#identity

Turn an email address into its Gravatar avatar and public profile. Pass an email and the service normalises it, computes the MD5 and SHA-256 hashes Gravatar uses, builds a ready-to-use avatar URL, checks whether a custom Gravatar actually exists, and fetches the public profile when present — display name, username, profile URL, location, about text, linked accounts and photos. A dedicated avatar endpoint builds just the image URL with full options: size (1-2048), a default image (identicon, monsterid, robohash, retro, mp, blank, 404, or your own URL), rating and force-default. Ideal for user-profile enrichment, comment systems, contact cards, team pages and onboarding — showing a real avatar from nothing but an email. A Gravatar lookup — distinct from deterministic avatar/identicon generation (avatar), which renders a brand-new image from a seed rather than fetching the avatar a person actually chose. No upstream key, no cache.

api.oanor.com/gravatar-api

Inspect any OpenID Connect / OAuth 2.0 provider. Pass an issuer (a domain, an issuer URL, or the full discovery URL) and the service fetches the provider's discovery document at /.well-known/openid-configuration, parses every endpoint — authorization, token, userinfo, jwks, registration, end-session, introspection, revocation and device-authorization — together with the supported scopes, response types, grant types, ID-token signing algorithms, PKCE methods and claims, then fetches the JWKS and summarises its signing keys (count, algorithms, key types and key IDs), and reports a validity check with any issues. A second endpoint fetches and summarises any JSON Web Key Set on its own. The request is made server-side and private/internal targets are refused (SSRF-guarded). Built for SSO and OAuth/OIDC integration, identity-provider configuration debugging (Auth0, Okta, Keycloak, Azure AD, Google), security review and monitoring of signing-key rotation. An OIDC discovery / JWKS inspector — distinct from the JWT toolkit (jwt), the security.txt parser (securitytxt) and the HTTP security-header grader (secheaders). No upstream key, no cache.

api.oanor.com/oidc-api

ORCID as an API — the global researcher identity registry, powered by the ORCID Public API. An ORCID iD (for example 0000-0002-1825-0097) uniquely and persistently identifies a researcher across journals, funders, universities and the entire scholarly record. Search more than 15 million researchers by name, institution, keyword or external identifier using rich Solr field syntax, getting each match's ORCID iD, name, other names and affiliated institutions; read a researcher's public profile including their published and credit names, biography, research keywords, country, personal and lab websites and external identifiers such as Scopus Author ID or ResearcherID; list the works they have claimed on their record with each work's title, type, publication year, journal and DOI; and trace their employment and education affiliations with the organization, role, department and dates. Ideal for research-information systems, author disambiguation, institutional reporting, scholarly tooling and academic search. ORCID iDs come from search results or are supplied directly by the researcher. Data is the public portion of ORCID records (CC0). For the scholarly works and citation graph see the OpenAlex API; for DOIs and journal metadata the Crossref API.

api.oanor.com/orcid-api