MockAuth

A mock OpenID Connect provider for QA and automated tests.

Issuer
https://mockauth.example.com/r/tenant_qa_default_resource/oidc
Discovery
https://mockauth.example.com/r/tenant_qa_default_resource/oidc/.well-known/openid-configuration
Authorize
https://mockauth.example.com/r/tenant_qa_default_resource/oidc/authorize

Standard endpoints: discovery, authorize, token, userinfo, and JWKS.

Implements industry-standard flows used by modern SPAs and mobile apps.

Strict redirect URI validation to mirror production security rules.

Manage tenants, clients, and signing keys via a streamlined UI.

Forward authentication to real IdPs while preserving local validation rules.

Predictable tokens and scopes for stable automated tests.

Run automated tests with full OIDC flows and predictable authentication.

Spin up authentication for every deployment without provisioning identity tenants.

Run MockAuth locally and test OAuth/OIDC integrations before production.

1
Autonomous testing: Develop apps that require OIDC login without relying on production identity providers.
2
Reliable authentication tests: Ensure token validation and redirect behavior remain stable regardless of upstream provider changes.
3
Simulating authentication scenarios: Simulate scopes, identifiers, and claims without manual user provisioning.

Drop MockAuth into your stack and run full OIDC flows locally or in CI with a single command.

Is MockAuth a production identity provider?: No. It is designed for development, QA, and automated testing environments.
Is it OIDC compliant?: Yes. MockAuth exposes standard OIDC endpoints including discovery, JWKS, and Authorization Code + PKCE.
Can it proxy to a real identity provider?: Yes. Proxy mode allows MockAuth to forward requests to an upstream OIDC provider.
Does it validate redirect URIs?: Yes. Redirect URIs are validated with strict matching by default.