OpenID Connect Debugger

Test OIDC requests and debug responses.

Crafted by Nate Barbettini

Start over

Success!

The flow was successful. The authorization server responded with an authorization code because the flow was started with the code response type. The authorization server responded with tokens because the flow was started with the implicit {{savedResponseType ? '(' + savedResponseType + ')' : ''}} response type.

The returned state is {{state.value}}.

{{code.value}} {{accessToken.value}} {{accessToken.value}} {{idToken.value}} {{idToken.value}}

Error

The authorization server responded with an error. This could mean that the request parameters were incorrect, or that the user rejected the authorization.

{{safeUnescape(errorDescription.value) || '(no error description)'}}

Step 2: Exchange code for tokens

Now you need to exchange the authorization code for tokens using the token endpoint. Since this flow was started with a PKCE Code Challenge, we can perform the token exchange directly in the browser for you.

{{safeUnescape(pkceError.error_description) || '(no error description)'}}

Now you need to exchange the authorization code for tokens using the token endpoint. We can't do this step for you because it involves your client secret.

POST {{tokenEndpoint || '{tokenEndpoint}'}} Content-Type: application/x-www-form-urlencoded   grant_type=authorization_code& code={{code.value}}& client_id={{savedClientId || '{clientId}'}}& client_secret={clientSecret}& redirect_uri={{encodeURIComponent(savedRedirectUri) || '{redirectUri}'}}

{{method | upper}} request details