The well-known endpoint (.well-known/openid-configuration) that provides OpenID Connect configuration metadata, including all available endpoints and supported features.
GitLab issuer URL
https://gitlab.com
A unique identifier URL that identifies the OAuth/OIDC provider and is used to validate tokens
GitLab authorization endpoint
https://gitlab.com/oauth/authorize
The endpoint to redirect users to in order to grant your application access to their account.
GitLab token endpoint
https://gitlab.com/oauth/token
The endpoint to exchange the authorization code or refresh token for an access token and a refresh token.
GitLab userinfo endpoint
https://gitlab.com/oauth/userinfo
The standardized OAuth endpoint that returns authenticated user profile information, including claims about the current user based on the scope of access token.
GitLab JWKS URI
https://gitlab.com/oauth/discovery/keys
The URI that provides public keys for verifying JWT tokens. These keys are used to validate the authenticity of tokens issued by the authorization server.
GitLab revocation endpoint
https://gitlab.com/oauth/revoke
The endpoint used to invalidate access tokens or refresh tokens before their expiration time, typically used when a user logs out or revokes application access.
GitLab introspection endpoint
https://gitlab.com/oauth/introspect
The endpoint that allows authorized parties to check the state and validity of an access token or refresh token, returning detailed token metadata.