OpenID Implicit Grant

The OpenID Connect ID Token is retrieved in almost the same way as an OAuth 2.0 access token when you use Implicit and Authorization Code grants.

The Implicit grant is similar to the Authorization Code grant type, but instead of using a code as an intermediary, the ID token is sent directly through browser redirect.

OAuth 2.0
Get OpenID Connect Token dialog using the Implicit Grant flow
OAuth 2.0 Azure
Get OpenID Connect Token dialog for Azure Active Directory using the Implicit Grant flow

Option

Description

OpenID Connect Flow

Sets the OpenID Connect method to use.

Client Identification

An alphanumeric string used to identify the client.

Response Mode

(For Azure only) Specifies how the authorization server sends the access token. Available options:

  • not defined - The authorization server will define which method to use.

  • form_post - The token will be sent as an HTML form by using the POST method.

  • query - The token will be added to the query as a parameter.

Resource

(For Azure only) The App ID URI of the web service.

Prompt

(For Azure only) Specifies if the authentication server prompts the user to log in or consent, even if they are logged in. Possible values:

  • not defined - The server will not prompt a user to log in.

  • login - The server prompts you to log in again.

  • consent - The server asks the user to consent.

  • admin-consent - The server asks for the administrator's consent.

Authorization URL

The authorization server URL.

Redirect URL

The URL you will be redirected to after successful authorization.

Audience

Identifies the intended recipient of the ID token. Some OpenID Connect providers require this value to specify the target API or resource that accepts the token.

Additional Parameters

Custom name–value pairs to include in the OpenID Connect implicit token request. ReadyAPI appends these parameters to the request and supports property expansion for their values.

Scope

The full scope string defining the requested permissions.

Response Type

The type of response received from the server. The following values are recognized: id_token, if the server returns only an ID token, or id_token token, if the server returns both an ID token and an access token.

State

(For Azure only) The value included in the request that is also added to the token response. Usually, it is used to provide a randomly generated string to prevent a cross-site request forgery attack.

Login Hint

(For Azure only) The string is displayed as a login hint in the sign-in form.

Domain Hint

(For Azure only) Specifies the domain the user should use to sign in.

Access Token URL

The URL to use to get an access token.

Get OpenID Token

Click this button to retrieve the access token.

Automation

Opens the Automated Token Profile editor.

See Also

In this section:
© 2026
Publication date: