Registering a Trusted OAuth Client
To register a new trusted client from My Services, go to the OAuth Administration page, and then to the Register Client section.
- Click Register. The Register Client dialog box appears. The * indicates mandatory fields.
- In the Name field, specify the name of the client.
- In the Description field, provide explanatory information about the OAuth client.
- In the Accessible Resources field, select the API resources to which this client should have access. This corresponds with the registered resources at the bottom of the OAuth Configuration page. This is a mandatory field. Select at least one of the listed APIs. If a single API path has more than one scope defined, then the scopes are listed below the API path. You can select one or more scopes for a given API path.
- To indicate that the client is trusted, select the Trusted check box. For a trusted client, you must generate and upload a client certificate, as described in Importing an OAuth Certificate from a Key Pair. The signing algorithm must be
RS256
:RSASSA-PKCS-v1_5
using the SHA-256 hash algorithm. - Click Register.
Description of the illustration regtrustclient.png
To learn more about the different fields in a client profile for an OAuth client, see Registering Client Information in OAuth.
A portion of the prior client profile for the trusted client registered follows. The isTrusted
flag has a value of TRUE
.
<tenant>dom1</tenant>
<name>test_client_2</name>
<description>Sample trusted client</description>
<isDisabled>false</isDisabled>
<appId>948bb730-c201-43b9-9497-r54a33eb8d7f</appId>
<appSecret>948bb730-a101-43b9-9497-d3ca33eb8d7f</appSecret>
<clientType>CONFIDENTIAL_CLIENT</clientType>
<clientMetadata>
<isTrusted>TRUE</isTrusted>
<isTenantManaged>true</isTenantManaged>
</clientMetadata>
<activityData> <createdOn>06/05/2015 02:23:18 </createdOn> </activityData>
<audiences>http://www.test.com/, http://www.example.com/</audiences>