# public

## JSON Web Keys Discovery

 - [GET /.well-known/jwks.json](https://docs.unstoppabledomains.com/apis/loginref/openapi/public/wellknown.md): This endpoint returns JSON Web Keys to be used as public keys for verifying OpenID Connect ID Tokens and,
if enabled, OAuth 2.0 JWT Access Tokens. This endpoint can be used with client libraries like
node-jwks-rsa among others.

## OpenID Connect Discovery

 - [GET /.well-known/openid-configuration](https://docs.unstoppabledomains.com/apis/loginref/openapi/public/discoveropenidconfiguration.md): The well known endpoint an be used to retrieve information for OpenID Connect clients. We encourage you to not roll
your own OpenID Connect client but to use an OpenID Connect client library instead. You can learn more on this
flow at https://openid.net/specs/openid-connect-discovery-1_0.html .

Popular libraries for OpenID Connect clients include oidc-client-js (JavaScript), go-oidc (Golang), and others.
For a full list of clients go here: https://openid.net/developers/certified/

## OpenID Connect Userinfo

 - [GET /userinfo](https://docs.unstoppabledomains.com/apis/loginref/openapi/public/userinfo.md): This endpoint returns the payload of the ID Token, including the idTokenExtra values, of
the provided OAuth 2.0 Access Token.

For more information please refer to the spec.

In the case of authentication error, a WWW-Authenticate header might be set in the response
with more information about the error. See the spec
for more details about header format.