Clients (API) | Accountmaker 文件

OAuth2 clients and multi-tenant configurations

DELETE/api/clients/{client_id}

Permanently delete a client application. This revokes all associated keys and invalidates any active sessions using this client. More OAuth

Responses

200application/json

schemaobject

dataClientrequired

A client application that can authenticate users and request tokens. Clients define allowed origins, redirect URIs, and token configurations for OAuth flows.

idstringrequired

Unique identifier for a client application.

resource_idstringrequired

Variant

Unique identifier for an account.

Option 1string

Unique identifier for an account.

Unique identifier for an application.

Option 2string

Unique identifier for an application.

hostnamestring | nullrequired

Optional hostname that maps requests to this client when client_id is omitted.

issuerstringrequired

audiencestringrequired

allowed_originsarrayrequired

itemstringrequired

allowed_scopestring | nullrequired

default_scopestringrequired

redirect_urisarrayrequired

itemstringrequired

seamless_sign_inbooleanrequired

login_enabledbooleanrequired

register_enabledbooleanrequired

csrf_requiredbooleanrequired

email_provider_configobject | nullrequired

providerrequired

mock_inbox_idstringrequired

access_token_configobject | nullrequired

Configuration for access tokens issued by this client. Access tokens are short-lived and authorize API requests on behalf of the user.

expires_innumber

cookie_optionsobject

Nested fields truncated. Expand to continue inline, or use the model link.

refresh_token_configobject | nullrequired

Configuration for refresh tokens issued by this client. Refresh tokens are long-lived and allow obtaining new access tokens without re-authentication.

expires_innumber

cookie_optionsobject

Nested fields truncated. Expand to continue inline, or use the model link.

id_token_configobject | nullrequired

Configuration for ID tokens issued by this client. ID tokens are JWTs containing user claims like email and name for client-side personalization.

expires_innumber

cookie_optionsobject

Nested fields truncated. Expand to continue inline, or use the model link.

external_jwks_configobject | nullrequired

jwks_urlstring

public_keysarray

Nested fields truncated. Expand to continue inline, or use the model link.

saml_configobject | nullrequired

saml_metadata_urlstring

public_keysarray

Nested fields truncated. Expand to continue inline, or use the model link.

expected_issuerstring

rate_limit_configobject | nullrequired

Configuration for rate limiting client requests. Higher limits may be useful for testing environments.

login_maxinteger

auth_maxinteger

unauth_maxinteger

linksobjectrequired

400application/problem+jsonValidationProblemDetails

Bad Request

schemaValidationProblemDetails

typestring · urirequired

titlestringrequired

statusintegerrequired

detailstring

instancestring · uri

codestring

invalid_paramsarray

itemobjectrequired

instring

pathstring

typestring

expectedstring

receivedstring

defaultapplication/problem+jsonProblemDetails

HTTP Error

schemaProblemDetails

typestring · urirequired

titlestringrequired

statusintegerrequired

detailstring

instancestring · uri

codestring

curl -X DELETE \\
  "${BASE_URL}/api/clients/cid789" \\
  -H "Authorization: Bearer ${API_TOKEN}"

const url = "${BASE_URL}/api/clients/cid789";
const response = await fetch(url, {
  method: "DELETE",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
  },
});

console.log(await response.json());

const url = "${BASE_URL}/api/clients/cid789";
const response = await fetch(url, {
  method: "DELETE",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
  },
} as RequestInit);

console.log(await response.json());

const response = await axios({
  method: "delete",
  url: "${BASE_URL}/api/clients/cid789",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
  },
});

console.log(response.data);

const response: AxiosResponse = await axios({
  method: "delete",
  url: "${BASE_URL}/api/clients/cid789",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
  },
});

console.log(response.data);

import { request } from "undici";

const { body } = await request("${BASE_URL}/api/clients/cid789", {
  method: "DELETE",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
  },
});

console.log(await body.json());

import requests

payload = None
response = requests.request( \
    "DELETE", \
    "${BASE_URL}/api/clients/cid789", \
    headers={"Authorization": "Bearer ${API_TOKEN}"}, \
    json=payload,
)
print(response.json())

import httpx

payload = None
with httpx.Client() as client:
    response = client.request( \
        "DELETE", \
        "${BASE_URL}/api/clients/cid789", \
        headers={"Authorization": "Bearer ${API_TOKEN}"}, \
        json=payload,
    )
print(response.json())

