What this can support
- Public OIDC discovery.
- Relying-party login integration experiments.
- Public-key-oriented account binding.
- Inspection of issuer, JWKS, and metadata boundaries.
- Comparison with public operator and evidence surfaces.
OAuth/OIDC public discovery
Sign in with HODLXXI
HODLXXI exposes public OAuth/OIDC metadata for Sign in with HODLXXI. This page is a human/developer wrapper around public OIDC discovery surfaces; the canonical integration guide remains in docs/OIDC_INTEGRATION.md.
Integration overview
Sign in with HODLXXI is public-key identity oriented. Developers should use the public metadata endpoints, follow the current implementation boundaries, and treat the OIDC subject as a stable public-key identity signal rather than as a broad real-world identity claim.
Relying parties remain responsible for their own account-binding rules, risk checks, and normal OIDC validation. Use authorization code flow with PKCE S256 for browser-based integrations.
Public metadata
Use these public surfaces for discovery and key validation. The JSON endpoints are intended for machines; this page adds human-readable context only.
Recommended client flow
- Discover metadata from
/.well-known/openid-configuration. - Use authorization code flow with PKCE S256.
- Verify issuer, audience, expiration, and signature using JWKS from
/oauth/jwks.json. - Bind application accounts to the returned subject according to the relying party’s own risk model.
- Do not treat this as KYC/legal identity.
Related public evidence
What this does not prove
- It does not prove legal identity.
- It does not prove KYC.
- It does not prove custody of funds.
- It does not prove locked capital.
- It does not prove that every relying party should trust every subject automatically.
- It does not replace application-specific risk checks.
- It does not replace normal OIDC token validation.
- It does not require trusting private screenshots.