Both the /.well-known/openid-configuration as well as the /.well-known/webfinger endpoints can be optionally enabled, if you need to set up OpenID service discovery (hint: most openid clients in the wild, including omniauth_openid_connect support this, so it’s probably a good idea).
Everyone who wants automatic integration with your OpenID provider. For comparison, if you don’t do it, you’ll have to make accessible to your customers which URL to perform authentication, which URL to get your JWKs, which response types you support, etc…
You must enable the endpoint at the root level of your router. The URL is well-known, and the method already routes it:
plugin :rodauth do
enable :oidc
end
# inside the roda router, at the root level
route do |r|
r.rodauth
r.openid_configuration # matches GET /.well-known/openid-configuration
r.webfinger # matches GET /.well-known/webfinger
...