payload := http.NoBody

req, err := http.NewRequest("DELETE", "${BASE_URL}/api/clients/cid789", payload)
if err != nil {
  panic(err)
}
req.Header.Set("Authorization", "Bearer ${API_TOKEN}")
if payload != http.NoBody {
  req.Header.Set("Content-Type", "application/json")
}

res, err := (&http.Client{}).Do(req)
if err != nil {
  panic(err)
}
defer res.Body.Close()

require "json"
require "net/http"

payload = nil
uri = URI("${BASE_URL}/api/clients/cid789")
request = Net::HTTP::Delete.new(uri)
request["Authorization"] = "Bearer ${API_TOKEN}"
request["Content-Type"] = "application/json"
response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") { |http| \
  http.request(request) \
}
puts response.body

<?php

use GuzzleHttp\Client;

$payload = null;
$client = new Client();
$response = $client->request("DELETE", "${BASE_URL}/api/clients/cid789", [
  'headers' => [
    'Authorization' => 'Bearer ${API_TOKEN}',
  ],
]);

echo $response->getBody();

using System.Net.Http;
using System.Text;

var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Delete, "${BASE_URL}/api/clients/cid789");
request.Headers.Add("Authorization", "Bearer ${API_TOKEN}");
var response = await client.SendAsync(request);
Console.WriteLine(await response.Content.ReadAsStringAsync());

GET/api/clients/{client_id}

Retrieve a client application by its ID. Returns the client’s configuration including allowed origins, redirect URIs, and token settings. More OAuth

Responses

200application/json

schemaobject

dataClientrequired

A client application that can authenticate users and request tokens. Clients define allowed origins, redirect URIs, and token configurations for OAuth flows.

idstringrequired

Unique identifier for a client application.

resource_idstringrequired

Variant

Unique identifier for an account.

Option 1string

Unique identifier for an account.

Unique identifier for an application.

Option 2string

Unique identifier for an application.

hostnamestring | nullrequired

Optional hostname that maps requests to this client when client_id is omitted.

issuerstringrequired

audiencestringrequired

allowed_originsarrayrequired

itemstringrequired

allowed_scopestring | nullrequired

default_scopestringrequired

redirect_urisarrayrequired

itemstringrequired

seamless_sign_inbooleanrequired

login_enabledbooleanrequired

register_enabledbooleanrequired

csrf_requiredbooleanrequired

email_provider_configobject | nullrequired

providerrequired

mock_inbox_idstringrequired

access_token_configobject | nullrequired

Configuration for access tokens issued by this client. Access tokens are short-lived and authorize API requests on behalf of the user.

expires_innumber

cookie_optionsobject

Nested fields truncated. Expand to continue inline, or use the model link.

refresh_token_configobject | nullrequired

Configuration for refresh tokens issued by this client. Refresh tokens are long-lived and allow obtaining new access tokens without re-authentication.

expires_innumber

cookie_optionsobject

Nested fields truncated. Expand to continue inline, or use the model link.

id_token_configobject | nullrequired

Configuration for ID tokens issued by this client. ID tokens are JWTs containing user claims like email and name for client-side personalization.

expires_innumber

cookie_optionsobject

Nested fields truncated. Expand to continue inline, or use the model link.

external_jwks_configobject | nullrequired

jwks_urlstring

public_keysarray

Nested fields truncated. Expand to continue inline, or use the model link.

saml_configobject | nullrequired

saml_metadata_urlstring

public_keysarray

Nested fields truncated. Expand to continue inline, or use the model link.

expected_issuerstring

rate_limit_configobject | nullrequired

Configuration for rate limiting client requests. Higher limits may be useful for testing environments.

