Skip to main content

OpenID Connect

Quran.Foundation's OAuth 2.0 APIs can be used for both authentication and authorization.

In this guide, we have breifly explained what OAuth2 is and how to integrate with Quran.Foundation's OAuth2 server.

Besides OAuth2, Quran.Foundation also supports OpenId Connect standards by providing the UserInfo Endpoint to get more information about the user.

To be able to access OpenId Connect's endpoints, make sure to include openid in the list of requested scopes. Once this is done, besides access_token, the authorization callback will also contain a JWT id_token parameter.

The ID Token (id_token) contains information about the user and can be decoded using one of the JWT libraries to know more about the identity of the user. Below is an example of a decoded id_token:

{
"at_hash": "tGJSmRygf5HXuZx1YDP1",
"aud": [
"quran-demo"
],
"auth_time": 1675234788,
"email": "xyz@example.com",
"exp": 1677591803,
"first_name": "Muhammad",
"iat": 1677588203,
"iss": "https://oauth2.quran.foundation/",
"jti": "a144b79e-3e50-40b8-8053c462000",
"last_name": "Muhajir",
"rat": 1677588190,
"sid": "ce2fe21b-87hd-40fb-b4c54dc898df7",
"sub": "a4f5a01d-a641-4b23-ba002f704cfaa"
}