/json/realm-config/agents/OAuth2Client

Identity Cloud-specific endpoint that lets Identity Cloud and agent administrators create, list, and delete OAuth 2.0 clients.

Tip

Use the Identity Cloud API Explorer for detailed information about the parameters supported by this endpoint, and to test it against your deployed Identity Cloud instance.

In the AM Admin UI, select the Help icon, and then go to API Explorer > /realm-config > /agents > /OAuth2Client.

The following example shows how to create a basic OAuth 2.0 client named myClient in a realm named alpha. Note that you must provide the SSO token of an administrative user as a header, and that the name of the client is appended to the URL:

$ curl \
 --request PUT \
 --header "Accept-API-Version: resource=1.0" \
 --header "Content-Type: application/json" \
 --header "Accept: application/json" \
 --header "iplanetDirectoryPro: AQIC5wM...3MTYxOA..*" \
--data '{
   "coreOAuth2ClientConfig":{
      "agentgroup":"",
      "status":{
         "inherited":true,
         "value":"string"
      },
      "userpassword":"forgerock",
      "clientType":{
         "inherited":false,
         "value":"Confidential"
      },
      "redirectionUris":{
         "inherited":false,
         "value":[
            "https://www.example.com:443/callback"
         ]
      },
      "scopes":{
         "inherited":false,
         "value":[
            "write",
            "read"
         ]
      },
      "defaultScopes":{
         "inherited":true,
         "value":[
            "write"
         ]
      },
      "clientName":{
         "inherited":true,
         "value":[
            "My Test Client"
         ]
      }
   },
   "advancedOAuth2ClientConfig":{
      "name":{
         "inherited":false,
         "value":[
            null
         ]
      },
      "grantTypes":{
         "inherited":true,
         "value":[
            "authorization_code",
            "client_credentials"
         ]
      },
      "tokenEndpointAuthMethod":{
         "inherited":true,
         "value":"client_secret_basic"
      }
   }
}' \
"https://openam.example.com:8443/openam/json/realms/root/realms/alpha/realm-config/agents/OAuth2Client/testClient"
{
   "_id":"testClient",
   "_rev":"-60716879",
   "advancedOAuth2ClientConfig":{
      "descriptions":{
         "inherited":false,
         "value":[

         ]
      },

...

      "clientType":{
         "inherited":false,
         "value":"Confidential"
      },
...
      "_type":{
      "_id":"OAuth2Client",
      "name":"OAuth2 Clients",
      "collection":true
   }
}

The following example shows how to delete an OAuth 2.0 client named myClient in a realm named alpha. Note that you must provide the SSO token of an administrative user as a header, and that the name of the client is appended to the URL:

$ curl \
    --request DELETE \
    --header "Accept-API-Version: resource=1.0" \
    --header "iplanetDirectoryPro: AQIC5wM...3MTYxOA..*" \
    "https://openam.example.com:8443/openam/json/realms/root/realms/alpha/realm-config/agents/OAuth2Client/myClient"
{
   "_id":"testClient",
   "_rev":"-60716879",
   "advancedOAuth2ClientConfig":{
      "descriptions":{
         "inherited":false,
         "value":[

         ]
      },

...

      "clientType":{
         "inherited":false,
         "value":"Confidential"
      },
...
      "_type":{
      "_id":"OAuth2Client",
      "name":"OAuth2 Clients",
      "collection":true
   }
}

You can use a similar PUT command to the one above to update an existing OAuth 2.0 client. However, ensure that you include all the attributes to be retained. Omitting an attribute in the resource amounts to deleting the attribute.

Read a different version of :