login_maxinteger

auth_maxinteger

unauth_maxinteger

linksobjectrequired

selfstringrequired

URL of the current resource

400application/problem+jsonValidationProblemDetails

Bad Request

schemaValidationProblemDetails

typestring · urirequired

titlestringrequired

statusintegerrequired

detailstring

instancestring · uri

codestring

invalid_paramsarray

itemobjectrequired

instring

pathstring

typestring

expectedstring

receivedstring

defaultapplication/problem+jsonProblemDetails

HTTP Error

schemaProblemDetails

typestring · urirequired

titlestringrequired

statusintegerrequired

detailstring

instancestring · uri

codestring

curl -X GET \\
  "${BASE_URL}/api/clients/cid789" \\
  -H "Authorization: Bearer ${API_TOKEN}"

const url = "${BASE_URL}/api/clients/cid789";
const response = await fetch(url, {
  method: "GET",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
  },
});

console.log(await response.json());

const url = "${BASE_URL}/api/clients/cid789";
const response = await fetch(url, {
  method: "GET",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
  },
} as RequestInit);

console.log(await response.json());

const response = await axios({
  method: "get",
  url: "${BASE_URL}/api/clients/cid789",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
  },
});

console.log(response.data);

const response: AxiosResponse = await axios({
  method: "get",
  url: "${BASE_URL}/api/clients/cid789",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
  },
});

console.log(response.data);

import { request } from "undici";

const { body } = await request("${BASE_URL}/api/clients/cid789", {
  method: "GET",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
  },
});

console.log(await body.json());

import requests

payload = None
response = requests.request( \
    "GET", \
    "${BASE_URL}/api/clients/cid789", \
    headers={"Authorization": "Bearer ${API_TOKEN}"}, \
    json=payload,
)
print(response.json())

import httpx

payload = None
with httpx.Client() as client:
    response = client.request( \
        "GET", \
        "${BASE_URL}/api/clients/cid789", \
        headers={"Authorization": "Bearer ${API_TOKEN}"}, \
        json=payload,
    )
print(response.json())

payload := http.NoBody

req, err := http.NewRequest("GET", "${BASE_URL}/api/clients/cid789", payload)
if err != nil {
  panic(err)
}
req.Header.Set("Authorization", "Bearer ${API_TOKEN}")
if payload != http.NoBody {
  req.Header.Set("Content-Type", "application/json")
}

res, err := (&http.Client{}).Do(req)
if err != nil {
  panic(err)
}
defer res.Body.Close()

require "json"
require "net/http"

payload = nil
uri = URI("${BASE_URL}/api/clients/cid789")
request = Net::HTTP::Get.new(uri)
request["Authorization"] = "Bearer ${API_TOKEN}"
request["Content-Type"] = "application/json"
response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") { |http| \
  http.request(request) \
}
puts response.body

<?php

use GuzzleHttp\Client;

$payload = null;
$client = new Client();
$response = $client->request("GET", "${BASE_URL}/api/clients/cid789", [
  'headers' => [
    'Authorization' => 'Bearer ${API_TOKEN}',
  ],
]);

echo $response->getBody();

using System.Net.Http;
using System.Text;

var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Get, "${BASE_URL}/api/clients/cid789");
request.Headers.Add("Authorization", "Bearer ${API_TOKEN}");
var response = await client.SendAsync(request);
Console.WriteLine(await response.Content.ReadAsStringAsync());

PATCH/api/clients/{client_id}

Update client properties using JSON Merge Patch (RFC 7396). Modify redirect URIs, allowed origins, token settings, and more. More OAuth

Body application/json

hostnamestring | null

Optional hostname that maps requests to this client when client_id is omitted.

issuerstring | null

audiencestring | null

allowed_originsarray | null

itemstringrequired

allowed_scopestring | null

default_scopestring | null

redirect_urisarray | null

itemstringrequired

seamless_sign_inboolean | null

login_enabledboolean | null

register_enabledboolean | null

csrf_requiredboolean | null

email_provider_configobject | null

provider

mock_inbox_idstring | null

access_token_configobject | null

expires_innumber | null

cookie_optionsobject | null

namestring | null

http_onlyboolean | null

secureboolean | null

same_site

max_ageinteger | null

pathstring | null

refresh_token_configobject | null

expires_innumber | null

cookie_optionsobject | null

namestring | null

http_onlyboolean | null

secureboolean | null

same_site

max_ageinteger | null

pathstring | null

id_token_configobject | null

expires_innumber | null

cookie_optionsobject | null

namestring | null

http_onlyboolean | null

secureboolean | null

same_site

max_ageinteger | null

pathstring | null

external_jwks_configobject | null

jwks_urlstring | null

public_keysarray | null

itemstringrequired

saml_configobject | null

saml_metadata_urlstring | null

public_keysarray | null

itemstringrequired

expected_issuerstring | null

rate_limit_configobject | null

login_maxinteger | null

auth_maxinteger | null

unauth_maxinteger | null

Responses

200application/json

schemaobject

dataClientrequired

A client application that can authenticate users and request tokens. Clients define allowed origins, redirect URIs, and token configurations for OAuth flows.

idstringrequired

Unique identifier for a client application.

resource_idstringrequired

Variant

Unique identifier for an account.

