Update an existing OAuth Client based on the name of the client.
put
/oam/services/rest/ssa/api/v1/oauthpolicyadmin/client
Request
Supported Media Types
- application/json
- application/xml
Query Parameters
-
name(required): string
Name of the Client
Client that needs to be modified
Root Schema : Client
Type:
Show Source
object
-
accessTokenCustomClaims:
array accessTokenCustomClaims
-
attributes:
array attributes
-
clientType:
string
Allowed Values:
[ "CONFIDENTIAL_CLIENT", "PUBLIC_CLIENT", "MOBILE_CLIENT" ]
Type of the client -
defaultScope:
string
Mandatory scope which is the default scope returned in the token
-
description:
string
-
grantTypes:
array grantTypes
-
id:
string
ClientID for the client. Will be auto generated if not specified
-
idDomain:
string
Name of the Identity Domain under which the Client exists
-
idTokenCustomClaims:
array idTokenCustomClaims
-
issueTLSClientCertificateBoundAccessTokens:
string
Tokens should be bound to certificate or not true/false
-
name(required):
string
Name of the Client
-
oldSecretRetentionTimeInDays:
integer
Specifies the rollover period for previous client secret to continue working. The previous client secret is assigned when a client secret is changed.
-
redirectURIs:
array redirectURIs
-
scopes:
array scopes
-
secret:
string
Password for the client if confidential
-
tlsClientAuthSANDNS:
string
Certificate SAN DNS value to be matched for the client.
-
tlsClientAuthSANEmail:
string
Certificate SAN email value to be matched for the client.
-
tlsClientAuthSANIP:
string
Certificate SAN IP value to be matched for the client.
-
tlsClientAuthSANURI:
string
Certificate SAN URI value to be matched for the client.
-
tlsClientAuthSubjectDN:
string
Certificate subject value to be matched for the client.
-
tokenEndpointAuthMethod:
string
Allowed Values:
[ "tls_client_auth", "self_signed_tls_client_auth", "private_key_jwt", "client_secret_basic" ]
Client Authentication method supported by the client. If "tls_client_auth" or "self_signed_tls_client_auth" is specified then one of the "tlsClientAuthSubjectDN","tlsClientAuthSANDNS","tlsClientAuthSANURI","tlsClientAuthSANIP","tlsClientAuthSANIP","tlsClientAuthSANEmail" property is required. -
usePKCE:
string
Allowed Values:
[ "NON_STRICT", "STRICT" ]
Optional parameter to enable PKCE for this client. If not specified, default will be null. -
userInfoCustomClaims:
array userInfoCustomClaims
Nested Schema : accessTokenCustomClaims
Type:
Show Source
array
-
Array of:
string
Represents a list of claims that must be included in the Access Token in addition to other claims that are being requested via scope or other configurations
Nested Schema : attributes
Type:
Show Source
array
-
Array of:
object TokenAttributeSettings
Custom attributes that can be added to the Access Token
Nested Schema : grantTypes
Type:
Show Source
array
-
Array of:
string
Allowed Values:
[ "PASSWORD", "REFRESH_TOKEN", "JWT_BEARER", "CLIENT_CREDENTIALS", "AUTHORIZATION_CODE" ]
Nested Schema : idTokenCustomClaims
Type:
Show Source
array
-
Array of:
string
Represents a list of claims that must be included in the Identity Token in addition to other claims that are being requested via scope or other configurations
Nested Schema : userInfoCustomClaims
Type:
Show Source
array
-
Array of:
string
Represents a list of claims that must be included in the User Info response in addition to other claims that are being requested via scope or other configurations
Nested Schema : TokenAttributeSettings
Type:
object
Custom attributes that can be added to the Access Token
Show Source
-
attrName(required):
string
Name of the custom attribute
-
attrType(required):
string
Allowed Values:
[ "STATIC", "DYNAMIC" ]
Type of the Attribute -
attrValue(required):
string
Value of the custom attribute. This could be a static value or a dynamic one that is evaluated and substituted.
