Menu
After going through the OpenID Connect Discovery Spec https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig, I understand that Issuer is a URL which is used to validate the discovery URL (issuer + "/.well-known/openid-configuration").
I want to know if this issuer URL should be a working URL pointing some resource/service or can be a just valid URL but do not point to any resource. Does this hold significance in any other OpenID Connect flows?
594
asked Nov 29 '25 11:11
The issuer value itself does not need to resolve to any resource or anything online. Only if you want to conform to the Discovery spec then <issuer>/.well-known/openid-configuration should resolve to the Discovery metadata document that describes the Provider.
134
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
