---
name: oauth-discovery
description: Publish OAuth/OIDC discovery metadata for programmatic auth
---

# OAuth / OIDC discovery metadata

Publish OAuth Authorization Server (or OpenID Connect) metadata so agents can authenticate against your APIs.

## Requirements

Pick one (or both) of:

- `/.well-known/oauth-authorization-server` (pure OAuth 2.0, RFC 8414)
- `/.well-known/openid-configuration` (OpenID Connect)

Body must include at minimum:

- `issuer` — your authorization server URL
- `authorization_endpoint`
- `token_endpoint`
- `jwks_uri`
- `grant_types_supported`

## Example

```json
{
  "issuer": "https://auth.example.com",
  "authorization_endpoint": "https://auth.example.com/authorize",
  "token_endpoint":         "https://auth.example.com/token",
  "jwks_uri":               "https://auth.example.com/.well-known/jwks.json",
  "grant_types_supported":  ["authorization_code", "refresh_token", "client_credentials"],
  "response_types_supported": ["code"]
}
```

## References

- [RFC 8414 — OAuth 2.0 Authorization Server Metadata](https://www.rfc-editor.org/rfc/rfc8414) (spec)
- [OpenID Connect Discovery 1.0](https://openid.net/specs/openid-connect-discovery-1_0.html) (OIDC spec)