Patch OAuth Client

PATCH /oauth-clients/:id

This performs a targeted update to the field(s) of an OAuth client. Request will require a security scope of

sp:oauth-client:manage

Request

Path Parameters

id stringrequired

The OAuth client id

Example: ef38f94347e94562b5bb8424a56397d8

application/json-patch+json

Body

array

required

A list of OAuth client update operations according to the JSON Patch standard.

The following fields are patchable:

tenant
businessName
homepageUrl
name
description
accessTokenValiditySeconds
refreshTokenValiditySeconds
redirectUris
grantTypes
accessType
enabled
strongAuthSupported
claimsSupported

Array [

op stringrequired

Possible values: [add, remove, replace, move, copy, test]

The operation to be performed

path stringrequired

A string JSON Pointer representing the target path to an element to be affected by the operation

value

object

The value to be used for the operation, required for "add" and "replace" operations

oneOf

string
boolean
integer
object
array

string

]

Responses

Indicates the PATCH operation succeeded, and returns the OAuth client's new representation.

application/json

Schema
Example (from schema)

Schema

id stringrequired

ID of the OAuth client

businessName stringnullablerequired

The name of the business the API Client should belong to

homepageUrl stringnullablerequired

The homepage URL associated with the owner of the API Client

name stringrequired

A human-readable name for the API Client

description stringnullablerequired

A description of the API Client

accessTokenValiditySeconds int32required

The number of seconds an access token generated for this API Client is valid for

refreshTokenValiditySeconds int32required

The number of seconds a refresh token generated for this API Client is valid for

redirectUris string[]nullablerequired

A list of the approved redirect URIs used with the authorization_code flow

grantTypes GrantType (string)[]required

Possible values: [CLIENT_CREDENTIALS, AUTHORIZATION_CODE, REFRESH_TOKEN]

A list of OAuth 2.0 grant types this API Client can be used with

accessType AccessType (string)required

Possible values: [ONLINE, OFFLINE]

The access type (online or offline) of this API Client

type ClientType (string)required

Possible values: [CONFIDENTIAL, PUBLIC]

The type of the API Client (public or confidential)

internal booleanrequired

An indicator of whether the API Client can be used for requests internal to IDN

enabled booleanrequired

An indicator of whether the API Client is enabled for use

strongAuthSupported booleanrequired

An indicator of whether the API Client supports strong authentication

claimsSupported booleanrequired

An indicator of whether the API Client supports the serialization of SAML claims when used with the authorization_code flow

created date-timerequired

The date and time, down to the millisecond, when the API Client was created

modified date-timerequired

The date and time, down to the millisecond, when the API Client was last updated

secret stringnullable

metadata stringnullable

lastUsed date-timenullable

The date and time, down to the millisecond, when this API Client was last used to generate an access token. This timestamp does not get updated on every API Client usage, but only once a day. This property can be useful for identifying which API Clients are no longer actively used and can be removed.

scope string[]nullablerequired

Scopes of the API Client.

{
  "id": "2c9180835d2e5168015d32f890ca1581",
  "businessName": "Acme-Solar",
  "homepageUrl": "http://localhost:12345",
  "name": "Demo API Client",
  "description": "An API client used for the authorization_code, refresh_token, and client_credentials flows",
  "accessTokenValiditySeconds": 750,
  "refreshTokenValiditySeconds": 86400,
  "redirectUris": [
    "http://localhost:12345"
  ],
  "grantTypes": [
    "AUTHORIZATION_CODE",
    "CLIENT_CREDENTIALS",
    "REFRESH_TOKEN"
  ],
  "accessType": "OFFLINE",
  "type": "CONFIDENTIAL",
  "internal": false,
  "enabled": true,
  "strongAuthSupported": false,
  "claimsSupported": false,
  "created": "2017-07-11T18:45:37.098Z",
  "modified": "2018-06-25T20:22:28.104Z",
  "secret": "string",
  "metadata": "string",
  "lastUsed": "2017-07-11T18:45:37.098Z",
  "scope": [
    "demo:api-client-scope:first",
    "demo:api-client-scope:second"
  ]
}

Client Error - Returned if the request body is invalid.

application/json

Schema
Example (from schema)

Schema

detailCode string

Fine-grained error code providing more detail of the error.

trackingId string

Unique tracking id for the error.

messages

object[]

Generic localized reason for error

Array [

locale stringnullable

The locale for the message text, a BCP 47 language tag.

localeOrigin LocaleOrigin (string)nullable

Possible values: [DEFAULT, REQUEST, null]

An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.

text string

Actual text of the error message in the indicated locale.

