Developing

BMC Helix Single Sign-On provides the following OAuth 2.0 endpoints:

• • /rsso/oauth2/v1.1/token
  • /rsso/oauth2/token
  • /rsso/oauth2/authorize
  • /rsso/oauth2/revoke
  • /rsso/oauth2/introspect
  • /rsso/oauth2/userinfo
  • /rsso/oauth2/jwks
  • /rsso/.well-known/openid-configuration

/rsso/oauth2/v1.1/token

Issues the access/refresh tokens. Additionally, this endpoint supportsJWT as Authorization Grant, returns the token_type parameter in the response, and may useJWT for Client Authentication. For more information, seeToken Endpoint.

/rsso/oauth2/token

Issues the access/refresh tokens. Additionally, this endpoint supportsJWT as Authorization Grantand may useJWT for Client authentication. For more information, seeToken Endpoint.

/rsso/oauth2/authorize

Obtains the OAuth2 authorization code. For more information, seeAuthorization Endpoint .

/rsso/oauth2/revoke

Enables BMC Helix SSO to invalidate its tokens if the end user logs out or changes identity. Additionally, this endpoint may useJWT for Client authentication. For more information, seeRevocation Endpoint.

/rsso/oauth2/introspect

Enables BMC Helix SSO to check the validity of access tokens and obtain meta-information such as which end user and which scopes are associated with the token. Additionally, this endpoint may useJWT for Client authentication. For more information, seeIntrospection Endpoint.

/rsso/oauth2/userinfo

Retrieves the consented UserInfo and other claims about the logged-in end user in BMC Helix SSO. For more information, see UserInfo Endpoint.

/rsso/oauth2/jwks

Returns information about the JWK Set for the specified OAuth provider. For more information, seeJWKS Endpoint.

/rsso/.well-known/openid-configuration

Retrieves the OpenID Connect provider's configuration information. For more information, seeOpenID Connect Configuration Endpoint.