Here is some further relevant information on the OpenID Connect protocol.
The Signicat Identity Broker supports the two most commonly used OpenID Connect flows: Authorisation Code and Implicit.
Authorisation Code grant flow
The Authorisation Code flow is used by clients to exchange an authorisation code for an Access Token. The Access Token can then be used at the Token endpoint to retrieve the JWT containing the required user information (claims).
See https://openid.net/specs/openid-connect-core-1_0.html#CodeFlowSteps for a detailed description of the flow.
The flow is much simpler, after the user authenticates themselves via an identity provider, the application directly receives the tokens (with the required user information), without the need for additional endpoints invocation.
See https://oauth.net/2/grant-types/implicit/ for a detailed description of the flow.
Identifies the client at the Signicat Identity Broker. This must be agreed upon between your service and Signicat before starting the integration.
The URL on your service that will receive the response.
"id token token"
This value must be set to "id token token" in order to directly receive the ID Token.
An opaque value used by the client to prevent cross-site request forgery.
String value used to associate a client session with an ID Token, and to mitigate replay attacks. It is only mandatory for implicit flow. If sent, it will also be included in the JWT in the authorisation code flow.