Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »


Universal Controller supports the following RESTful-based web services for OAuth Single Sign-On Settings, which are listed alphabetically on this page.

  • Read OAuth Single Sign-On Settings

  • Update OAuth Single Sign-On Settings

Formatting specifications for each web service, including details about parameter requirements, are provided.

Read OAuth Single Sign-On Settings


Description

URI

http://host_name/uc/resources/oauthsettings

HTTP Method

PUT

Description

Update the OAuth Single Sign-On Settings.

Example URI

http://localhost:8080/uc/resources/oauthsettings

Authentication

Required

Produces Content-Type

text/plain

Consumes Content-Type

application/xml, application/json

Example Responses

  • Status 200

    • Successfully updated the OAuth Single Sign-On Settings with id 78c1fcdd9df446fb82c0bd74bfb0697e.

Read OAuth Single Sign-On Settings: XML and JSON Responses

XMLJSON
 Click here to expand...
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<oauthSettings exportReleaseLevel="7.7.0.0" exportTable="ops_oauth_settings">
    <attrActive />
    <attrDepartment />
    <attrEmail>email</attrEmail>
    <attrFirstName>given_name</attrFirstName>
    <attrGroups>groups</attrGroups>
    <attrHomePhone />
    <attrLastName>family_name</attrLastName>
    <attrManager />
    <attrMiddleName />
    <attrMobilePhone />
    <attrPhone />
    <attrTitle />
    <clientId>0oa22oyww...NIS0h8</clientId>
    <clusterBaseRedirectUrls>
        <clusterBaseRedirectUrl>
            <baseRedirectUrl>http://example.com:8080/uc</baseRedirectUrl>
            <clusterNode>example.com:8080-uc</clusterNode>
        </clusterBaseRedirectUrl>
    </clusterBaseRedirectUrls>
    <issuerUri>https://{accountId}.oktapreview.com/oauth2/default</issuerUri>
    <jwtAudienceClaimValue>api://default</jwtAudienceClaimValue>
    <jwtJwkSetUri />
    <opaqueIntrospectionUri />
    <pkce>true</pkce>
    <scopes>
        <scope>openid</scope>
        <scope>profile</scope>
        <scope>email</scope>
    </scopes>
    <selfServiceClientId>0oa22oz08...9O50h8</selfServiceClientId>
    <singleSignOn>true</singleSignOn>
    <sysId>78c1fcdd9df446fb82c0bd74bfb0697e</sysId>
    <tokenValidation>JWT</tokenValidation>
    <userNameClaimName>uc_username</userNameClaimName>
    <userProvisioning>
        <userProvisioningOption>Web Browser Access</userProvisioningOption>
        <userProvisioningOption>Web Service Access</userProvisioningOption>
    </userProvisioning>
</oauthSettings>
 Click here to expand...
{
    "attrActive": null,
    "attrDepartment": null,
    "attrEmail": "email",
    "attrFirstName": "given_name",
    "attrGroups": "groups",
    "attrHomePhone": null,
    "attrLastName": "family_name",
    "attrManager": null,
    "attrMiddleName": null,
    "attrMobilePhone": null,
    "attrPhone": null,
    "attrTitle": null,
    "clientId": "0oa22oyww...NIS0h8",
    "clusterBaseRedirectUrls": [
        {
            "baseRedirectUrl": "http://example.com:8080/uc",
            "clusterNode": "example.com:8080-uc"
        }
    ],
    "exportReleaseLevel": "7.7.0.0",
    "exportTable": "ops_oauth_settings",
    "issuerUri": "https://{accountId}.oktapreview.com/oauth2/default",
    "jwtAudienceClaimValue": "api://default",
    "jwtJwkSetUri": null,
    "opaqueIntrospectionUri": "https://{accountId}.oktapreview.com/oauth2/default",
    "pkce": true,
    "scopes": [
        "openid",
        "profile",
        "email"
    ],
    "selfServiceClientId": "0oa22oz08...9O50h8",
    "singleSignOn": true,
    "sysId": "78c1fcdd9df446fb82c0bd74bfb0697e",
    "tokenValidation": "JWT",
    "userNameClaimName": "uc_username",
    "userProvisioning": [
        "Web Browser Access",
        "Web Service Access"
    ]
}

Update OAuth Single Sign-On Settings


Description

URI

http://host_name/uc/resources/oauthsettings

HTTP Method

PUT

Description

Update the OAuth Single Sign-On Settings.

Example URI

http://localhost:8080/uc/resources/oauthsettings

Authentication

Required

Produces Content-Type

text/plain

Consumes Content-Type

application/xml, application/json

Example Responses

  • Status 200

    • Successfully updated the OAuth Single Sign-On Settings with id 78c1fcdd9df446fb82c0bd74bfb0697e.

Update OAuth Single Sign-On Settings: Payload Properties

PropertyUI Field NameDescriptionSpecificationsRequired

singleSignOn

OAuth Single Sign-On

If true, turns on OAuth Single Sign-On.



If false,  turns off OAuth Single Sign-On.

Boolean; Valid values: true/false. Default is false.

N

userProvisioning

User Provisioning



N

issuerUri

Issuer URI


Must be a valid URL beginning with http://, or https:// and contain no spaces.

Y

(if singleSignOn is true)

clientId

Client Id



Y

(if singleSignOn is true)

clientSecret

Client Secret


The clientSecret is not returned in the GET response payload.

Y

(if singleSignOn is true)

scopes

Scopes


XML

JSON

N

userNameClaimName

User Id (Username) Claim Name



N

pkce

Proof Key for Code Exchange (PKCE)


Boolean; Valid values: true/false. Default is false.

N

clusterBaseRedirectUrls

Cluster Node Base Redirect URLs



N

tokenValidation

OAuth Bearer Token Validation


Valid values (case-insensitive):

  • As String = None, As Value = 0 (Default)

  • As String = Opaque Token, As Value = 1

  • As String = JWT, As Value = 2

N

opaqueIntrospectionUri

Introspection URI


Must be a valid URL beginning with http://, or https:// and contain no spaces.

Y

(if singleSignOn is true and tokenValidation is Opaque Token)

jwtJwkSetUri

JWK Set URI


Must be a valid URL beginning with http://, or https:// and contain no spaces.

N

jwtAudienceClaimValue

Audience Claim Value



N

attrFirstName

First Name



Y

(if singleSignOn is true and userProvisioning is true)

attrMiddleName

Middle Name



N

attrLastName

Last Name



N

attrEmail

Email



N

attrTitle

Title



N

attrDepartment

Department



N

attrManager

Manager



N

attrBusinessPhone

Business Phone



N

attrMobilePhone

Mobile Phone



N

attrHomePhone

Home Phone



N

attrActive

Active



N

attrGroups

Groups



N

selfServiceClientId

Self Service Client Id



N

  • No labels