Skip to main content

Create client

POST 
/v2/modules/:module/setups/:setupId/clients

Creates a new OAuth client within the specified setup. The request body must include all required client metadata such as redirect URIs and supported grant types. A validFrom date can be supplied to schedule the initial configuration to become active at a future point in time. On success, returns the new client's internal nevisMeta identifier (not the OAuth2 client_id).

Request

Path Parameters

    module stringrequired
    setupId stringrequired

Body

    redirect_uris uri[]required
    grant_types string[]
    scopes string[]
    response_types string[]
    contacts string[]
    metadata object[]
  • Array [
    • name string
    value string
    locale string
  • ]
    • jwks object
    keys object[]
  • Array [
    • keyStore object
    type string
    provider object
    property name* string
    private boolean
    algorithm object
    name string
    requirement string

    Possible values: [REQUIRED, RECOMMENDED, OPTIONAL]

    x509CertSHA256Thumbprint object
    keyOperations string[]

    Possible values: [sign, verify, encrypt, decrypt, wrapKey, unwrapKey, deriveKey, deriveBits]

    keyUse object
    value string
    keyRevocation object
    reason object
    value string
    revocationTime date-time
    x509CertChain object[]
    x509CertURL uri
    x509CertThumbprint object
    parsedX509CertChain object[]
  • Array [
    • signature byte[]
    basicConstraints int32
    version int32
    subjectAlternativeNames array[]
    sigAlgParams byte[]
    serialNumber integer
    notBefore date-time
    notAfter date-time
    extendedKeyUsage string[]
    subjectDN object
    name string
    issuerDN object
    name string
    tbscertificate byte[]
    sigAlgOID string
    issuerUniqueID boolean[]
    subjectUniqueID boolean[]
    issuerAlternativeNames array[]
    sigAlgName string
    keyUsage boolean[]
    issuerX500Principal object
    name string
    encoded byte[]
    subjectX500Principal object
    name string
    encoded byte[]
    nonCriticalExtensionOIDs string[]
    criticalExtensionOIDs string[]
    type string
    encoded byte[]
    publicKey object
    params object
    encoded byte[]
    format string
    algorithm string
  • ]
    • notBeforeTime date-time
    issueTime date-time
    requiredParams object
    property name* object
    keyType object
    value string
    requirement string

    Possible values: [REQUIRED, RECOMMENDED, OPTIONAL]

    keyID string
    expirationTime date-time
  • ]
    • empty boolean
    additionalMembers object
    property name* object
    name string
    owner string
    comment string
    notSentGrantType boolean
    valid_from date-time
    client_id string
    client_secret string
    client_uri string
    confidentiality_type string
    pkce_mode string
    force_reauthentication boolean
    access_token_ttl integer
    refresh_token_ttl integer
    id_token_ttl integer
    persisted_consent_ttl integer
    jwks_uri uri
    logo_uri uri
    tos_uri uri
    policy_uri uri
    token_endpoint_auth_method string
    require_pushed_authorization_requests boolean
    id_token_signed_response_alg string

    Possible values: [RS256, RS384, RS512, ES256, ES256K, ES384, ES512]

    id_token_encrypted_response_alg string

    Possible values: [RSA1_5, RSA-OAEP, RSA-OAEP-256, RSA-OAEP-384, RSA-OAEP-512, ECDH-ES, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, none]

    id_token_encrypted_response_enc string

    Possible values: [A128CBC-HS256, A192CBC-HS384, A256CBC-HS512, A128GCM, A192GCM, A256GCM, none]

Responses

The client was created successfully; the response contains the new client's internal nevisMeta ID (not the OAuth client_id)

Schema
    clientId string
Loading...
Last updated on