Auth

O Auth J W K S

List public JSON Web Keys that clients can use to validate Storyden OAuth access tokens and OpenID Connect ID tokens. This is advertised by `/.well-known/openid-configuration` as `jwks_uri`. Storyden serves this under the API mount because the key set is an API resource; the well-known discovery document itself is mounted at the instance root and is intentionally not part of this OpenAPI document.

GET/oauth/jwks

List public JSON Web Keys that clients can use to validate Storyden OAuth access tokens and OpenID Connect ID tokens.

This is advertised by /.well-known/openid-configuration as jwks_uri. Storyden serves this under the API mount because the key set is an API resource; the well-known discovery document itself is mounted at the instance root and is intentionally not part of this OpenAPI document.

Response Body

`application/json`

curl -X GET "https://example.com/oauth/jwks"

{
  "keys": [
    {
      "kty": "string",
      "use": "string",
      "alg": "string",
      "kid": "string",
      "n": "string",
      "e": "string"
    }
  ]
}

{
  "error": "string",
  "message": "string",
  "suggested": "string",
  "metadata": {}
}

Edit on GitHub

O Auth Device Consent Submit POST

Approve or deny a pending OAuth device authorisation request for the currently signed-in account. On approval Storyden recomputes the granted scope from the current account permissions and client policy. For first-party inherited clients this means the final token scope may include Storyden permission scopes that were not present in the original device authorisation request.

O Auth Provider Callback POST

OAuth2 callback.

O Auth J W K S

Response Body

200application/json

defaultapplication/json

`application/json`

`application/json`