Amster

LinkedInClient

Realm Operations

Resource path:

/realm-config/services/SocialIdentityProviders/linkedInConfig

Resource version: 1.0

create

Usage

am> create LinkedInClient --realm Realm --id id --body body

Parameters

--id

The unique identifier for the resource.

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "pkceMethod" : {
      "title" : "PKCE Method",
      "description" : "The PKCE transformation method to use when making requests to the authorization endpoint.",
      "propertyOrder" : 1100,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "jwtEncryptionAlgorithm" : {
      "title" : "JWT Encryption Algorithm",
      "description" : "The encryption algorithm to use when encrypting the client assertion and request object jwt sent to social provider.",
      "propertyOrder" : 2000,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "responseMode" : {
      "title" : "Response Mode",
      "description" : "Informs the Authorization Server of the mechanism to use for returning Authorization Response parameters.",
      "propertyOrder" : 2500,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "emailAddressEndpoint" : {
      "title" : "Email Address Endpoint",
      "description" : "The endpoint for retrieving the email address.",
      "propertyOrder" : 1200,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "jwtEncryptionMethod" : {
      "title" : "JWT Encryption Method",
      "description" : "The encryption method to use when encrypting the client assertion and request object jwt sent to social provider.",
      "propertyOrder" : 2100,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "enabled" : {
      "title" : "Enabled",
      "description" : "",
      "propertyOrder" : 1,
      "required" : true,
      "type" : "boolean",
      "exampleValue" : ""
    },
    "privateKeyJwtExpTime" : {
      "title" : "Private Key JWT Expiration Time (seconds)",
      "description" : "The expiration time on or after which the private key JWT must not be accepted for processing.",
      "propertyOrder" : 2200,
      "required" : true,
      "type" : "integer",
      "exampleValue" : ""
    },
    "scopeDelimiter" : {
      "title" : "Scope Delimiter",
      "description" : "The delimiter used by an auth server to separate scopes.",
      "propertyOrder" : 800,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "jwtSigningAlgorithm" : {
      "title" : "JWT Signing Algorithm",
      "description" : "The signing algorithm to use when signing the client assertion and request object jwt sent to social provider.",
      "propertyOrder" : 1900,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "tokenEndpoint" : {
      "title" : "Access Token Endpoint URL",
      "description" : "OAuth access token endpoint URL This is the URL endpoint for access token retrieval provided by the OAuth Identity Provider.Refer to the RFC 6749 (http://tools.ietf.org/html/rfc6749#section-3.2), section 3.2.",
      "propertyOrder" : 500,
      "required" : true,
      "type" : "string",
      "exampleValue" : "https://www.linkedin.com/oauth/v2/accessToken"
    },
    "userInfoEndpoint" : {
      "title" : "User Profile Service URL",
      "description" : "User profile information URL <p> This URL endpoint provides user profile information and is provided by the OAuth Identity Provider NB This URL should return JSON objects in response.",
      "propertyOrder" : 600,
      "required" : true,
      "type" : "string",
      "exampleValue" : "https://api.linkedin.com/v2/me?projection=(id,firstName,lastName,profilePicture)"
    },
    "clientSecret" : {
      "title" : "Client Secret",
      "description" : "OAuth client_secret parameter <p>For more information on the OAuth client_id parameter refer to the RFC 6749 (http://tools.ietf.org/html/rfc6749#section-2.3.1), section 2.3.1.",
      "propertyOrder" : 300,
      "required" : false,
      "type" : "string",
      "format" : "password",
      "exampleValue" : ""
    },
    "authenticationIdKey" : {
      "title" : "Auth ID Key",
      "description" : "Field used to identify a user by the social provider.",
      "propertyOrder" : 100,
      "required" : true,
      "type" : "string",
      "exampleValue" : "id"
    },
    "redirectURI" : {
      "title" : "Redirect URL",
      "description" : "",
      "propertyOrder" : 700,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "jwksUriEndpoint" : {
      "title" : "JWKS URI Endpoint",
      "description" : "The JWKS URL endpoint for the RP to use when encrypting or validating",
      "propertyOrder" : 1800,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "transform" : {
      "title" : "Transform Script",
      "description" : "A script that takes the raw profile object as input and outputs the normalized profile object.",
      "propertyOrder" : 10000,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "redirectAfterFormPostURI" : {
      "title" : "Redirect after form post URL",
      "description" : "Specify URL to redirect the form post parameters to.",
      "propertyOrder" : 710,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "introspectEndpoint" : {
      "title" : "Token Introspection Endpoint URL",
      "description" : "OAuth Token Introspection endpoint URL This is the URL endpoint for access token validation using the OAuth Identity Provider.Refer to the RFC 7662 (http://tools.ietf.org/html/rfc7662).",
      "propertyOrder" : 650,
      "required" : true,
      "type" : "string",
      "exampleValue" : "https://www.linkedin.com/oauth/v2/introspectToken"
    },
    "authorizationEndpoint" : {
      "title" : "Authentication Endpoint URL",
      "description" : "OAuth authentication endpoint URL <p> This is the URL endpoint for OAuth authentication provided by the OAuth Identity Provider.",
      "propertyOrder" : 400,
      "required" : true,
      "type" : "string",
      "exampleValue" : "https://www.linkedin.com/oauth/v2/authorization"
    },
    "uiConfig" : {
      "title" : "UI Config Properties",
      "description" : "Mapping of display properties to be defined and consumed by the UI.",
      "propertyOrder" : 9999,
      "required" : true,
      "patternProperties" : {
        ".*" : {
          "type" : "string"
        }
      },
      "type" : "object",
      "exampleValue" : ""
    },
    "clientId" : {
      "title" : "Client ID",
      "description" : "OAuth client_id parameter<p> For more information on the OAuth client_id parameter refer to the RFC 6749 (http://tools.ietf.org/html/rfc6749#section-2.3.1), section 2.3.1.",
      "propertyOrder" : 200,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "scopes" : {
      "title" : "OAuth Scopes",
      "description" : "List of user profile properties<p>According to the OAuth 2.0 Authorization Framework that the client application requires. The list depends on the permissions that the resource owner grants to the client application. Some authorization servers use non-standard separators for scopes.",
      "propertyOrder" : 900,
      "required" : true,
      "items" : {
        "type" : "string"
      },
      "minItems" : 1,
      "type" : "array",
      "exampleValue" : "r_liteprofile, r_emailaddress"
    },
    "clientAuthenticationMethod" : {
      "title" : "Client Authentication Method",
      "description" : "Field used to define how the client would be identified by the social provider.",
      "propertyOrder" : 1000,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    }
  }
}

