# MIRACL Trust OIDC API Endpoints
- Authorization Endpoint - This API serves the authentication page.
- Token Endpoint - This API returns the access and ID tokens.
- UserInfo Endpoint - This API returns information about the authenticated user.
- JWKS URI - This API returns a JSON Web Key Set (JWKS) that contains the public keys that can be used to verify the signatures of tokens that you receive from your authorization server.
- Configuration Discovery - This API returns OIDC metadata that can be used by clients for automatic configuration.
# Supported Scopes
| Scope | Type | Description |
|---|---|---|
| openid | Standard | Must always be included. |
| Standard | Requests access to the email and email_verified claims. |
|
| dvs | Custom | Requests access to the dvs_keys claim. Required in order to execute DVS related operations after authentication. |
| mpin_id | Custom | Requests access to the mpin_id claim. |
| hash_mpin_id | Custom | Requests access to the hash_mpin_id claim. |
# Supported Claims
| Claim | Type | Description |
|---|---|---|
| sub | Standard | Identifier for the end user. Set to the user’s email address if using the built-in verification or the provided User ID for custom user verification. Always present. |
| iss | Standard | The issuer identifier for MIRACL Trust. Always present. |
| Standard | End user’s e-mail address. Present only if the email scope is included. |
|
| email_verified | Standard | “True” if the end user’s e-mail address has been verified; otherwise, “false”. Present only if the email scope is included. |
| mpin_id | Custom | Present only if the mpin_id scope is included. |
| hash_mpin_id | Custom | Present only if the hash_mpin_id scope is included. |
| dvs_keys | Custom | Present only if the dvs scope is included. |
