Jump to

• Request
• Response
• Examples

Create an OIDC server

post

/admin/oidcServers

Request

There are no request parameters for this operation.

Supported Media Types

• application/json

Request Body - application/json ()

Root Schema : schema

Type: object

Show Source

• description: string
  meant to capture record level documentation
• fabric-default-client-credentials: object fabric-default-client-credentials
  Configuration for those cases where Industries Framework has to create tokens for itself as client. This is also the case when the token is created for a user, but the WorkspaceClient of the application calling Industries Framework specifies client-identity-propagation-required being false and the provider application also specfies client-identity-propagation-required being false in the TargetInstanceConfig. This is always the case when the backend relies on role-based access only and is not interested in the frontend application's identity.
• oidc-server-api-audience: string
  the audience of the OpenID Connect API on the OIDC Server
• oidc-server-link-key: string
• oidc-server-url: string (url)
  the URL of the OpenID Connect Server
• scope: string
  the scope of the OpenID Connect API on the OIDC Server

{
    "type":"object",
    "properties":{
        "description":{
            "description":"meant to capture record level documentation\n",
            "type":"string"
        },
        "oidc-server-link-key":{
            "type":"string"
        },
        "oidc-server-url":{
            "description":"the URL of the OpenID Connect Server\n",
            "type":"string",
            "format":"url"
        },
        "oidc-server-api-audience":{
            "description":"the audience of the OpenID Connect API on the OIDC Server\n",
            "type":"string"
        },
        "scope":{
            "description":"the scope of the OpenID Connect API on the OIDC Server\n",
            "type":"string"
        },
        "fabric-default-client-credentials":{
            "description":"Configuration for those cases where Industries Framework has to create tokens for itself as client. This is also the case when the token is created for a user, but the WorkspaceClient of the application calling Industries Framework specifies client-identity-propagation-required being false and the provider application also specfies client-identity-propagation-required being false in the TargetInstanceConfig. This is always the case when the backend relies on role-based access only and is not interested in the frontend application's identity.",
            "type":"object",
            "properties":{
                "client-id":{
                    "type":"string"
                },
                "client-secret":{
                    "type":"string",
                    "description":"reference to the secret that contains the OAuth 2 client secret\n"
                },
                "signing-key":{
                    "type":"string",
                    "description":"reference to the secret that contains the RFC7523 request signing key\n"
                }
            }
        }
    }
}

Nested Schema : fabric-default-client-credentials

Type: object

Configuration for those cases where Industries Framework has to create tokens for itself as client. This is also the case when the token is created for a user, but the WorkspaceClient of the application calling Industries Framework specifies client-identity-propagation-required being false and the provider application also specfies client-identity-propagation-required being false in the TargetInstanceConfig. This is always the case when the backend relies on role-based access only and is not interested in the frontend application's identity.

Show Source

• client-id: string
• client-secret: string
  reference to the secret that contains the OAuth 2 client secret
• signing-key: string
  reference to the secret that contains the RFC7523 request signing key

{
    "description":"Configuration for those cases where Industries Framework has to create tokens for itself as client. This is also the case when the token is created for a user, but the WorkspaceClient of the application calling Industries Framework specifies client-identity-propagation-required being false and the provider application also specfies client-identity-propagation-required being false in the TargetInstanceConfig. This is always the case when the backend relies on role-based access only and is not interested in the frontend application's identity.",
    "type":"object",
    "properties":{
        "client-id":{
            "type":"string"
        },
        "client-secret":{
            "type":"string",
            "description":"reference to the secret that contains the OAuth 2 client secret\n"
        },
        "signing-key":{
            "type":"string",
            "description":"reference to the secret that contains the RFC7523 request signing key\n"
        }
    }
}

Back to Top

Response

Supported Media Types

• application/json

201 Response

Created

Body ()

Root Schema : OIDCServer

Type: object

Show Source

• description: string
  meant to capture record level documentation
• fabric-default-client-credentials:
• id: string
• oidc-server-api-audience: string
  the audience of the OpenID Connect API on the OIDC Server
• oidc-server-link-key: string
• oidc-server-url: string (url)
  the URL of the OpenID Connect Server
• scope: string
  the scope of the OpenID Connect API on the OIDC Server

