Documentation Index
Fetch the complete documentation index at: https://apyguard.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
Overview
Use OIDC when your identity provider exposes OpenID Connect discovery metadata and your API relies on that provider for authentication.Configure OIDC in ApyGuard
- Go to Start Scan → Authorization Settings.
- Create a new authorization setting.
- Choose OIDC.
- Enter a descriptive Authorization Setting Name.
- Configure token format and token location.
- Select the API server connected to the identity provider.
- Let ApyGuard detect the OIDC configuration automatically.
- Review the detected values and edit them if needed.
- Create or select the matching OIDC credential.
- Save the authorization setting.
What ApyGuard detects
When you select the API server, ApyGuard can detect metadata such as:- Issuer
- Authorization endpoint
- Token endpoint
- Introspection endpoint
- Supported scopes
- Supported grant types
- Token endpoint authentication methods
- ID token signing algorithms
- Response types
- Supported claims
What users see in the UI
Server selection
Users must select a server before ApyGuard can detect OIDC metadata.
Detect Again action
ApyGuard includes a
Detect Again button so users can refresh provider metadata when needed.Editable metadata fields
Detected OIDC values are shown in editable fields so users can review or adjust them before saving.
OIDC credential pairing
The authorization setting should be paired with a credential that contains the client ID, client secret, and requested scopes.
When to review manually
You should review detected values when:- The server belongs to a new environment
- The provider has been reconfigured
- The supported scopes differ from expected production behavior
- The token endpoint or issuer does not match your provider setup
Recommended scopes
Many OIDC providers expect scopes such as:openidprofileemail