Duo OIDC Auth API Implementation

We are implementing the Duo OIDC Auth API for adding strong two-factor authentication to our web application.( Duo OIDC Auth API - Duo Universal Prompt | Duo Security)

In our understanding Duo uses FAPI security client_secret_jwt for client authentication. Is it correct?

We’d like to know is there any sample client implementation to refer because we would like to design the OIDC client in a generic way.

Our pain area is to design the request.payload arguments config structure in an end user perspective.

Looking forward to hearing from you.

Did you look at our GitHub organization Duo Security · GitHub? All of the duo_universal_* repositories are SDKs for OIDC integration, with a demo application.