{
    "type":"object",
    "properties":{
        "description":{
            "description":"meant to capture record level documentation\n",
            "type":"string"
        },
        "id":{
            "type":"string"
        },
        "oidc-server-link-key":{
            "type":"string"
        },
        "oidc-server-url":{
            "description":"the URL of the OpenID Connect Server\n",
            "type":"string",
            "format":"url"
        },
        "oidc-server-api-audience":{
            "description":"the audience of the OpenID Connect API on the OIDC Server\n",
            "type":"string"
        },
        "scope":{
            "description":"the scope of the OpenID Connect API on the OIDC Server\n",
            "type":"string"
        },
        "fabric-default-client-credentials":{
        }
    }
}

400 Response

Bad Request

Body ()

Root Schema : Error

Type: object

Used when an API throws an Error, typically with a HTTP error response-code (3xx, 4xx, 5xx)

Show Source

• @baseType: string
  When sub-classing, this defines the super-class.
• @schemaLocation: string (uri)
  A URI to a JSON-Schema file that defines additional attributes and relationships
• @type: string
  When sub-classing, this defines the sub-class entity name.
• code(required): string
  Application relevant detail, defined in the API or a common list.
• message: string
  More details and corrective actions related to the error which can be shown to a client user.
• reason(required): string
  Explanation of the reason for the error which can be shown to a client user.
• referenceError: string (uri)
  URI of documentation describing the error.
• status: string
  HTTP Error code extension

{
    "required":[
        "code",
        "reason"
    ],
    "type":"object",
    "description":"Used when an API throws an Error, typically with a HTTP error response-code (3xx, 4xx, 5xx)",
    "properties":{
        "code":{
            "type":"string",
            "description":"Application relevant detail, defined in the API or a common list."
        },
        "reason":{
            "type":"string",
            "description":"Explanation of the reason for the error which can be shown to a client user."
        },
        "message":{
            "type":"string",
            "description":"More details and corrective actions related to the error which can be shown to a client user."
        },
        "status":{
            "type":"string",
            "description":"HTTP Error code extension"
        },
        "referenceError":{
            "type":"string",
            "description":"URI of documentation describing the error.",
            "format":"uri"
        },
        "@baseType":{
            "type":"string",
            "description":"When sub-classing, this defines the super-class."
        },
        "@schemaLocation":{
            "type":"string",
            "description":"A URI to a JSON-Schema file that defines additional attributes and relationships",
            "format":"uri"
        },
        "@type":{
            "type":"string",
            "description":"When sub-classing, this defines the sub-class entity name."
        }
    }
}

401 Response

Unauthorized

Body ()

Root Schema : Error

Type: object

Used when an API throws an Error, typically with a HTTP error response-code (3xx, 4xx, 5xx)

Show Source

• @baseType: string
  When sub-classing, this defines the super-class.
• @schemaLocation: string (uri)
  A URI to a JSON-Schema file that defines additional attributes and relationships
• @type: string
  When sub-classing, this defines the sub-class entity name.
• code(required): string
  Application relevant detail, defined in the API or a common list.
• message: string
  More details and corrective actions related to the error which can be shown to a client user.
• reason(required): string
  Explanation of the reason for the error which can be shown to a client user.
• referenceError: string (uri)
  URI of documentation describing the error.
• status: string
  HTTP Error code extension

{
    "required":[
        "code",
        "reason"
    ],
    "type":"object",
    "description":"Used when an API throws an Error, typically with a HTTP error response-code (3xx, 4xx, 5xx)",
    "properties":{
        "code":{
            "type":"string",
            "description":"Application relevant detail, defined in the API or a common list."
        },
        "reason":{
            "type":"string",
            "description":"Explanation of the reason for the error which can be shown to a client user."
        },
        "message":{
            "type":"string",
            "description":"More details and corrective actions related to the error which can be shown to a client user."
        },
        "status":{
            "type":"string",
            "description":"HTTP Error code extension"
        },
        "referenceError":{
            "type":"string",
            "description":"URI of documentation describing the error.",
            "format":"uri"
        },
        "@baseType":{
            "type":"string",
            "description":"When sub-classing, this defines the super-class."
        },
        "@schemaLocation":{
            "type":"string",
            "description":"A URI to a JSON-Schema file that defines additional attributes and relationships",
            "format":"uri"
        },
        "@type":{
            "type":"string",
            "description":"When sub-classing, this defines the sub-class entity name."
        }
    }
}

