mock-oidc

OIDC test provider — development only

Issuer: https://oidc.pilot1.sram.surf.nl

OpenID discovery GET /.well-known/openid-configuration
Sign in (authorization code → this host /callback) redirect_uri=https://oidc.pilot1.sram.surf.nl/callback
JWKS GET /.well-known/jwks.json
Health (JSON) GET /health
GitHub repository

Device code flow

Starts RFC 8628 device authorization, then polls /token until you complete /device/verify in another tab.

Starts a phishing-resistant pam-weblogin session. Open the link in a new tab, sign in, then enter the shown PIN to complete authentication.

Enter the verification code shown in the browser window:

After sign-in you land on /callback with tokens and UserInfo. Use POST /token, GET /userinfo, POST /introspect as needed.