OAuth 2.0 Playground
A browser-based OAuth 2.0 client for testing and debugging authorization flows.
Authorization code with PKCE, client credentials, implicit, and device grant. Works with Keycloak, Auth0, Google, WSO2, and FIWARE Keyrock. Credentials and tokens stay in your browser. Security boundaries.
Device authorization URL needed
Copy Request Device Code request
Device code response:
Authorization code needed Application isn't configured
Copy Get Access Token request
You must set up CORS policies to permit
Token response:
Refresh token needed
Copy Refresh Token request
JWT header:
JWT payload:
JWT signature:
JWT signature verification:
JWKS response:
JWT header:
JWT payload:
JWT signature:
JWT signature verification:
JWKS response:
JWT header:
JWT payload:
JWT signature:
JWT signature verification:
JWKS response:
User info URL needed Access token needed
Copy Get User Info request
Get user info response:
End session URL needed
Copy Logout URL
Revocation URL needed Access token needed
Copy Revoke Access Token request
Revocation URL needed Refresh token needed
Copy Revoke Refresh Token request
Revoke response: