Sample code for 30+ languages & platforms
PHP Extension

Azure Fetch OpenID Connect metadata document

See more OIDC Examples

Downloads the OpenID Connect self-discovery document for an Azure OIDC enabled app.

Chilkat PHP Extension Downloads

PHP Extension
<?php

include("chilkat.php");

$success = false;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

$http = new CkHttp();

$http->put_Accept('application/json');

// See the Microsoft Azure OIDC documentation at https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc
// The "tenant" can take one of four values described in the documentation at the link above.

$success = $http->SetUrlVar('tenant','6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd');
$resp = new CkHttpResponse();
$success = $http->HttpNoBody('GET','https://login.microsoftonline.com/{$tenant}/v2.0/.well-known/openid-configuration',$resp);
if ($success == false) {
    print $http->lastErrorText() . "\n";
    exit;
}

print 'Response Status Code: ' . $resp->get_StatusCode() . "\n";

$json = new CkJsonObject();
$json->Load($resp->bodyStr());
$json->put_EmitCompact(false);
print $json->emit() . "\n";

if ($resp->get_StatusCode() != 200) {
    print 'Failed.' . "\n";
    exit;
}

// Sample output...
// (See the parsing code below..)
// 
// Use the this online tool to generate parsing code from sample JSON: 
// Generate Parsing Code from JSON

// {
//   "token_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/token",
//   "token_endpoint_auth_methods_supported": [
//     "client_secret_post",
//     "private_key_jwt",
//     "client_secret_basic"
//   ],
//   "jwks_uri": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/discovery/v2.0/keys",
//   "response_modes_supported": [
//     "query",
//     "fragment",
//     "form_post"
//   ],
//   "subject_types_supported": [
//     "pairwise"
//   ],
//   "id_token_signing_alg_values_supported": [
//     "RS256"
//   ],
//   "response_types_supported": [
//     "code",
//     "id_token",
//     "code id_token",
//     "id_token token"
//   ],
//   "scopes_supported": [
//     "openid",
//     "profile",
//     "email",
//     "offline_access"
//   ],
//   "issuer": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/v2.0",
//   "request_uri_parameter_supported": false,
//   "userinfo_endpoint": "https://graph.microsoft.com/oidc/userinfo",
//   "authorization_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/authorize",
//   "device_authorization_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/devicecode",
//   "http_logout_supported": true,
//   "frontchannel_logout_supported": true,
//   "end_session_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/logout",
//   "claims_supported": [
//     "sub",
//     "iss",
//     "cloud_instance_name",
//     "cloud_instance_host_name",
//     "cloud_graph_host_name",
//     "msgraph_host",
//     "aud",
//     "exp",
//     "iat",
//     "auth_time",
//     "acr",
//     "nonce",
//     "preferred_username",
//     "name",
//     "tid",
//     "ver",
//     "at_hash",
//     "c_hash",
//     "email"
//   ],
//   "kerberos_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/kerberos",
//   "tenant_region_scope": "NA",
//   "cloud_instance_name": "microsoftonline.com",
//   "cloud_graph_host_name": "graph.windows.net",
//   "msgraph_host": "graph.microsoft.com",
//   "rbac_url": "https://pas.windows.net"
// }

$token_endpoint = $json->stringOf('token_endpoint');
$jwks_uri = $json->stringOf('jwks_uri');
$issuer = $json->stringOf('issuer');
$request_uri_parameter_supported = $json->BoolOf('request_uri_parameter_supported');
$userinfo_endpoint = $json->stringOf('userinfo_endpoint');
$authorization_endpoint = $json->stringOf('authorization_endpoint');
$device_authorization_endpoint = $json->stringOf('device_authorization_endpoint');
$http_logout_supported = $json->BoolOf('http_logout_supported');
$frontchannel_logout_supported = $json->BoolOf('frontchannel_logout_supported');
$end_session_endpoint = $json->stringOf('end_session_endpoint');
$kerberos_endpoint = $json->stringOf('kerberos_endpoint');
$tenant_region_scope = $json->stringOf('tenant_region_scope');
$cloud_instance_name = $json->stringOf('cloud_instance_name');
$cloud_graph_host_name = $json->stringOf('cloud_graph_host_name');
$msgraph_host = $json->stringOf('msgraph_host');
$rbac_url = $json->stringOf('rbac_url');
$i = 0;
$count_i = $json->SizeOfArray('token_endpoint_auth_methods_supported');
while ($i < $count_i) {
    $json->put_I($i);
    $strVal = $json->stringOf('token_endpoint_auth_methods_supported[i]');
    $i = $i + 1;
}

$i = 0;
$count_i = $json->SizeOfArray('response_modes_supported');
while ($i < $count_i) {
    $json->put_I($i);
    $strVal = $json->stringOf('response_modes_supported[i]');
    $i = $i + 1;
}

$i = 0;
$count_i = $json->SizeOfArray('subject_types_supported');
while ($i < $count_i) {
    $json->put_I($i);
    $strVal = $json->stringOf('subject_types_supported[i]');
    $i = $i + 1;
}

$i = 0;
$count_i = $json->SizeOfArray('id_token_signing_alg_values_supported');
while ($i < $count_i) {
    $json->put_I($i);
    $strVal = $json->stringOf('id_token_signing_alg_values_supported[i]');
    $i = $i + 1;
}

$i = 0;
$count_i = $json->SizeOfArray('response_types_supported');
while ($i < $count_i) {
    $json->put_I($i);
    $strVal = $json->stringOf('response_types_supported[i]');
    $i = $i + 1;
}

$i = 0;
$count_i = $json->SizeOfArray('scopes_supported');
while ($i < $count_i) {
    $json->put_I($i);
    $strVal = $json->stringOf('scopes_supported[i]');
    $i = $i + 1;
}

$i = 0;
$count_i = $json->SizeOfArray('claims_supported');
while ($i < $count_i) {
    $json->put_I($i);
    $strVal = $json->stringOf('claims_supported[i]');
    $i = $i + 1;
}


?>