The Coil OpenID Connect (OIDC) and OAuth2 provider uses the oidc-provider package, which implements the specs described by openid.net.

OpenID Connect settings

Openid-configuration is the Coil OIDC provider's discovery document. The document describes the API endpoints used during the authentication sequence. You'll need these details to construct requests to the server. Specifying this URL connects the authenticator to the OIDC provider.



Discovery Endpoint


Authorization Scope


Basic OAuth flow

The Coil OIDC and OAuth2 provider uses the authorization code flow to grant access to resources (such as profile information) owned by Coil users.

  1. Register your client app with Coil to receive a registration access token.

  2. Register your app with the Coil OIDC provider to exchange the registration access token for a client ID and client secret.

  3. Get permission for your app to access resources owned by a Coil user.

  4. Request an access token.

  5. Get the resources that the app was previously granted access to.

  6. Issue the Coil user a BTP token.