delete

Usage

am> delete LinkedInClient --realm Realm --id id

Parameters

--id

The unique identifier for the resource.

getAllTypes

Obtain the collection of all secondary configuration types related to the resource.

Usage

am> action LinkedInClient --realm Realm --actionName getAllTypes

getCreatableTypes

Obtain the collection of secondary configuration types that have yet to be added to the resource.

Usage

am> action LinkedInClient --realm Realm --actionName getCreatableTypes

nextdescendents

Obtain the collection of secondary configuration instances that have been added to the resource.

Usage

am> action LinkedInClient --realm Realm --actionName nextdescendents

query

Get the full list of instances of this collection. This query only supports _queryFilter=true filter.

Usage

am> query LinkedInClient --realm Realm --filter filter

Parameters

--filter

A CREST formatted query filter, where "true" will query all.

read

Usage

am> read LinkedInClient --realm Realm --id id

Parameters

--id

The unique identifier for the resource.

update

Usage

am> update LinkedInClient --realm Realm --id id --body body

Parameters

--id

The unique identifier for the resource.

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "pkceMethod" : {
      "title" : "PKCE Method",
      "description" : "The PKCE transformation method to use when making requests to the authorization endpoint.",
      "propertyOrder" : 1100,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "jwtEncryptionAlgorithm" : {
      "title" : "JWT Encryption Algorithm",
      "description" : "The encryption algorithm to use when encrypting the client assertion and request object jwt sent to social provider.",
      "propertyOrder" : 2000,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "responseMode" : {
      "title" : "Response Mode",
      "description" : "Informs the Authorization Server of the mechanism to use for returning Authorization Response parameters.",
      "propertyOrder" : 2500,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "emailAddressEndpoint" : {
      "title" : "Email Address Endpoint",
      "description" : "The endpoint for retrieving the email address.",
      "propertyOrder" : 1200,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "jwtEncryptionMethod" : {
      "title" : "JWT Encryption Method",
      "description" : "The encryption method to use when encrypting the client assertion and request object jwt sent to social provider.",
      "propertyOrder" : 2100,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "enabled" : {
      "title" : "Enabled",
      "description" : "",
      "propertyOrder" : 1,
      "required" : true,
      "type" : "boolean",
      "exampleValue" : ""
    },
    "privateKeyJwtExpTime" : {
      "title" : "Private Key JWT Expiration Time (seconds)",
      "description" : "The expiration time on or after which the private key JWT must not be accepted for processing.",
      "propertyOrder" : 2200,
      "required" : true,
      "type" : "integer",
      "exampleValue" : ""
    },
    "scopeDelimiter" : {
      "title" : "Scope Delimiter",
      "description" : "The delimiter used by an auth server to separate scopes.",
      "propertyOrder" : 800,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "jwtSigningAlgorithm" : {
      "title" : "JWT Signing Algorithm",
      "description" : "The signing algorithm to use when signing the client assertion and request object jwt sent to social provider.",
      "propertyOrder" : 1900,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "tokenEndpoint" : {
      "title" : "Access Token Endpoint URL",
      "description" : "OAuth access token endpoint URL This is the URL endpoint for access token retrieval provided by the OAuth Identity Provider.Refer to the RFC 6749 (http://tools.ietf.org/html/rfc6749#section-3.2), section 3.2.",
      "propertyOrder" : 500,
      "required" : true,
      "type" : "string",
      "exampleValue" : "https://www.linkedin.com/oauth/v2/accessToken"
    },
    "userInfoEndpoint" : {
      "title" : "User Profile Service URL",
      "description" : "User profile information URL <p> This URL endpoint provides user profile information and is provided by the OAuth Identity Provider NB This URL should return JSON objects in response.",
