Documentation

FAQ

Short answers to common integration questions.

Where do I get client credentials?

Client IDs and secrets are provided by Radiant Networks. Use placeholders such as YOUR_CLIENT_ID and YOUR_CLIENT_SECRET in your codebase until credentials are issued.

What is the issuer URL?

Use https://auth.rdnt.live/api/auth. The public site is https://auth.rdnt.live.

Is PKCE required?

Yes for clients configured with requirePKCE. Radiant Auth supports S256 only. Always use PKCE.

Which scopes should I request?

Start with openid profile email. Add offline_access when you need refresh tokens.

Why isn't my redirect working?

Redirect URIs must match the registered value exactly. Check scheme, host, port, path, and trailing slash. The same URI must be sent on both authorize and token requests.

Can I use Radiant Auth from a mobile app?

Yes — use Authorization Code + PKCE. Prefer a public client or a backend token exchange so secrets never ship inside the app binary.

How do I log the user out of Radiant Auth itself?

Revoke tokens, clear your session, then optionally redirect to /api/auth/oauth2/end-session with an id_token_hint.

Tip
Still stuck? Re-read the Integration Guide and compare against the API Reference.