Welcome to Duende IdentityServer (version 6.3.5)

• IdentityServer publishes a discovery document where you can find metadata and links to all the endpoints, key material, etc.
• Click here to see the claims for your current session.
• Click here to manage your stored grants.
• Click here to view your pending CIBA login requests.
• Here are links to the source code repository, ready to use samples, and this demo server.

Demo clients

• client id: m2m
  grant type: client credentials
  client secret: secret
  access token lifetime: 60 minutes
  allowed scopes: api
• client id: m2m.jwt
  grant type: client credentials
  client secret: private key JWT
  access token lifetime: 60 minutes
  allowed scopes: api
• client id: m2m.short
  grant type: client credentials
  client secret: secret
  access token lifetime: 75 seconds
  allowed scopes: api
• client id: m2m.short.jwt
  grant type: client credentials
  client secret: private key JWT
  access token lifetime: 75 seconds
  allowed scopes: api
• client id: m2m.dpop
  grant type: client credentials
  client secret: secret
  access token lifetime: 60 minutes
  allowed scopes: api
  requires the use of DPoP
• client id: m2m.dpop.nonce
  grant type: client credentials
  client secret: secret
  access token lifetime: 60 minutes
  allowed scopes: api
  requires the use of DPoP and nonce
• client id: interactive.confidential
  grant type: authorization code with PKCE and client credentials
  client secret: secret
  access token lifetime: 60 minutues
  allowed scopes: openid profile email api offline_access
• client id: interactive.confidential.jar.jwt
  grant type: authorization code with PKCE and client credentials - requires JAR
  client secret: private key JWT
  access token lifetime: 60 minutues
  allowed scopes: openid profile email api offline_access
• client id: interactive.confidential.short
  grant type: authorization code with PKCE and client credentials
  client secret: secret
  access token lifetime: 75 seconds
  allowed scopes: openid profile email api offline_access
• client id: interactive.confidential.short.jar.jwt
  grant type: authorization code with PKCE and client credentials - requires JAR
  client secret: private key JWT
  access token lifetime: 75 seconds
  allowed scopes: openid profile email api offline_access
• client id: interactive.public
  grant type: authorization code with PKCE
  access token lifetime: 60 minutues
  allowed scopes: openid profile email api offline_access
• client id: interactive.public.short
  grant type: authorization code with PKCE
  access token lifetime: 75 seconds
  allowed scopes: openid profile email api offline_access
• client id: device
  grant type: urn:ietf:params:oauth:grant-type:device_code
  access token lifetime: 60 minutues
  allowed scopes: openid profile email api
• client id: login
  grant type: id_token
  allowed scopes: openid profile email
• You can call a test API at https://demo.duendesoftware.com/api/test. This accepts Bearer token requests.
• You can call a test API at https://demo.duendesoftware.com/api/dpop/test. This accepts DPoP token requests.
• You can use the below RSA key for all clients requiring private key JWT authentication or JAR:

  {'d':'GmiaucNIzdvsEzGjZjd43SDToy1pz-Ph-shsOUXXh-dsYNGftITGerp8bO1iryXh_zUEo8oDK3r1y4klTonQ6bLsWw4ogjLPmL3yiqsoSjJa1G2Ymh_RY_sFZLLXAcrmpbzdWIAkgkHSZTaliL6g57vA7gxvd8L4s82wgGer_JmURI0ECbaCg98JVS0Srtf9GeTRHoX4foLWKc1Vq6NHthzqRMLZe-aRBNU9IMvXNd7kCcIbHCM3GTD_8cFj135nBPP2HOgC_ZXI1txsEf-djqJj8W5vaM7ViKU28IDv1gZGH3CatoysYx6jv1XJVvb2PH8RbFKbJmeyUm3Wvo-rgQ','dp':'YNjVBTCIwZD65WCht5ve06vnBLP_Po1NtL_4lkholmPzJ5jbLYBU8f5foNp8DVJBdFQW7wcLmx85-NC5Pl1ZeyA-Ecbw4fDraa5Z4wUKlF0LT6VV79rfOF19y8kwf6MigyrDqMLcH_CRnRGg5NfDsijlZXffINGuxg6wWzhiqqE','dq':'LfMDQbvTFNngkZjKkN2CBh5_MBG6Yrmfy4kWA8IC2HQqID5FtreiY2MTAwoDcoINfh3S5CItpuq94tlB2t-VUv8wunhbngHiB5xUprwGAAnwJ3DL39D2m43i_3YP-UO1TgZQUAOh7Jrd4foatpatTvBtY3F1DrCrUKE5Kkn770M','e':'AQAB','kid':'ZzAjSnraU3bkWGnnAqLapYGpTyNfLbjbzgAPbbW2GEA','kty':'RSA','n':'wWwQFtSzeRjjerpEM5Rmqz_DsNaZ9S1Bw6UbZkDLowuuTCjBWUax0vBMMxdy6XjEEK4Oq9lKMvx9JzjmeJf1knoqSNrox3Ka0rnxXpNAz6sATvme8p9mTXyp0cX4lF4U2J54xa2_S9NF5QWvpXvBeC4GAJx7QaSw4zrUkrc6XyaAiFnLhQEwKJCwUw4NOqIuYvYp_IXhw-5Ti_icDlZS-282PcccnBeOcX7vc21pozibIdmZJKqXNsL1Ibx5Nkx1F1jLnekJAmdaACDjYRLL_6n3W4wUp19UvzB1lGtXcJKLLkqB6YDiZNu16OSiSprfmrRXvYmvD8m6Fnl5aetgKw','p':'7enorp9Pm9XSHaCvQyENcvdU99WCPbnp8vc0KnY_0g9UdX4ZDH07JwKu6DQEwfmUA1qspC-e_KFWTl3x0-I2eJRnHjLOoLrTjrVSBRhBMGEH5PvtZTTThnIY2LReH-6EhceGvcsJ_MhNDUEZLykiH1OnKhmRuvSdhi8oiETqtPE','q':'0CBLGi_kRPLqI8yfVkpBbA9zkCAshgrWWn9hsq6a7Zl2LcLaLBRUxH0q1jWnXgeJh9o5v8sYGXwhbrmuypw7kJ0uA3OgEzSsNvX5Ay3R9sNel-3Mqm8Me5OfWWvmTEBOci8RwHstdR-7b9ZT13jk-dsZI7OlV_uBja1ny9Nz9ts','qi':'pG6J4dcUDrDndMxa-ee1yG4KjZqqyCQcmPAfqklI2LmnpRIjcK78scclvpboI3JQyg6RCEKVMwAhVtQM6cBcIO3JrHgqeYDblp5wXHjto70HVW6Z8kBruNx1AH9E8LzNvSRL-JVTFzBkJuNgzKQfD0G77tQRgJ-Ri7qu3_9o1M4'}