Endpoints Reference

Note that it is strongly advisable to ensure that the base url "/", "/status" and "/metadata" endpoints are not publicly exposed.
It is also important that your network settings allow connection to the https://api.mpin.io/.well-known/openid-configuration endpoint, as this is where the program attempts to get the platform configuration. It also needs outgoing access to https://api.mpin.authorize/, https://api.mpin.io/oidc/certs and https://api.mpin.io/oidc/token

When the IdP server is running a RESTful HTTP JSON API server will listen at the following endpoints:

ENTRY POINT METHOD DESCRIPTION
/ GET returns a list of available endpoints as JSON
/status GET does a health check and returns the server status as JSON
/metadata GET Serves the IDP SAML metadata. Can be used to download the metadata file for upload to SPs
/sso GET SAML GET endpoint used by SPs to initiate the authentication flow
/login GET, POST Initiates the backend authentication with MIRACL Trust
/login/:id GET IdP-initiated login for a particular SP (identified by :id. For example /login/aws or login/dropbox)
/login/:id/*relaystate GET IdP-initiated login for a particular SP + RelayState
/logout GET Terminate the user's IdP session
/services GET Serves the list of Service Providers the current user is authorized to access.

Top