Nested Schema : RedirectURI
Type:
Show Source
object
-
isHttps:
boolean
Default Value:
true
-
url(required):
string
Redirect URL
Nested Schema : ScopeSettings
Type:
Show Source
object
-
scopeName(required):
string
Name of the scope
Response
Supported Media Types
- application/json
200 Response
Sucessfully modified entity - OAuthClient, detail
Root Schema : Client
Type:
Show Source
object
-
accessTokenCustomClaims:
array accessTokenCustomClaims
-
attributes:
array attributes
-
clientType:
string
Allowed Values:
[ "CONFIDENTIAL_CLIENT", "PUBLIC_CLIENT", "MOBILE_CLIENT" ]
Type of the client -
defaultScope:
string
Mandatory scope which is the default scope returned in the token
-
description:
string
-
grantTypes:
array grantTypes
-
id:
string
ClientID for the client. Will be auto generated if not specified
-
idDomain:
string
Name of the Identity Domain under which the Client exists
-
idTokenCustomClaims:
array idTokenCustomClaims
-
issueTLSClientCertificateBoundAccessTokens:
string
Tokens should be bound to certificate or not true/false
-
name(required):
string
Name of the Client
-
oldSecretRetentionTimeInDays:
integer
Specifies the rollover period for previous client secret to continue working. The previous client secret is assigned when a client secret is changed.
-
redirectURIs:
array redirectURIs
-
scopes:
array scopes
-
secret:
string
Password for the client if confidential
-
tlsClientAuthSANDNS:
string
Certificate SAN DNS value to be matched for the client.
-
tlsClientAuthSANEmail:
string
Certificate SAN email value to be matched for the client.
-
tlsClientAuthSANIP:
string
Certificate SAN IP value to be matched for the client.
-
tlsClientAuthSANURI:
string
Certificate SAN URI value to be matched for the client.
-
tlsClientAuthSubjectDN:
string
Certificate subject value to be matched for the client.
-
tokenEndpointAuthMethod:
string
Allowed Values:
[ "tls_client_auth", "self_signed_tls_client_auth", "private_key_jwt", "client_secret_basic" ]
Client Authentication method supported by the client. If "tls_client_auth" or "self_signed_tls_client_auth" is specified then one of the "tlsClientAuthSubjectDN","tlsClientAuthSANDNS","tlsClientAuthSANURI","tlsClientAuthSANIP","tlsClientAuthSANIP","tlsClientAuthSANEmail" property is required. -
usePKCE:
string
Allowed Values:
[ "NON_STRICT", "STRICT" ]
Optional parameter to enable PKCE for this client. If not specified, default will be null. -
userInfoCustomClaims:
array userInfoCustomClaims
Nested Schema : accessTokenCustomClaims
Type:
Show Source
array
-
Array of:
string
Represents a list of claims that must be included in the Access Token in addition to other claims that are being requested via scope or other configurations
Nested Schema : attributes
Type:
Show Source
array
-
Array of:
object TokenAttributeSettings
Custom attributes that can be added to the Access Token
Nested Schema : grantTypes
Type:
Show Source
array
-
Array of:
string
Allowed Values:
[ "PASSWORD", "REFRESH_TOKEN", "JWT_BEARER", "CLIENT_CREDENTIALS", "AUTHORIZATION_CODE" ]
Nested Schema : idTokenCustomClaims
Type:
Show Source
array
-
Array of:
string
Represents a list of claims that must be included in the Identity Token in addition to other claims that are being requested via scope or other configurations
Nested Schema : userInfoCustomClaims
Type:
Show Source
array
-
Array of:
string
Represents a list of claims that must be included in the User Info response in addition to other claims that are being requested via scope or other configurations
Nested Schema : TokenAttributeSettings
Type:
object
Custom attributes that can be added to the Access Token
Show Source
-
attrName(required):
string
Name of the custom attribute
-
attrType(required):
string
Allowed Values:
[ "STATIC", "DYNAMIC" ]
Type of the Attribute -
attrValue(required):
string
Value of the custom attribute. This could be a static value or a dynamic one that is evaluated and substituted.
Nested Schema : RedirectURI
Type:
Show Source
object
-
isHttps:
boolean
Default Value:
true
-
url(required):
string
Redirect URL
Nested Schema : ScopeSettings
Type:
Show Source
object
-
scopeName(required):
string
Name of the scope
422 Response
Failed to update OAuth entity "Client" - name "NameofClient"