      "propertyOrder" : 600,
      "required" : true,
      "type" : "string",
      "exampleValue" : "https://api.linkedin.com/v2/me?projection=(id,firstName,lastName,profilePicture)"
    },
    "clientSecret" : {
      "title" : "Client Secret",
      "description" : "OAuth client_secret parameter <p>For more information on the OAuth client_id parameter refer to the RFC 6749 (http://tools.ietf.org/html/rfc6749#section-2.3.1), section 2.3.1.",
      "propertyOrder" : 300,
      "required" : false,
      "type" : "string",
      "format" : "password",
      "exampleValue" : ""
    },
    "authenticationIdKey" : {
      "title" : "Auth ID Key",
      "description" : "Field used to identify a user by the social provider.",
      "propertyOrder" : 100,
      "required" : true,
      "type" : "string",
      "exampleValue" : "id"
    },
    "redirectURI" : {
      "title" : "Redirect URL",
      "description" : "",
      "propertyOrder" : 700,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "jwksUriEndpoint" : {
      "title" : "JWKS URI Endpoint",
      "description" : "The JWKS URL endpoint for the RP to use when encrypting or validating",
      "propertyOrder" : 1800,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "transform" : {
      "title" : "Transform Script",
      "description" : "A script that takes the raw profile object as input and outputs the normalized profile object.",
      "propertyOrder" : 10000,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "redirectAfterFormPostURI" : {
      "title" : "Redirect after form post URL",
      "description" : "Specify URL to redirect the form post parameters to.",
      "propertyOrder" : 710,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "introspectEndpoint" : {
      "title" : "Token Introspection Endpoint URL",
      "description" : "OAuth Token Introspection endpoint URL This is the URL endpoint for access token validation using the OAuth Identity Provider.Refer to the RFC 7662 (http://tools.ietf.org/html/rfc7662).",
      "propertyOrder" : 650,
      "required" : true,
      "type" : "string",
      "exampleValue" : "https://www.linkedin.com/oauth/v2/introspectToken"
    },
    "authorizationEndpoint" : {
      "title" : "Authentication Endpoint URL",
      "description" : "OAuth authentication endpoint URL <p> This is the URL endpoint for OAuth authentication provided by the OAuth Identity Provider.",
      "propertyOrder" : 400,
      "required" : true,
      "type" : "string",
      "exampleValue" : "https://www.linkedin.com/oauth/v2/authorization"
    },
    "uiConfig" : {
      "title" : "UI Config Properties",
      "description" : "Mapping of display properties to be defined and consumed by the UI.",
      "propertyOrder" : 9999,
      "required" : true,
      "patternProperties" : {
        ".*" : {
          "type" : "string"
        }
      },
      "type" : "object",
      "exampleValue" : ""
    },
    "clientId" : {
      "title" : "Client ID",
      "description" : "OAuth client_id parameter<p> For more information on the OAuth client_id parameter refer to the RFC 6749 (http://tools.ietf.org/html/rfc6749#section-2.3.1), section 2.3.1.",
      "propertyOrder" : 200,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "scopes" : {
      "title" : "OAuth Scopes",
      "description" : "List of user profile properties<p>According to the OAuth 2.0 Authorization Framework that the client application requires. The list depends on the permissions that the resource owner grants to the client application. Some authorization servers use non-standard separators for scopes.",
      "propertyOrder" : 900,
      "required" : true,
      "items" : {
        "type" : "string"
      },
      "minItems" : 1,
      "type" : "array",
      "exampleValue" : "r_liteprofile, r_emailaddress"
    },
    "clientAuthenticationMethod" : {
      "title" : "Client Authentication Method",
      "description" : "Field used to define how the client would be identified by the social provider.",
      "propertyOrder" : 1000,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    }
  }
}
Copyright © 2010-2024 ForgeRock, all rights reserved.