> ## Documentation Index
> Fetch the complete documentation index at: https://stytch.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Get OpenID Configuration

> Get the OpenID configuration for a project.

Get the OpenID configuration for a project. The configuration can be used to determine the endpoints and settings for the Connected App's OpenID flow. This endpoint uses your [Custom Domain](/connected-apps/resources/custom-domains).

No authorization is needed for this endpoint.

This endpoint implements the [OpenID configuration](https://openid.net/specs/openid-connect-discovery-1%5F0.html#ProviderConfigurationRequest) endpoint.

<Info>
  We recommend using the [Custom Domain](/connected-apps/resources/custom-domains) whenever possible. For backwards compatibility reasons, this endpoint is also available at [https://test.stytch.com/v1/public/\$\{projectId}/.well-known/openid-configuration](https://test.stytch.com/v1/public/\$\{projectId}/.well-known/openid-configuration).
</Info>

## Response

<ResponseField name="authorization_endpoint" type="string">
  The URL of the authorization endpoint. The authorization endpoint is UI hosted by your application and is configured within the Stytch dashboard.
</ResponseField>

<ResponseField name="grant_types_supported" type="array">
  JSON array containing a list of the OAuth 2.0 grant types supported.
</ResponseField>

<ResponseField name="id_token_signing_alg_values_supported" type="array">
  JSON array containing a list of the JWS signing algorithms (alg values) supported for the ID Token to encode the Claims in a JWT. RS256 is included by default.
</ResponseField>

<ResponseField name="issuer" type="string">
  The URL of the issuer, as returned by the iss claim in the token.

  * If your project uses a custom domain (CNAME) for API requests, this will be your custom domain (e.g., [https://login.yourcompany.com](https://login.yourcompany.com)), which is fully OIDC compliant.
  * If you do not use a custom domain, the issuer will be stytch.com/\$project\_id, which is not fully OIDC compliant and may not be accepted by all OIDC clients.

  To ensure OIDC compliance, set up and use a custom domain for your authentication flows. See the [Custom Domains guide](/connected-apps/resources/custom-domains) for more information.
</ResponseField>

<ResponseField name="jwks_uri" type="string">
  The URL of the JWKS endpoint.
</ResponseField>

<ResponseField name="response_types_supported" type="array">
  JSON array containing a list of the OAuth 2.0 `response_type` values supported.
</ResponseField>

<ResponseField name="scopes_supported" type="array">
  JSON array containing a list of the OAuth 2.0 scope values supported. openid is supported by default. Note that any custom scopes you specify in an RBAC configuration will also be listed here.
</ResponseField>

<ResponseField name="subject_types_supported" type="array">
  JSON array containing a list of the Subject Identifier types supported.
</ResponseField>

<ResponseField name="token_endpoint" type="string">
  The URL of the token endpoint.
</ResponseField>

<ResponseField name="token_endpoint_auth_methods_supported" type="array">
  JSON array containing a list of Client Authentication methods supported by the Token Endpoint.
</ResponseField>

<ResponseField name="request_id" type="string">
  Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we
  may ask for this value to help identify a specific API call when helping you debug an issue.
</ResponseField>

<ResponseField name="status_code" type="number">
  The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values
  equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
</ResponseField>

<Panel>
  <RequestExample>
    ```curl cURL theme={null}
    curl --request GET \
        --url https://${projectDomain}/.well-known/openid-configuration
    ```
  </RequestExample>

  <ResponseExample>
    ```json 200 theme={null}
    {
      "authorization_endpoint": "https://example.com/oauth2/authorize",
      "grant_types_supported": [
        "authorization_code"
      ],
      "id_token_signing_alg_values_supported": [
        "RS256"
      ],
      "issuer": "https://${projectDomain}",
      "jwks_uri": "https://${projectDomain}/.well-known/jwks.json",
      "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
      "response_types_supported": [
        "code"
      ],
      "scopes_supported": [
        "openid",
        "profile",
        "email",
        "phone",
        "offline_access"
      ],
      "status_code": 200,
      "subject_types_supported": [
        "public"
      ],
      "token_endpoint": "https://${projectDomain}/v1/oauth2/token",
      "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post"
      ],
      "userinfo_endpoint": "https://${projectDomain}/v1/oauth2/userinfo"
    }
    ```

    ```json 429 theme={null}
    {
      "status_code": 429,
      "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
      "error_type": "too_many_requests",
      "error_message": "Too many requests have been made.",
      "error_url": "https://stytch.com/docs/api/errors/429"
    }
    ```

    ```json 500 theme={null}
    {
      "status_code": 500,
      "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
      "error_type": "internal_server_error",
      "error_message": "Oops, something seems to have gone wrong, please reach out to support@stytch.com to let us know what went wrong.",
      "error_url": "https://stytch.com/docs/api/errors/500"
    }
    ```
  </ResponseExample>
</Panel>
