Interaction Code Flow

Full Interaction OAuth 2.0 + OIDC flow with Discovery, PKCE, and Nonce validation. This comprehensive flow demonstrates the complete authentication journey including provider discovery, secure code exchange with PKCE, ID Token validation, and UserInfo retrieval.

Try in Looking Glass
ID Token

Sequence Diagram

Click any step for details

ClientAuth ServerUser1OpenID Discovery2JWKS Fetch3Authorization Request4User Authentication5Authorization Response6Token Exchange7Token Response8ID Token Validation9UserInfo Request10UserInfo Response
Request
Response
Redirect
Internal

Step-by-Step Breakdown

1
OpenID Discovery
ClientOpenID Provider
2
JWKS Fetch
ClientOpenID Provider
3
Authorization Request
ClientOpenID Provider
4
User Authentication
UserOpenID Provider
5
Authorization Response
OpenID ProviderClient
6
Token Exchange
ClientOpenID Provider
7
Token Response
OpenID ProviderClient
8
ID Token Validation
ClientClient
9
UserInfo Request
ClientOpenID Provider
10
UserInfo Response
OpenID ProviderClient

Token Inspector

Specs for this flow

Sections of the protocol that normatively define this flow, plus the security considerations that apply to it.

Security & privacy

· Dedicated security and privacy considerations.