Create OAuth Client
POST/oauth-clients
This creates an OAuth client.
Request
- application/json
Body
required
The name of the business the API Client should belong to
The homepage URL associated with the owner of the API Client
A human-readable name for the API Client
A description of the API Client
The number of seconds an access token generated for this API Client is valid for
The number of seconds a refresh token generated for this API Client is valid for
A list of the approved redirect URIs. Provide one or more URIs when assigning the AUTHORIZATION_CODE grant type to a new OAuth Client.
Possible values: [CLIENT_CREDENTIALS
, AUTHORIZATION_CODE
, REFRESH_TOKEN
]
A list of OAuth 2.0 grant types this API Client can be used with
Possible values: [ONLINE
, OFFLINE
]
The access type (online or offline) of this API Client
Possible values: [CONFIDENTIAL
, PUBLIC
]
The type of the API Client (public or confidential)
An indicator of whether the API Client can be used for requests internal within the product.
An indicator of whether the API Client is enabled for use
An indicator of whether the API Client supports strong authentication
An indicator of whether the API Client supports the serialization of SAML claims when used with the authorization_code flow
Scopes of the API Client. If no scope is specified, the client will be created with the default scope "sp:scopes:all". This means the API Client will have all the rights of the owner who created it.
Responses
- 200
- 400
- 401
- 403
- 429
- 500
Request succeeded.
- application/json
- Schema
- Example (from schema)
Schema
ID of the OAuth client
Secret of the OAuth client (This field is only returned on the intial create call.)
The name of the business the API Client should belong to
The homepage URL associated with the owner of the API Client
A human-readable name for the API Client
A description of the API Client
The number of seconds an access token generated for this API Client is valid for
The number of seconds a refresh token generated for this API Client is valid for
A list of the approved redirect URIs used with the authorization_code flow
Possible values: [CLIENT_CREDENTIALS
, AUTHORIZATION_CODE
, REFRESH_TOKEN
]
A list of OAuth 2.0 grant types this API Client can be used with
Possible values: [ONLINE
, OFFLINE
]
The access type (online or offline) of this API Client
Possible values: [CONFIDENTIAL
, PUBLIC
]
The type of the API Client (public or confidential)
An indicator of whether the API Client can be used for requests internal to IDN
An indicator of whether the API Client is enabled for use
An indicator of whether the API Client supports strong authentication
An indicator of whether the API Client supports the serialization of SAML claims when used with the authorization_code flow
The date and time, down to the millisecond, when the API Client was created
The date and time, down to the millisecond, when the API Client was last updated
Scopes of the API Client.
{
"id": "2c9180835d2e5168015d32f890ca1581",
"secret": "5c32dd9b21adb51c77794d46e71de117a1d0ddb36a7ff941fa28014ab7de2cf3",
"businessName": "Acme-Solar",
"homepageUrl": "http://localhost:12345",
"name": "Demo API Client",
"description": "An API client used for the authorization_code, refresh_token, and client_credentials flows",
"accessTokenValiditySeconds": 750,
"refreshTokenValiditySeconds": 86400,
"redirectUris": [
"http://localhost:12345"
],
"grantTypes": [
"AUTHORIZATION_CODE",
"CLIENT_CREDENTIALS",
"REFRESH_TOKEN"
],
"accessType": "OFFLINE",
"type": "CONFIDENTIAL",
"internal": false,
"enabled": true,
"strongAuthSupported": false,
"claimsSupported": false,
"created": "2017-07-11T18:45:37.098Z",
"modified": "2018-06-25T20:22:28.104Z",
"scope": [
"demo:api-client-scope:first",
"demo:api-client-scope:second"
]
}
Client Error - Returned if the request body is invalid.
- application/json
- Schema
- Example (from schema)
Schema
Array [
]
Array [
]
Fine-grained error code providing more detail of the error.
Unique tracking id for the error.
messages
object[]
Generic localized reason for error
The locale for the message text, a BCP 47 language tag.
Possible values: [DEFAULT
, REQUEST
, null
]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Actual text of the error message in the indicated locale.
causes
object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
The locale for the message text, a BCP 47 language tag.
Possible values: [DEFAULT
, REQUEST
, null
]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Actual text of the error message in the indicated locale.
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
- application/json
- Schema
- Example (from schema)
Schema
A message describing the error
{
"error": "JWT validation failed: JWT is expired"
}
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
- application/json
- Schema
- Example (from schema)
- 403
Schema
Array [
]
Array [
]
Fine-grained error code providing more detail of the error.
Unique tracking id for the error.
messages
object[]
Generic localized reason for error
The locale for the message text, a BCP 47 language tag.
Possible values: [DEFAULT
, REQUEST
, null
]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Actual text of the error message in the indicated locale.
causes
object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
The locale for the message text, a BCP 47 language tag.
Possible values: [DEFAULT
, REQUEST
, null
]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Actual text of the error message in the indicated locale.
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
An example of a 403 response object
{
"detailCode": "403 Forbidden",
"trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The server understood the request but refuses to authorize it."
}
]
}
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
- application/json
- Schema
- Example (from schema)
Schema
A message describing the error
{
"message": " Rate Limit Exceeded "
}
Internal Server Error - Returned if there is an unexpected error.
- application/json
- Schema
- Example (from schema)
- 500
Schema
Array [
]
Array [
]
Fine-grained error code providing more detail of the error.
Unique tracking id for the error.
messages
object[]
Generic localized reason for error
The locale for the message text, a BCP 47 language tag.
Possible values: [DEFAULT
, REQUEST
, null
]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Actual text of the error message in the indicated locale.
causes
object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
The locale for the message text, a BCP 47 language tag.
Possible values: [DEFAULT
, REQUEST
, null
]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Actual text of the error message in the indicated locale.
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
An example of a 500 response object
{
"detailCode": "500.0 Internal Fault",
"trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "An internal fault occurred."
}
]
}