PowerShell
PowerShell
Azure Fetch OpenID Connect metadata document
See more OIDC Examples
Downloads the OpenID Connect self-discovery document for an Azure OIDC enabled app.Chilkat PowerShell Downloads
Add-Type -Path "C:\chilkat\ChilkatDotNet47-x64\ChilkatDotNet47.dll"
$success = $false
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
$http = New-Object Chilkat.Http
$http.Accept = "application/json"
# See the Microsoft Azure OIDC documentation at https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc
# The "tenant" can take one of four values described in the documentation at the link above.
$success = $http.SetUrlVar("tenant","6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd")
$resp = New-Object Chilkat.HttpResponse
$success = $http.HttpNoBody("GET","https://login.microsoftonline.com/{$tenant}/v2.0/.well-known/openid-configuration",$resp)
if ($success -eq $false) {
$($http.LastErrorText)
exit
}
$("Response Status Code: " + $resp.StatusCode)
$json = New-Object Chilkat.JsonObject
$json.Load($resp.BodyStr)
$json.EmitCompact = $false
$($json.Emit())
if ($resp.StatusCode -ne 200) {
$("Failed.")
exit
}
# Sample output...
# (See the parsing code below..)
#
# Use the this online tool to generate parsing code from sample JSON:
# Generate Parsing Code from JSON
# {
# "token_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/token",
# "token_endpoint_auth_methods_supported": [
# "client_secret_post",
# "private_key_jwt",
# "client_secret_basic"
# ],
# "jwks_uri": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/discovery/v2.0/keys",
# "response_modes_supported": [
# "query",
# "fragment",
# "form_post"
# ],
# "subject_types_supported": [
# "pairwise"
# ],
# "id_token_signing_alg_values_supported": [
# "RS256"
# ],
# "response_types_supported": [
# "code",
# "id_token",
# "code id_token",
# "id_token token"
# ],
# "scopes_supported": [
# "openid",
# "profile",
# "email",
# "offline_access"
# ],
# "issuer": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/v2.0",
# "request_uri_parameter_supported": false,
# "userinfo_endpoint": "https://graph.microsoft.com/oidc/userinfo",
# "authorization_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/authorize",
# "device_authorization_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/devicecode",
# "http_logout_supported": true,
# "frontchannel_logout_supported": true,
# "end_session_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/logout",
# "claims_supported": [
# "sub",
# "iss",
# "cloud_instance_name",
# "cloud_instance_host_name",
# "cloud_graph_host_name",
# "msgraph_host",
# "aud",
# "exp",
# "iat",
# "auth_time",
# "acr",
# "nonce",
# "preferred_username",
# "name",
# "tid",
# "ver",
# "at_hash",
# "c_hash",
# "email"
# ],
# "kerberos_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/kerberos",
# "tenant_region_scope": "NA",
# "cloud_instance_name": "microsoftonline.com",
# "cloud_graph_host_name": "graph.windows.net",
# "msgraph_host": "graph.microsoft.com",
# "rbac_url": "https://pas.windows.net"
# }
$token_endpoint = $json.StringOf("token_endpoint")
$jwks_uri = $json.StringOf("jwks_uri")
$issuer = $json.StringOf("issuer")
$request_uri_parameter_supported = $json.BoolOf("request_uri_parameter_supported")
$userinfo_endpoint = $json.StringOf("userinfo_endpoint")
$authorization_endpoint = $json.StringOf("authorization_endpoint")
$device_authorization_endpoint = $json.StringOf("device_authorization_endpoint")
$http_logout_supported = $json.BoolOf("http_logout_supported")
$frontchannel_logout_supported = $json.BoolOf("frontchannel_logout_supported")
$end_session_endpoint = $json.StringOf("end_session_endpoint")
$kerberos_endpoint = $json.StringOf("kerberos_endpoint")
$tenant_region_scope = $json.StringOf("tenant_region_scope")
$cloud_instance_name = $json.StringOf("cloud_instance_name")
$cloud_graph_host_name = $json.StringOf("cloud_graph_host_name")
$msgraph_host = $json.StringOf("msgraph_host")
$rbac_url = $json.StringOf("rbac_url")
$i = 0
$count_i = $json.SizeOfArray("token_endpoint_auth_methods_supported")
while ($i -lt $count_i) {
$json.I = $i
$strVal = $json.StringOf("token_endpoint_auth_methods_supported[i]")
$i = $i + 1
}
$i = 0
$count_i = $json.SizeOfArray("response_modes_supported")
while ($i -lt $count_i) {
$json.I = $i
$strVal = $json.StringOf("response_modes_supported[i]")
$i = $i + 1
}
$i = 0
$count_i = $json.SizeOfArray("subject_types_supported")
while ($i -lt $count_i) {
$json.I = $i
$strVal = $json.StringOf("subject_types_supported[i]")
$i = $i + 1
}
$i = 0
$count_i = $json.SizeOfArray("id_token_signing_alg_values_supported")
while ($i -lt $count_i) {
$json.I = $i
$strVal = $json.StringOf("id_token_signing_alg_values_supported[i]")
$i = $i + 1
}
$i = 0
$count_i = $json.SizeOfArray("response_types_supported")
while ($i -lt $count_i) {
$json.I = $i
$strVal = $json.StringOf("response_types_supported[i]")
$i = $i + 1
}
$i = 0
$count_i = $json.SizeOfArray("scopes_supported")
while ($i -lt $count_i) {
$json.I = $i
$strVal = $json.StringOf("scopes_supported[i]")
$i = $i + 1
}
$i = 0
$count_i = $json.SizeOfArray("claims_supported")
while ($i -lt $count_i) {
$json.I = $i
$strVal = $json.StringOf("claims_supported[i]")
$i = $i + 1
}