Option 1string

Unique identifier for an account.

Unique identifier for an application.

Option 2string

Unique identifier for an application.

hostnamestring | nullrequired

Optional hostname that maps requests to this client when client_id is omitted.

issuerstringrequired

audiencestringrequired

allowed_originsarrayrequired

itemstringrequired

allowed_scopestring | nullrequired

default_scopestringrequired

redirect_urisarrayrequired

itemstringrequired

seamless_sign_inbooleanrequired

login_enabledbooleanrequired

register_enabledbooleanrequired

csrf_requiredbooleanrequired

email_provider_configobject | nullrequired

providerrequired

mock_inbox_idstringrequired

access_token_configobject | nullrequired

Configuration for access tokens issued by this client. Access tokens are short-lived and authorize API requests on behalf of the user.

expires_innumber

cookie_optionsobject

Nested fields truncated. Expand to continue inline, or use the model link.

refresh_token_configobject | nullrequired

Configuration for refresh tokens issued by this client. Refresh tokens are long-lived and allow obtaining new access tokens without re-authentication.

expires_innumber

cookie_optionsobject

Nested fields truncated. Expand to continue inline, or use the model link.

id_token_configobject | nullrequired

Configuration for ID tokens issued by this client. ID tokens are JWTs containing user claims like email and name for client-side personalization.

expires_innumber

cookie_optionsobject

Nested fields truncated. Expand to continue inline, or use the model link.

external_jwks_configobject | nullrequired

jwks_urlstring

public_keysarray

Nested fields truncated. Expand to continue inline, or use the model link.

saml_configobject | nullrequired

saml_metadata_urlstring

public_keysarray

Nested fields truncated. Expand to continue inline, or use the model link.

expected_issuerstring

rate_limit_configobject | nullrequired

Configuration for rate limiting client requests. Higher limits may be useful for testing environments.

login_maxinteger

auth_maxinteger

unauth_maxinteger

linksobjectrequired

selfstringrequired

URL of the current resource

400application/problem+jsonValidationProblemDetails

Bad Request

schemaValidationProblemDetails

typestring · urirequired

titlestringrequired

statusintegerrequired

detailstring

instancestring · uri

codestring

invalid_paramsarray

itemobjectrequired

instring

pathstring

typestring

expectedstring

receivedstring

defaultapplication/problem+jsonProblemDetails

HTTP Error

schemaProblemDetails

typestring · urirequired

titlestringrequired

statusintegerrequired

detailstring

instancestring · uri

codestring

curl -X PATCH \\
  "${BASE_URL}/api/clients/cid789" \\
  -H "Authorization: Bearer ${API_TOKEN}" \\
  -H "Content-Type: application/json" \\
  -d '{"rate_limit_config":{"auth_max":1500,"unauth_max":1500,"login_max":250}}'

const payload = {"rate_limit_config":{"auth_max":1500,"unauth_max":1500,"login_max":250}};
const url = "${BASE_URL}/api/clients/cid789";
const response = await fetch(url, {
  method: "PATCH",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  body: JSON.stringify(payload),
});

console.log(await response.json());

const payload = {"rate_limit_config":{"auth_max":1500,"unauth_max":1500,"login_max":250}};
const url = "${BASE_URL}/api/clients/cid789";
const response = await fetch(url, {
  method: "PATCH",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  body: JSON.stringify(payload),
} as RequestInit);

console.log(await response.json());

const payload = {"rate_limit_config":{"auth_max":1500,"unauth_max":1500,"login_max":250}};
const response = await axios({
  method: "patch",
  url: "${BASE_URL}/api/clients/cid789",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  data: payload,
});

console.log(response.data);

const payload = {"rate_limit_config":{"auth_max":1500,"unauth_max":1500,"login_max":250}};
const response: AxiosResponse = await axios({
  method: "patch",
  url: "${BASE_URL}/api/clients/cid789",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  data: payload,
});

console.log(response.data);

