Endpoints available in ZTrust

Endpoints are the entry points to authenticate in ZTrust.

Token Endpoint is the central OIDC endpoint in ZTrust responsible for issuing tokens after successful authentication. Applications exchange authorization codes, credentials, or refresh tokens here to obtain new Access Tokens, ID Tokens, or Refresh Tokens.

Token Endpoint:

POST /realms/{realm-name}/protocol/openid-connect/token

This is the main endpoint for obtaining:
- Access tokens
- ID tokens
- Refresh tokens
It supports grant types like authorization code, password (direct grant), client credentials, and refresh token.

Logout Endpoint:

POST /realms/{realm-name}/protocol/openid-connect/logout

It allows revoking user sessions; requires refresh token and client credentials for direct invocation.

Certificates (JWKS) Endpoint:

GET /realms/{realm-name}/protocol/openid-connect/certs

Provides public keys in JWK format for verifying JWT signatures.

Token Introspection Endpoint:

POST /realms/{realm-name}/protocol/openid-connect/token/introspect

Validates the state of access or refresh tokens. Confidential clients only. Accepts application/jwt or application/json.

Token Revocation Endpoint:

POST /realms/{realm-name}/protocol/openid-connect/revoke

Allows revocation of access or refresh tokens.

PreviousTokens used in ZTrust NextSecuring a Spring Boot Application

Last updated 3 days ago