403 Response

Forbidden

Body ()

Root Schema : Error

Type: object

Used when an API throws an Error, typically with a HTTP error response-code (3xx, 4xx, 5xx)

Show Source

• @baseType: string
  When sub-classing, this defines the super-class.
• @schemaLocation: string (uri)
  A URI to a JSON-Schema file that defines additional attributes and relationships
• @type: string
  When sub-classing, this defines the sub-class entity name.
• code(required): string
  Application relevant detail, defined in the API or a common list.
• message: string
  More details and corrective actions related to the error which can be shown to a client user.
• reason(required): string
  Explanation of the reason for the error which can be shown to a client user.
• referenceError: string (uri)
  URI of documentation describing the error.
• status: string
  HTTP Error code extension

{
    "required":[
        "code",
        "reason"
    ],
    "type":"object",
    "description":"Used when an API throws an Error, typically with a HTTP error response-code (3xx, 4xx, 5xx)",
    "properties":{
        "code":{
            "type":"string",
            "description":"Application relevant detail, defined in the API or a common list."
        },
        "reason":{
            "type":"string",
            "description":"Explanation of the reason for the error which can be shown to a client user."
        },
        "message":{
            "type":"string",
            "description":"More details and corrective actions related to the error which can be shown to a client user."
        },
        "status":{
            "type":"string",
            "description":"HTTP Error code extension"
        },
        "referenceError":{
            "type":"string",
            "description":"URI of documentation describing the error.",
            "format":"uri"
        },
        "@baseType":{
            "type":"string",
            "description":"When sub-classing, this defines the super-class."
        },
        "@schemaLocation":{
            "type":"string",
            "description":"A URI to a JSON-Schema file that defines additional attributes and relationships",
            "format":"uri"
        },
        "@type":{
            "type":"string",
            "description":"When sub-classing, this defines the sub-class entity name."
        }
    }
}

404 Response

Not Found

Body ()

Root Schema : Error

Type: object

Used when an API throws an Error, typically with a HTTP error response-code (3xx, 4xx, 5xx)

Show Source

• @baseType: string
  When sub-classing, this defines the super-class.
• @schemaLocation: string (uri)
  A URI to a JSON-Schema file that defines additional attributes and relationships
• @type: string
  When sub-classing, this defines the sub-class entity name.
• code(required): string
  Application relevant detail, defined in the API or a common list.
• message: string
  More details and corrective actions related to the error which can be shown to a client user.
• reason(required): string
  Explanation of the reason for the error which can be shown to a client user.
• referenceError: string (uri)
  URI of documentation describing the error.
• status: string
  HTTP Error code extension

{
    "required":[
        "code",
        "reason"
    ],
    "type":"object",
    "description":"Used when an API throws an Error, typically with a HTTP error response-code (3xx, 4xx, 5xx)",
    "properties":{
        "code":{
            "type":"string",
            "description":"Application relevant detail, defined in the API or a common list."
        },
        "reason":{
            "type":"string",
            "description":"Explanation of the reason for the error which can be shown to a client user."
        },
        "message":{
            "type":"string",
            "description":"More details and corrective actions related to the error which can be shown to a client user."
        },
        "status":{
            "type":"string",
            "description":"HTTP Error code extension"
        },
        "referenceError":{
            "type":"string",
            "description":"URI of documentation describing the error.",
            "format":"uri"
        },
        "@baseType":{
            "type":"string",
            "description":"When sub-classing, this defines the super-class."
        },
        "@schemaLocation":{
            "type":"string",
            "description":"A URI to a JSON-Schema file that defines additional attributes and relationships",
            "format":"uri"
        },
        "@type":{
            "type":"string",
            "description":"When sub-classing, this defines the sub-class entity name."
        }
    }
}

409 Response

Conflict

Body ()

Root Schema : Error

Type: object

Used when an API throws an Error, typically with a HTTP error response-code (3xx, 4xx, 5xx)

Show Source

• @baseType: string
  When sub-classing, this defines the super-class.
• @schemaLocation: string (uri)
  A URI to a JSON-Schema file that defines additional attributes and relationships
• @type: string
  When sub-classing, this defines the sub-class entity name.
• code(required): string
  Application relevant detail, defined in the API or a common list.
• message: string
  More details and corrective actions related to the error which can be shown to a client user.
• reason(required): string
  Explanation of the reason for the error which can be shown to a client user.
• referenceError: string (uri)
  URI of documentation describing the error.
• status: string
  HTTP Error code extension