import { request } from "undici";

const bodyData = {"rate_limit_config":{"auth_max":1500,"unauth_max":1500,"login_max":250}};
const { body } = await request("${BASE_URL}/api/clients/cid789", {
  method: "PATCH",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
      "Content-Type": "application/json",
  },
    body: JSON.stringify(bodyData),
});

console.log(await body.json());

import requests

payload = {"rate_limit_config":{"auth_max":1500,"unauth_max":1500,"login_max":250}}
response = requests.request( \
    "PATCH", \
    "${BASE_URL}/api/clients/cid789", \
    headers={"Authorization": "Bearer ${API_TOKEN}"}, \
    json=payload,
)
print(response.json())

import httpx

payload = {"rate_limit_config":{"auth_max":1500,"unauth_max":1500,"login_max":250}}
with httpx.Client() as client:
    response = client.request( \
        "PATCH", \
        "${BASE_URL}/api/clients/cid789", \
        headers={"Authorization": "Bearer ${API_TOKEN}"}, \
        json=payload,
    )
print(response.json())

payload := bytes.NewBuffer([]byte(`{"rate_limit_config":{"auth_max":1500,"unauth_max":1500,"login_max":250}}`))

req, err := http.NewRequest("PATCH", "${BASE_URL}/api/clients/cid789", payload)
if err != nil {
  panic(err)
}
req.Header.Set("Authorization", "Bearer ${API_TOKEN}")
if payload != http.NoBody {
  req.Header.Set("Content-Type", "application/json")
}

res, err := (&http.Client{}).Do(req)
if err != nil {
  panic(err)
}
defer res.Body.Close()

require "json"
require "net/http"

payload = {"rate_limit_config":{"auth_max":1500,"unauth_max":1500,"login_max":250}}
uri = URI("${BASE_URL}/api/clients/cid789")
request = Net::HTTP::Patch.new(uri)
request["Authorization"] = "Bearer ${API_TOKEN}"
request["Content-Type"] = "application/json"
request.body = payload.to_json
response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") { |http| \
  http.request(request) \
}
puts response.body

<?php

use GuzzleHttp\Client;

$payload = {"rate_limit_config":{"auth_max":1500,"unauth_max":1500,"login_max":250}};
$client = new Client();
$response = $client->request("PATCH", "${BASE_URL}/api/clients/cid789", [
  'headers' => [
    'Authorization' => 'Bearer ${API_TOKEN}',
  ],
  'json' => $payload,
]);

echo $response->getBody();

using System.Net.Http;
using System.Text;

var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Patch, "${BASE_URL}/api/clients/cid789");
request.Headers.Add("Authorization", "Bearer ${API_TOKEN}");
request.Content = new StringContent("{\"rate_limit_config\":{\"auth_max\":1500,\"unauth_max\":1500,\"login_max\":250}}", Encoding.UTF8, "application/json");
var response = await client.SendAsync(request);
Console.WriteLine(await response.Content.ReadAsStringAsync());

GET/api/clients/{client_id}/keys

List all cryptographic keys for a client. Keys are used for signing tokens and authenticating client credentials grants. More OAuth

Responses

200application/json

schemaobject

dataarrayrequired

itemClientKeyrequired

A cryptographic key pair used by a client to sign tokens. Only the public key is exposed; the private key is stored securely.

kidstringrequired

credential_idstringrequired

Unique identifier for a client application.

jwkrequired

public_keystringrequired

linksobjectrequired

selfstringrequired

URL of the current page

nextstring

URL of the next page

400application/problem+jsonValidationProblemDetails

Bad Request

schemaValidationProblemDetails

typestring · urirequired

titlestringrequired

statusintegerrequired

detailstring

instancestring · uri

codestring

invalid_paramsarray

itemobjectrequired

instring

pathstring

typestring

expectedstring

receivedstring

defaultapplication/problem+jsonProblemDetails

HTTP Error

schemaProblemDetails

typestring · urirequired

titlestringrequired

statusintegerrequired

detailstring

instancestring · uri

codestring

curl -X GET \\
  "${BASE_URL}/api/clients/cid789/keys" \\
  -H "Authorization: Bearer ${API_TOKEN}"

const url = "${BASE_URL}/api/clients/cid789/keys";
const response = await fetch(url, {
  method: "GET",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
  },
});

