To register a client application, the HTTP method value must be POST. Identity Server uses the following endpoint for registering a client application:
https://<Identity Server URL: Port Number>/nidp/oauth/nam/clients
The endpoint requires the following OAuth parameters for client registration or modification:
Parameter |
Required |
Description |
---|---|---|
client_name |
Required |
The Name of the client application |
redirect_uris |
Required |
The redirection URI values used by the client application |
application_type |
Optional |
Web or native |
response_types |
Optional |
The following list contains the supported values for response_types:
|
grant_types If you do not specify a grant type, the default grant type is used. The default value is authorization_code. |
Optional |
The following are the supported values for grant_types:
|
alwaysIssueNewRefreshToken |
Optional |
Specify true as a value to issue a new refresh token on every refresh token request. |
tokenFormat This parameter is applicable from Access Manager 4.5 Service Pack 1 onwards. |
Optional |
By default the token format is set to default. NOTE:When an administrator changes the format, the changed format will be seen only for the newly issued tokens. The following are the supported token formats:
|
authzCodeTTL |
Optional |
Specify the duration in minute, after how long the authorization code becomes invalid. |
accessTokenTTL |
Optional |
Specify the duration in minute, after how long the Access token and ID token become invalid. |
refreshTokenTTL |
Optional |
Specify the duration in minute after how long the Refresh token becomes invalid. |
corsdomains |
Optional |
If you want to allow access for requests from only selected domains. Specify the domain(s) as JSON array. For example: [“beem://www.test.com”, “fb://app.local.url”, “https://namapp.com”] |
logo_uri |
Optional |
Specify the URL of the logo that you want to include in the consent page. For example: https://client.example.org/logo.png |
policy_uri |
Optional |
URL of the Relying Party Client’s privacy policy. For example: https://client.example.org/privacypolicy |
tos_uri |
Optional |
URL of the Relying Party's terms of service. For example: https://client.example.org/terms |
contacts |
Optional |
Email addresses of people related to this client application |
jwks_uri |
Optional |
Specify the URI of the JSON file containing the json web keys. This key set contains signing keys that the relying party uses to validate signatures from the OpenID provider. For example: https://client.example.org/my_public_keys.jwks |
id_token_signed_response_alg |
Optional |
Specify the ID Token Signed Response Algorithm. This algorithm is required for signing the ID token issued to the client |
id_token_encrypted_response_alg |
Optional |
Specify the algorithm used to encrypt the key |
id_token_encrypted_response_enc |
Optional |
Specify the algorithm used to encrypt the content. |