp_OADestroy @jResp
END
GO
Curl Command
curl -X GET
https://login.salesforce.com{{site}}/.well-known/openid-configuration
Postman Collection Item JSON
{
"name": "OpenID Connect Discovery Endpoint",
"request": {
"auth": {
"type": "noauth"
},
"method": "GET",
"header": [
],
"url": {
"raw": "{{url}}{{site}}/.well-known/openid-configuration",
"host": [
"{{url}}{{site}}"
],
"path": [
".well-known",
"openid-configuration"
]
}
},
"response": [
{
"name": "Successful OpenID Connect Discovery Endpoint",
"originalRequest": {
"method": "GET",
"header": [
],
"url": {
"raw": "{{url}}{{site}}/.well-known/openid-configuration",
"host": [
"{{url}}{{site}}"
],
"path": [
".well-known",
"openid-configuration"
]
}
},
"status": "OK",
"code": 200,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Date",
"value": "Thu, 16 Nov 2023 15:53:35 GMT"
},
{
"key": "Strict-Transport-Security",
"value": "max-age=63072000; includeSubDomains"
},
{
"key": "X-Content-Type-Options",
"value": "nosniff"
},
{
"key": "X-XSS-Protection",
"value": "1; mode=block"
},
{
"key": "X-Robots-Tag",
"value": "none"
},
{
"key": "Cache-Control",
"value": "no-cache,must-revalidate,max-age=0,no-store,private"
},
{
"key": "Content-Type",
"value": "application/json;charset=UTF-8"
},
{
"key": "Access-Control-Allow-Credentials",
"value": "false"
},
{
"key": "Access-Control-Allow-Origin",
"value": "*"
},
{
"key": "Vary",
"value": "Accept-Encoding"
},
{
"key": "Content-Encoding",
"value": "gzip"
},
{
"key": "Transfer-Encoding",
"value": "chunked"
}
],
"cookie": [
],
"body": "{\n \"end_session_endpoint\": \"https://<my_domain>/services/auth/idp/oidc/logout\",\n \"frontchannel_logout_supported\": true,\n \"frontchannel_logout_session_supported\": false,\n \"issuer\": \"https://<my_domain>\",\n \"authorization_endpoint\": \"https://<my_domain>/services/oauth2/authorize\",\n \"token_endpoint\": \"https://<my_domain>/services/oauth2/token\",\n \"revocation_endpoint\": \"https://<my_domain>/services/oauth2/revoke\",\n \"userinfo_endpoint\": \"https://<my_domain>/services/oauth2/userinfo\",\n \"jwks_uri\": \"https://<my_domain>/id/keys\",\n \"registration_endpoint\": \"https://<my_domain>/services/oauth2/register\",\n \"introspection_endpoint\": \"https://<my_domain>/services/oauth2/introspect\",\n \"scopes_supported\": [\n \"cdp_ingest_api\",\n \"custom_permissions\",\n \"cdp_segment_api\",\n \"content\",\n \"cdp_api\",\n \"chatbot_api\",\n \"cdp_identityresolution_api\",\n \"interaction_api\",\n \"wave_api\",\n \"web\",\n \"cdp_calculated_insight_api\",\n \"einstein_gpt_api\",\n \"offline_access\",\n \"id\",\n \"api\",\n \"eclair_api\",\n \"email\",\n \"pardot_api\",\n \"lightning\",\n \"visualforce\",\n \"cdp_query_api\",\n \"sfap_api\",\n \"address\",\n \"openid\",\n \"profile\",\n \"cdp_profile_api\",\n \"refresh_token\",\n \"phone\",\n \"user_registration_api\",\n \"pwdless_login_api\",\n \"chatter_api\",\n \"full\",\n \"forgot_password\"\n ],\n \"response_types_supported\": [\n \"code\",\n \"token\",\n \"token id_token\"\n ],\n \"subject_types_supported\": [\n \"public\"\n ],\n \"id_token_signing_alg_values_supported\": [\n \"RS256\"\n ],\n \"display_values_supported\": [\n \"page\",\n \"popup\",\n \"touch\"\n ],\n \"token_endpoint_auth_methods_supported\": [\n \"client_secret_post\",\n \"client_secret_basic\",\n \"private_key_jwt\"\n ],\n \"claims_supported\": [\n \"active\",\n \"address\",\n \"email\",\n \"email_verified\",\n \"family_name\",\n \"given_name\",\n \"is_app_installed\",\n \"language\",\n \"locale\",\n \"name\",\n \"nickname\",\n \"organization_id\",\n \"phone_number\",\n \"phone_number_verified\",\n \"photos\",\n \"picture\",\n \"preferred_username\",\n \"profile\",\n \"sub\",\n \"updated_at\",\n \"urls\",\n \"user_id\",\n \"user_type\",\n \"zoneinfo\"\n ]\n}"
}
]
}
