Skip to content
ezoidc

API

The ezoidc server exposes a simple API mounted under the /ezoidc path.

Public Endpoints

/ezoidc/

This endpoint returns the API version of the server.

GET /ezoidc/
{
  "ezoidc": true,
  "api_version": "1.0"
}

Authenticated Endpoints

Authenticated endpoints uses Bearer authentication and must provide a valid token for the request to be successful.

Authorization: Bearer <ID Token>

In order to accept the request, the token must be valid and intented for the server to use. This means the token must:

  • Be bound to one of the server’s configured issuers.
  • Have an audience that includes one of the server’s allowed audiences.
  • Have valid standard claims if they are present.

In case of errors, the server will respond with a JSON object containing an error string field and a reason string field.

401 Unauthorized
{
  "error": "error message",
  "reason": "invalid:claims:exp"
}

/ezoidc/1.0/variables

This endpoint returns the variables allowed for the token used to make the request.

200 OK
{
  "variables": [
    {
        "name": "variable_name",
        "value": {
            "string": "variable value"
        },
        "export": "ENV_VAR_NAME",
        "redact": false
    }
  ]
}

To send parameters with the request, set the params field in JSON POST request.

POST /ezoidc/1.0/variables
{
  "params": {
    "name": "value"
  }
}