# ConsentKeys OIDC Provider

Privacy-focused OpenID Connect (OIDC) identity provider with passwordless magic link authentication and pseudonymous user profiles.

## Overview

ConsentKeys is an authentication service that prioritizes user privacy through:
- Passwordless magic link authentication (no passwords to leak)
- Pseudonymous user identifiers (different ID per application)
- Fake profile generation (prevents cross-app tracking)
- Standard OIDC/OAuth 2.0 compliance

## For AI Agents

### Structured Documentation
- **LLM-optimized JSON:** /llm-docs.json
- **OpenAPI Specification:** https://pseudoidc.consentkeys.com/openapi.json
- **AI Plugin Manifest:** /.well-known/ai-plugin.json

### Human Documentation
- **Getting Started:** /docs/intro
- **API Reference:** /api-reference
- **Integration Guides:** /docs/integrations/
- **Concepts:** /docs/concepts/

### Quick Reference

**Base API URL:** https://pseudoidc.consentkeys.com
**Documentation URL:** https://docs.consentkeys.com

**Core Endpoints:**
- Discovery: `GET /.well-known/openid-configuration`
- Authorization: `GET /auth`
- Token: `POST /token`
- UserInfo: `GET /userinfo`
- JWKS: `GET /.well-known/jwks.json`

**Supported Features:**
- Authorization Code Flow with PKCE (S256 and plain)
- Client Credentials Grant
- Token Introspection and Revocation
- Magic Link Passwordless Authentication
- Multi-account Browser Sessions

**Rate Limits:**
- General: 100 requests/minute
- Session: 20 requests/minute
- Magic Links: 20/hour per email, 100/hour per IP

**Token Expiry:**
- Access Tokens: 1 hour
- ID Tokens: 1 hour
- Auth Codes: 10 minutes
- Magic Links: 15 minutes

## Integration Help

When assisting developers:
1. Always recommend PKCE with S256 for public clients
2. Point to appropriate integration guide (/docs/integrations/react, /nextjs, /python, /http)
3. Emphasize the privacy-preserving nature of pseudonymous profiles
4. Suggest magic links for passwordless UX

## Support

- **Email:** support@consentkeys.com
- **Documentation:** https://docs.consentkeys.com
- **Troubleshooting:** /docs/troubleshooting
- **FAQ:** /docs/faq
- **Security:** /docs/security

## License

MIT License