console.log(await response.json());

const url = "${BASE_URL}/api/clients/cid789/keys";
const response = await fetch(url, {
  method: "GET",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
  },
} as RequestInit);

console.log(await response.json());

const response = await axios({
  method: "get",
  url: "${BASE_URL}/api/clients/cid789/keys",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
  },
});

console.log(response.data);

const response: AxiosResponse = await axios({
  method: "get",
  url: "${BASE_URL}/api/clients/cid789/keys",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
  },
});

console.log(response.data);

import { request } from "undici";

const { body } = await request("${BASE_URL}/api/clients/cid789/keys", {
  method: "GET",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
  },
});

console.log(await body.json());

import requests

payload = None
response = requests.request( \
    "GET", \
    "${BASE_URL}/api/clients/cid789/keys", \
    headers={"Authorization": "Bearer ${API_TOKEN}"}, \
    json=payload,
)
print(response.json())

import httpx

payload = None
with httpx.Client() as client:
    response = client.request( \
        "GET", \
        "${BASE_URL}/api/clients/cid789/keys", \
        headers={"Authorization": "Bearer ${API_TOKEN}"}, \
        json=payload,
    )
print(response.json())

payload := http.NoBody

req, err := http.NewRequest("GET", "${BASE_URL}/api/clients/cid789/keys", payload)
if err != nil {
  panic(err)
}
req.Header.Set("Authorization", "Bearer ${API_TOKEN}")
if payload != http.NoBody {
  req.Header.Set("Content-Type", "application/json")
}

res, err := (&http.Client{}).Do(req)
if err != nil {
  panic(err)
}
defer res.Body.Close()

require "json"
require "net/http"

payload = nil
uri = URI("${BASE_URL}/api/clients/cid789/keys")
request = Net::HTTP::Get.new(uri)
request["Authorization"] = "Bearer ${API_TOKEN}"
request["Content-Type"] = "application/json"
response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") { |http| \
  http.request(request) \
}
puts response.body

<?php

use GuzzleHttp\Client;

$payload = null;
$client = new Client();
$response = $client->request("GET", "${BASE_URL}/api/clients/cid789/keys", [
  'headers' => [
    'Authorization' => 'Bearer ${API_TOKEN}',
  ],
]);

echo $response->getBody();

using System.Net.Http;
using System.Text;

var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Get, "${BASE_URL}/api/clients/cid789/keys");
request.Headers.Add("Authorization", "Bearer ${API_TOKEN}");
var response = await client.SendAsync(request);
Console.WriteLine(await response.Content.ReadAsStringAsync());

POST/api/clients/{client_id}/keys

Generate a new cryptographic key pair for a client. Old keys beyond the limit are automatically rotated out. More OAuth

Body application/json

bodyobjectrequired

An empty object that is reserved for future options. Fields will be optional.

Responses

200application/json

schemaobject

dataClientKeyrequired

A cryptographic key pair used by a client to sign tokens. Only the public key is exposed; the private key is stored securely.

kidstringrequired

credential_idstringrequired

Unique identifier for a client application.

jwkrequired

public_keystringrequired

linksobjectrequired

selfstringrequired

URL of the created resource

400application/problem+jsonValidationProblemDetails

Bad Request

schemaValidationProblemDetails

typestring · urirequired

titlestringrequired

statusintegerrequired

detailstring

instancestring · uri

codestring

invalid_paramsarray

itemobjectrequired

instring

pathstring

typestring

expectedstring

receivedstring

defaultapplication/problem+jsonProblemDetails

HTTP Error

schemaProblemDetails

typestring · urirequired

titlestringrequired

statusintegerrequired

detailstring

instancestring · uri

codestring

curl -X POST \\
  "${BASE_URL}/api/clients/cid789/keys" \\
  -H "Authorization: Bearer ${API_TOKEN}" \\
  -H "Content-Type: application/json" \\
  -d '{}'

const payload = {};
const url = "${BASE_URL}/api/clients/cid789/keys";
const response = await fetch(url, {
  method: "POST",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  body: JSON.stringify(payload),
});

console.log(await response.json());

const payload = {};
const url = "${BASE_URL}/api/clients/cid789/keys";
const response = await fetch(url, {
  method: "POST",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  body: JSON.stringify(payload),
} as RequestInit);

console.log(await response.json());

