OAuth Flow Tester
Test OAuth2 / OpenID Connect flows with PKCE against any provider. This tool runs entirely in your browser.
100% Client-Side: No backend, no servers.
Token exchange and user info go directly from your browser to
your OAuth provider.
1Configure Provider
Issuer base: Enter the issuer base
URL (e.g.
Full URL: Or paste the full discovery document URL if your provider uses a different path (e.g.
https://auth.example.com) — we
fetch from
/.well-known/openid-configuration by
default.Full URL: Or paste the full discovery document URL if your provider uses a different path (e.g.
/.well-known/oauth-authorization-server).
We use whatever URL you provide as-is.
—
Discovery Document (JSON)
2Add Callback URL to Your Provider
Add the following URL as an allowed Redirect URI / Callback URL in your OAuth provider's application settings:
—
After testing: Remove this callback URL
from your OAuth provider's allowed Redirect URIs.
3Parameters editable
Default:
openid profile email. Change if
your app needs different scopes.
—
4Start OAuth Flow
The flow will open in a new tab. Complete authentication there; results will appear in that tab.
Result
User
ID Token Claims
UserInfo Response
Tokens
Full Token Response
Privacy: All requests (discovery, token
exchange, userinfo) go directly from your browser to your
OAuth provider. No data is sent to AuthAction servers.
Implement OAuth2 in your app?
AuthAction provides complete OAuth2 and OpenID Connect support with easy-to-use SDKs.