Using OpenID Connect
How to use OpenID Connect with Carta's OAuth workflow
OpenID Connect (OIDC) is an identity layer built on top of OAuth 2.0. It allows you to obtain additional information (called
Claim Values) about a user while going through the OAuth 2.0 authorization code flow. The OpenID Connect Basic Client Implementer's Guide gives detailed information about these scopes.
How to Use
You must request these special scopes for OIDC when you register your application (see Registering your Application):
openid : Allows you to call the endpoint
profile : Returns common fields in the
If your application uses these special scopes, requests you make to the token endpoint will return additional information in our response. The only difference between this and the regular authorization flow is that you will receive an
id_token as part of our response. The
id_token is a JWT that contains the user claims that you requested via the scopes specified by your application.
If you are using an OIDC compliant client library, you can automatically configure OIDC integration by pointing to Carta’s OIDC Discovery document (also known as a “well-known endpoint”) which contains additional details about our OIDC configuration. This Discovery document is a JSON document containing key-value pairs that outline Carta’s OIDC configuration, including URIs of the authorization, token, revocation, and userinfo endpoints.
You can retrieve Carta’s OIDC Discovery document here:
Updated 9 days ago