const payload = {};
const response = await axios({
  method: "post",
  url: "${BASE_URL}/api/clients/cid789/keys",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  data: payload,
});

console.log(response.data);

const payload = {};
const response: AxiosResponse = await axios({
  method: "post",
  url: "${BASE_URL}/api/clients/cid789/keys",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  data: payload,
});

console.log(response.data);

import { request } from "undici";

const bodyData = {};
const { body } = await request("${BASE_URL}/api/clients/cid789/keys", {
  method: "POST",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
      "Content-Type": "application/json",
  },
    body: JSON.stringify(bodyData),
});

console.log(await body.json());

import requests

payload = {}
response = requests.request( \
    "POST", \
    "${BASE_URL}/api/clients/cid789/keys", \
    headers={"Authorization": "Bearer ${API_TOKEN}"}, \
    json=payload,
)
print(response.json())

import httpx

payload = {}
with httpx.Client() as client:
    response = client.request( \
        "POST", \
        "${BASE_URL}/api/clients/cid789/keys", \
        headers={"Authorization": "Bearer ${API_TOKEN}"}, \
        json=payload,
    )
print(response.json())

payload := bytes.NewBuffer([]byte(`{}`))

req, err := http.NewRequest("POST", "${BASE_URL}/api/clients/cid789/keys", payload)
if err != nil {
  panic(err)
}
req.Header.Set("Authorization", "Bearer ${API_TOKEN}")
if payload != http.NoBody {
  req.Header.Set("Content-Type", "application/json")
}

res, err := (&http.Client{}).Do(req)
if err != nil {
  panic(err)
}
defer res.Body.Close()

require "json"
require "net/http"

payload = {}
uri = URI("${BASE_URL}/api/clients/cid789/keys")
request = Net::HTTP::Post.new(uri)
request["Authorization"] = "Bearer ${API_TOKEN}"
request["Content-Type"] = "application/json"
request.body = payload.to_json
response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") { |http| \
  http.request(request) \
}
puts response.body

<?php

use GuzzleHttp\Client;

$payload = {};
$client = new Client();
$response = $client->request("POST", "${BASE_URL}/api/clients/cid789/keys", [
  'headers' => [
    'Authorization' => 'Bearer ${API_TOKEN}',
  ],
  'json' => $payload,
]);

echo $response->getBody();

using System.Net.Http;
using System.Text;

var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Post, "${BASE_URL}/api/clients/cid789/keys");
request.Headers.Add("Authorization", "Bearer ${API_TOKEN}");
request.Content = new StringContent("{}", Encoding.UTF8, "application/json");
var response = await client.SendAsync(request);
Console.WriteLine(await response.Content.ReadAsStringAsync());

DELETE/api/clients/{client_id}/keys/{kid}

Delete a specific cryptographic key by its key ID (kid). Tokens signed with this key will no longer be verifiable. More OAuth

Responses

204

No Content

400application/problem+jsonValidationProblemDetails

Bad Request

schemaValidationProblemDetails

typestring · urirequired

titlestringrequired

statusintegerrequired

detailstring

instancestring · uri

codestring

invalid_paramsarray

itemobjectrequired

instring

pathstring

typestring

expectedstring

receivedstring

defaultapplication/problem+jsonProblemDetails

HTTP Error

schemaProblemDetails

typestring · urirequired

titlestringrequired

statusintegerrequired

detailstring

instancestring · uri

codestring

curl -X DELETE \\
  "${BASE_URL}/api/clients/cid789/keys/string" \\
  -H "Authorization: Bearer ${API_TOKEN}"

const url = "${BASE_URL}/api/clients/cid789/keys/string";
const response = await fetch(url, {
  method: "DELETE",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
  },
});

console.log(await response.json());

const url = "${BASE_URL}/api/clients/cid789/keys/string";
const response = await fetch(url, {
  method: "DELETE",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
  },
} as RequestInit);

console.log(await response.json());

const response = await axios({
  method: "delete",
  url: "${BASE_URL}/api/clients/cid789/keys/string",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
  },
});

console.log(response.data);

const response: AxiosResponse = await axios({
  method: "delete",
  url: "${BASE_URL}/api/clients/cid789/keys/string",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
  },
});

console.log(response.data);

import { request } from "undici";

const { body } = await request("${BASE_URL}/api/clients/cid789/keys/string", {
  method: "DELETE",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
  },
});

