The fetchOIDCMetadataFromDiscoveryEndpoint() GraphQL query field can fetch the OIDC metadata from the discovery (i.e., .well-known/openid-configuration) endpoint provided.

For more information on OpenID Connect, see the Authenticating with OpenID Connect documentation page. You may also want to look at Authentication & Identity Providers for related information.


Below is the syntax for the fetchOIDCMetadataFromDiscoveryEndpoint() query field:

fetchOIDCMetadataFromDiscoveryEndpoint(discoveryEndpoint: string!): WellKnownEndpointDetails!

Returned Datatypes

The returned datatype WellKnownEndpointDetails has its own parameters. Below is a list of them along with their datatypes and a description of each:

Table: WellKnownEndpointDetails

issuerstringyes The authentication provider issuer.
authorizationEndpointstring  A URL to the endpoint a user should be redirected to when authorizing.
jwksEndpointstring  A URL to the JWKS endpoint for retrieving keys for validating tokens. Required.
registrationEndpointstring  To use OIDC as a client, PUBLIC_URL must be set, LogScale must be registered as a client with your OpenID provider, and the provider must allow %PUBLIC_URL%/auth/oidc as a valid redirect endpoint for the client.
tokenEndpointstring  A URL to the token endpoint used to exchange a authentication code to an access token. Required for clients.
tokenEndpointAuthMethodstringyes The authentication method used to authenticate LogScale against the token endpoint. Can either be client_secret_basic or client_secret_post for placing the client id and secret in either basic auth or post data, respectively. Defaults to client_secret_basic, or client_secret_post if client_secret_basic is not supported as per the discovery endpoint.
userInfoEndpointstring  A URL to the user info endpoint used to retrieve user information from an access token.

[a] Some arguments may be required, as indicated in this column. For some fields, this column indicates that a result will always be returned for it.