{
    "required":[
        "code",
        "reason"
    ],
    "type":"object",
    "description":"Used when an API throws an Error, typically with a HTTP error response-code (3xx, 4xx, 5xx)",
    "properties":{
        "code":{
            "type":"string",
            "description":"Application relevant detail, defined in the API or a common list."
        },
        "reason":{
            "type":"string",
            "description":"Explanation of the reason for the error which can be shown to a client user."
        },
        "message":{
            "type":"string",
            "description":"More details and corrective actions related to the error which can be shown to a client user."
        },
        "status":{
            "type":"string",
            "description":"HTTP Error code extension"
        },
        "referenceError":{
            "type":"string",
            "description":"URI of documentation describing the error.",
            "format":"uri"
        },
        "@baseType":{
            "type":"string",
            "description":"When sub-classing, this defines the super-class."
        },
        "@schemaLocation":{
            "type":"string",
            "description":"A URI to a JSON-Schema file that defines additional attributes and relationships",
            "format":"uri"
        },
        "@type":{
            "type":"string",
            "description":"When sub-classing, this defines the sub-class entity name."
        }
    }
}

500 Response

Internal Server Error

Body ()

Root Schema : Error

Type: object

Used when an API throws an Error, typically with a HTTP error response-code (3xx, 4xx, 5xx)

Show Source

• @baseType: string
  When sub-classing, this defines the super-class.
• @schemaLocation: string (uri)
  A URI to a JSON-Schema file that defines additional attributes and relationships
• @type: string
  When sub-classing, this defines the sub-class entity name.
• code(required): string
  Application relevant detail, defined in the API or a common list.
• message: string
  More details and corrective actions related to the error which can be shown to a client user.
• reason(required): string
  Explanation of the reason for the error which can be shown to a client user.
• referenceError: string (uri)
  URI of documentation describing the error.
• status: string
  HTTP Error code extension

{
    "required":[
        "code",
        "reason"
    ],
    "type":"object",
    "description":"Used when an API throws an Error, typically with a HTTP error response-code (3xx, 4xx, 5xx)",
    "properties":{
        "code":{
            "type":"string",
            "description":"Application relevant detail, defined in the API or a common list."
        },
        "reason":{
            "type":"string",
            "description":"Explanation of the reason for the error which can be shown to a client user."
        },
        "message":{
            "type":"string",
            "description":"More details and corrective actions related to the error which can be shown to a client user."
        },
        "status":{
            "type":"string",
            "description":"HTTP Error code extension"
        },
        "referenceError":{
            "type":"string",
            "description":"URI of documentation describing the error.",
            "format":"uri"
        },
        "@baseType":{
            "type":"string",
            "description":"When sub-classing, this defines the super-class."
        },
        "@schemaLocation":{
            "type":"string",
            "description":"A URI to a JSON-Schema file that defines additional attributes and relationships",
            "format":"uri"
        },
        "@type":{
            "type":"string",
            "description":"When sub-classing, this defines the sub-class entity name."
        }
    }
}

Back to Top

Examples

The following example shows how to create an oidc server by submitting a POST request on the REST resource using cURL.

cURL Command

curl -H 'Authorization: Bearer <Token>' -X POST https://{FABRIC_HOST}/admin/oidcServers/ -H "Content-Type: application/json" -D @create_OIDCServers.json | json_pp

Example of Request Body

The following shows an example of the request body in JSON format.

{
    "oidc-server-link-key": "test",
    "oidc-server-url": "http://test",
    "oidc-server-api-audience": "test",
    "scope": "test",
    "fabric-client-credentials": {
      "client-id": "csdhsdkj1wenkwqdnwcsdfsd33e",
      "client-secret": "s213q-wen23e2kwe-dsfdfdefd",
      "signing-key": "2jdpwe-dksckjdcd-1dewdecw"
    }
  }

Example of Response Body

The following shows an example of the response body in JSON format.

{
    "oidc-server-url": "http://test",
    "oidc-server-api-audience": "test",
    "scope": "test",
    "id": "test",
    "oidc-server-link-key": "test",
    "fabric-client-credentials": {}
}

Back to Top