This tool validates OAuth 2.0 and OpenID Connect token endpoints. It probes POST behavior, checks status and content-type semantics, inspects OAuth error formatting, and verifies browser-facing CORS and cache-control behavior.
This tool validates OAuth 2.0 and OpenID Connect token endpoints. It probes POST behavior, checks status and content-type semantics, inspects OAuth error formatting, and verifies browser-facing CORS and cache-control behavior.
Auto-discovery picks a supported client auth method from metadata when possible.
Enter a URL or paste JSON above to validate your token endpoint. Results will appear here with a detailed breakdown of all checks.