]

causes

object[]

Plain-text descriptive reasons to provide additional detail to the text provided in the messages field

Array [

locale stringnullable

The locale for the message text, a BCP 47 language tag.

localeOrigin LocaleOrigin (string)nullable

Possible values: [DEFAULT, REQUEST, null]

text string

Actual text of the error message in the indicated locale.

]

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.

application/json

Schema
Example (from schema)

Schema

error

A message describing the error

{
  "error": "JWT validation failed: JWT is expired"
}

Forbidden - Returned if the user you are running as, doesn't have access to this end-point.

application/json

Schema
Example (from schema)
403

Schema

detailCode string

Fine-grained error code providing more detail of the error.

trackingId string

Unique tracking id for the error.

messages

object[]

Generic localized reason for error

Array [

locale stringnullable

The locale for the message text, a BCP 47 language tag.

localeOrigin LocaleOrigin (string)nullable

Possible values: [DEFAULT, REQUEST, null]

text string

Actual text of the error message in the indicated locale.

]

causes

object[]

Plain-text descriptive reasons to provide additional detail to the text provided in the messages field

Array [

locale stringnullable

The locale for the message text, a BCP 47 language tag.

localeOrigin LocaleOrigin (string)nullable

Possible values: [DEFAULT, REQUEST, null]

text string

Actual text of the error message in the indicated locale.

]

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

An example of a 403 response object

{
  "detailCode": "403 Forbidden",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The server understood the request but refuses to authorize it."
    }
  ]
}

Not Found - returned if the request URL refers to a resource or object that does not exist

application/json

Schema
Example (from schema)
404

Schema

detailCode string

Fine-grained error code providing more detail of the error.

trackingId string

Unique tracking id for the error.

messages

object[]

Generic localized reason for error

Array [

locale stringnullable

The locale for the message text, a BCP 47 language tag.

localeOrigin LocaleOrigin (string)nullable

Possible values: [DEFAULT, REQUEST, null]

text string

Actual text of the error message in the indicated locale.

]

causes

object[]

Plain-text descriptive reasons to provide additional detail to the text provided in the messages field

Array [

locale stringnullable

The locale for the message text, a BCP 47 language tag.

localeOrigin LocaleOrigin (string)nullable

Possible values: [DEFAULT, REQUEST, null]

text string

Actual text of the error message in the indicated locale.

]

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

An example of a 404 response object

{
  "detailCode": "404 Not found",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The server did not find a current representation for the target resource."
    }
  ]
}

Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.

application/json

Schema
Example (from schema)

Schema

message

A message describing the error

{
  "message": " Rate Limit Exceeded "
}

Internal Server Error - Returned if there is an unexpected error.

application/json

Schema
Example (from schema)
500

Schema

detailCode string

Fine-grained error code providing more detail of the error.

trackingId string

Unique tracking id for the error.

messages

object[]

Generic localized reason for error

Array [

locale stringnullable

The locale for the message text, a BCP 47 language tag.

localeOrigin LocaleOrigin (string)nullable

Possible values: [DEFAULT, REQUEST, null]

text string

Actual text of the error message in the indicated locale.

]

causes

object[]

Plain-text descriptive reasons to provide additional detail to the text provided in the messages field

Array [

locale stringnullable

The locale for the message text, a BCP 47 language tag.

localeOrigin LocaleOrigin (string)nullable

Possible values: [DEFAULT, REQUEST, null]

text string

Actual text of the error message in the indicated locale.

]

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

An example of a 500 response object

{
  "detailCode": "500.0 Internal Fault",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "An internal fault occurred."
    }
  ]
}

Patch OAuth Client

/oauth-clients/:id

Request​

Path Parameters

Body

Responses​

Request

Responses