Well-Known Endpoint
OIDC Integration Overview (Well-Known Endpoint)
This document provides the OpenID Connect (OIDC) configuration required to integrate with our verification services via the AXN Gateway.
Our /well-known
endpoints follow the OIDC Discovery standard, offering metadata such as authorization endpoints, token endpoints, supported grant types, and other key integration settings. Most modern applications with native OIDC support can automatically consume this configuration.
Key Endpoints
Use the appropriate environment below depending on your development stage:
-
Preproduction
https://preprod1.iddataweb.com/axn/oauth2/.well-known/openid-configuration -
Preproduction (Legacy)
https://preprod1.iddataweb.com/preprod-axn/axn/oauth2/.well-known/openid-configuration -
Production
https://prod2.iddataweb.com/axn/oauth2/.well-known/openid-configuration
⚙️ Setup Instructions
OIDC is an industry-standard protocol, and many modern frameworks and platforms (such as Auth0, Okta, Spring Security, etc.) provide out-of-the-box support for it via the /well-known
configuration endpoint.
If You’re Using a Framework with Native OIDC Support:
- Point your application to the appropriate
/well-known/openid-configuration
URL above. - Your app should automatically consume and configure the necessary endpoints, scopes, and signing keys.
If You’re Building a Custom Integration:
For applications that don’t inherently support OIDC (e.g., custom Java applications), we recommend using a mature OIDC client or JWT processing library.
- A good starting point for Java developers is the Nimbus JOSE+JWT library:
https://connect2id.com/products/nimbus-jose-jwt/examples/jwt-with-rsa-encryption
Supported OIDC Parameters
Our identity platform supports the following response types and client authentication methods:
Response Types
grant_credentials
— Standard credentialing grant
Client Authentication Methods
client_secret_post
— Newly supported method allowing secrets to be sent via the POST body instead of HTTP Basic AuthUseful in environments where HTTP headers are restricted and enhances compatibility with certain frameworks.
Updated 1 day ago