I wonder if it is possible to use my own identity server as an OpenID provider for other well known websites such as stackoverflow.com. They allow you to sign up using your own identity provider (see https://stackoverflow.com/users/login?ssrc=head&returnurl=http%3a%2f%2fstackoverflow.com%2f) - there is a "more login options" button which lets you enter an "OpenID endpoint address".
Now my question of course is... does it work?
What does the link look like stackoverflow.com expects? I couldn't find any information about that.
Right now all my applications have a client they use to talk to the identity server. I am using hybrid flow in most cases. That's what I am familiar with. If any other website wants to "trust" my identityserver as an openid provider, how does that work without a trusted client <-> relationship?
I guess that Stack Overflow expects your server to support OpenID Connect Discovery 1.0. In short, your server is expected to expose
.well-known/openid-configuration
API which returns your server's configuration in JSON format (e.g. https://accounts.google.com/.well-known/openid-configuration). If you've not read the specification yet, I recommend that you read RFC 7033 (WebFinger) before OpenID Connect Discovery 1.0.However, this is just a guess, sorry.