Find OAuth Client by name or ID
get
/oam/services/rest/ssa/api/v1/oauthpolicyadmin/client
Returns an OAuth Client. The search can be done either with the name or the ID of the Client. Only one of the query parameters needs to be specified.
Request
Supported Media Types
- application/json
- application/x-www-form-urlencoded
Query Parameters
-
id(required): string
ClientID of the client
-
identityDomainName(required): string
Name of the Identity Domain under which the Client exits
-
name(required): string
Name of the Client
Response
Supported Media Types
- application/json
200 Response
Sucessfully retrieved entity - OAuthClient, detail
Root Schema : Client
Type:
Show Source
object
-
accessTokenCustomClaims:
array accessTokenCustomClaims
-
attributes:
array attributes
-
clientType:
string
Allowed Values:
[ "CONFIDENTIAL_CLIENT", "PUBLIC_CLIENT", "MOBILE_CLIENT" ]
Type of the client -
defaultScope:
string
Mandatory scope which is the default scope returned in the token
-
description:
string
-
grantTypes:
array grantTypes
-
id:
string
ClientID for the client. Will be auto generated if not specified
-
idDomain:
string
Name of the Identity Domain under which the Client exists
-
idTokenCustomClaims:
array idTokenCustomClaims
-
issueTLSClientCertificateBoundAccessTokens:
string
Tokens should be bound to certificate or not true/false
-
name(required):
string
Name of the Client
-
oldSecretRetentionTimeInDays:
integer
Specifies the rollover period for previous client secret to continue working. The previous client secret is assigned when a client secret is changed.
-
redirectURIs:
array redirectURIs
-
scopes:
array scopes
-
secret:
string
Password for the client if confidential
-
tlsClientAuthSANDNS:
string
Certificate SAN DNS value to be matched for the client.
-
tlsClientAuthSANEmail:
string
Certificate SAN email value to be matched for the client.
-
tlsClientAuthSANIP:
string
Certificate SAN IP value to be matched for the client.
-
tlsClientAuthSANURI:
string
Certificate SAN URI value to be matched for the client.
-
tlsClientAuthSubjectDN:
string
Certificate subject value to be matched for the client.
-
tokenEndpointAuthMethod:
string
Allowed Values:
[ "tls_client_auth", "self_signed_tls_client_auth", "private_key_jwt", "client_secret_basic" ]
Client Authentication method supported by the client. If "tls_client_auth" or "self_signed_tls_client_auth" is specified then one of the "tlsClientAuthSubjectDN","tlsClientAuthSANDNS","tlsClientAuthSANURI","tlsClientAuthSANIP","tlsClientAuthSANIP","tlsClientAuthSANEmail" property is required. -
usePKCE:
string
Allowed Values:
[ "NON_STRICT", "STRICT" ]
Optional parameter to enable PKCE for this client. If not specified, default will be null. -
userInfoCustomClaims:
array userInfoCustomClaims
Nested Schema : accessTokenCustomClaims
Type:
Show Source
array
-
Array of:
string
Represents a list of claims that must be included in the Access Token in addition to other claims that are being requested via scope or other configurations
Nested Schema : attributes
Type:
Show Source
array
-
Array of:
object TokenAttributeSettings
Custom attributes that can be added to the Access Token
Nested Schema : grantTypes
Type:
Show Source
array
-
Array of:
string
Allowed Values:
[ "PASSWORD", "REFRESH_TOKEN", "JWT_BEARER", "CLIENT_CREDENTIALS", "AUTHORIZATION_CODE" ]
Nested Schema : idTokenCustomClaims
Type:
Show Source
array
-
Array of:
string
Represents a list of claims that must be included in the Identity Token in addition to other claims that are being requested via scope or other configurations
Nested Schema : userInfoCustomClaims
Type:
Show Source
array
-
Array of:
string
Represents a list of claims that must be included in the User Info response in addition to other claims that are being requested via scope or other configurations
Nested Schema : TokenAttributeSettings
Type:
object
Custom attributes that can be added to the Access Token
Show Source
-
attrName(required):
string
Name of the custom attribute
-
attrType(required):
string
Allowed Values:
[ "STATIC", "DYNAMIC" ]
Type of the Attribute -
attrValue(required):
string
Value of the custom attribute. This could be a static value or a dynamic one that is evaluated and substituted.
Nested Schema : RedirectURI
Type:
Show Source
object
-
isHttps:
boolean
Default Value:
true
-
url(required):
string
Redirect URL
Nested Schema : ScopeSettings
Type:
Show Source
object
-
scopeName(required):
string
Name of the scope
422 Response
Failed to retrive OAuth entity "Client" - name "NameofClient"