id.oakwall.mom. Self-hosting and local deployment are not available.
What OakID provides
Authorization code + PKCE
Standard OAuth 2.0 flow with
S256 PKCE for browser and mobile clients.OIDC discovery
Machine-readable metadata at
/.well-known/openid-configuration.Developer portal
Create apps, manage redirect URIs, rotate secrets, revoke sessions.
Panel integration
OakWall Panel ships with Sign in with OakID out of the box.
Production URLs
| Resource | URL |
|---|---|
| Issuer | https://id.oakwall.mom |
| Developer portal | id.oakwall.mom/developer |
| Documentation | docs.oakwall.mom |
| OIDC discovery | id.oakwall.mom/.well-known/openid-configuration |
| Panel OAuth callback | https://panel.oakwall.mom/login/oauth/callback |
Discovery document
Every OIDC client should bootstrap from discovery — never hardcode endpoint paths.Supported flows
| Flow | Supported |
|---|---|
Authorization code (response_type=code) | Yes |
PKCE (code_challenge_method=S256) | Yes — required for browser clients |
| Refresh token rotation | Yes |
| Implicit / hybrid | No |
Get started
Register an application
Open the Developer Portal and create an OAuth app with at least one redirect URI.
Implement authorize + token
Follow the Quickstart to complete your first code exchange.
Handle errors
See Errors & troubleshooting for
invalid_grant, PKCE failures, and state mismatches.Quickstart
First OAuth flow in under 10 minutes.
API Reference
OpenAPI spec for all OAuth endpoints.