35.2.3 Creating a Client

A Client is an application making protected resource requests on behalf of the resource owner and with the resource owner's authorization.

The important parameters used in the curl command to create a client are:

• Name: Name of the client

• idDomain: Name of the identityDomain under which the client is created

• secret: Client secret incase of a CONFIDENTIAL_CLIENT

• clientType: Type of client. Supported values - CONFIDENTIAL_CLIENT, PUBLIC_CLIENT, MOBILE_CLIENT

• redirectURIs: List of redirectURIs configured for the client

• attributes: List of custom attributes configured for the client

• grantTypes: List of allowed grant types. Allowed values - PASSWORD, CLIENT_CREDENTIALS, JWT_BEARER, REFRESH_TOKEN, AUTHORIZATION_CODE

• Scopes: List of scopes that the client can request access to.

  • scopeName - Name of the scope. This is referred to by the <ResourceServerName>.<ScopeName>

• defaultScope - This is the default scope that the access token is generated with, If no scope is specified during the Runtime Flows.

Endpoint for CRUD operations:

http:<AdminServerHost:Port>/oam/services/rest/ssa/api/v1/oauthpolicyadmin/client

Note:

Use Content-Type:application/json in the REST API HTTP request. 

1. A sample curl command to create a client using scopes is shown below.

   {"attributes":[{"attrName":"customeAttr1","attrValue":"CustomValue","attrType":"static"}],"secret":"welcome1","id":"TestClient","scopes":["ResServer1.scope1"],"clientType":"CONFIDENTIAL_CLIENT","idDomain":"TestDomain1","description":"Client Description","name":"TestClient","grantTypes":["PASSWORD","CLIENT_CREDENTIALS","JWT_BEARER","REFRESH_TOKEN","AUTHORIZATION_CODE"],"defaultScope":"ResServer1.scope1","redirectURIs":[{"url":"http://localhost:8080/Sample.jsp","isHttps":true}]}

   For more information on OAuth REST APIs, See REST API for OAuth in Oracle Access Manager.