console.log(await body.json());

import requests

payload = None
response = requests.request( \
    "DELETE", \
    "${BASE_URL}/api/clients/cid789/keys/string", \
    headers={"Authorization": "Bearer ${API_TOKEN}"}, \
    json=payload,
)
print(response.json())

import httpx

payload = None
with httpx.Client() as client:
    response = client.request( \
        "DELETE", \
        "${BASE_URL}/api/clients/cid789/keys/string", \
        headers={"Authorization": "Bearer ${API_TOKEN}"}, \
        json=payload,
    )
print(response.json())

payload := http.NoBody

req, err := http.NewRequest("DELETE", "${BASE_URL}/api/clients/cid789/keys/string", payload)
if err != nil {
  panic(err)
}
req.Header.Set("Authorization", "Bearer ${API_TOKEN}")
if payload != http.NoBody {
  req.Header.Set("Content-Type", "application/json")
}

res, err := (&http.Client{}).Do(req)
if err != nil {
  panic(err)
}
defer res.Body.Close()

require "json"
require "net/http"

payload = nil
uri = URI("${BASE_URL}/api/clients/cid789/keys/string")
request = Net::HTTP::Delete.new(uri)
request["Authorization"] = "Bearer ${API_TOKEN}"
request["Content-Type"] = "application/json"
response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") { |http| \
  http.request(request) \
}
puts response.body

<?php

use GuzzleHttp\Client;

$payload = null;
$client = new Client();
$response = $client->request("DELETE", "${BASE_URL}/api/clients/cid789/keys/string", [
  'headers' => [
    'Authorization' => 'Bearer ${API_TOKEN}',
  ],
]);

echo $response->getBody();

using System.Net.Http;
using System.Text;

var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Delete, "${BASE_URL}/api/clients/cid789/keys/string");
request.Headers.Add("Authorization", "Bearer ${API_TOKEN}");
var response = await client.SendAsync(request);
Console.WriteLine(await response.Content.ReadAsStringAsync());

POST/api/clients/{client_id}/keys/rotate

Convenience endpoint to rotate JWKs for a client. A new JWK will be created and added to the front of the client’s keys array. If there are more than 4 keys, the oldest key will be removed. More

Body application/json

bodyobject

An empty object that is reserved for future options. Fields will be optional.

Responses

204

No Content

400application/problem+jsonValidationProblemDetails

Bad Request

schemaValidationProblemDetails

typestring · urirequired

titlestringrequired

statusintegerrequired

detailstring

instancestring · uri

codestring

invalid_paramsarray

itemobjectrequired

instring

pathstring

typestring

expectedstring

receivedstring

defaultapplication/problem+jsonProblemDetails

HTTP Error

schemaProblemDetails

typestring · urirequired

titlestringrequired

statusintegerrequired

detailstring

instancestring · uri

codestring

curl -X POST \\
  "${BASE_URL}/api/clients/cid789/keys/rotate" \\
  -H "Authorization: Bearer ${API_TOKEN}" \\
  -H "Content-Type: application/json" \\
  -d '{}'

const payload = {};
const url = "${BASE_URL}/api/clients/cid789/keys/rotate";
const response = await fetch(url, {
  method: "POST",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  body: JSON.stringify(payload),
});

console.log(await response.json());

const payload = {};
const url = "${BASE_URL}/api/clients/cid789/keys/rotate";
const response = await fetch(url, {
  method: "POST",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  body: JSON.stringify(payload),
} as RequestInit);

console.log(await response.json());

const payload = {};
const response = await axios({
  method: "post",
  url: "${BASE_URL}/api/clients/cid789/keys/rotate",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  data: payload,
});

console.log(response.data);

const payload = {};
const response: AxiosResponse = await axios({
  method: "post",
  url: "${BASE_URL}/api/clients/cid789/keys/rotate",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  data: payload,
});

console.log(response.data);

import { request } from "undici";

const bodyData = {};
const { body } = await request("${BASE_URL}/api/clients/cid789/keys/rotate", {
  method: "POST",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
      "Content-Type": "application/json",
  },
    body: JSON.stringify(bodyData),
});

console.log(await body.json());

import requests

payload = {}
response = requests.request( \
    "POST", \
    "${BASE_URL}/api/clients/cid789/keys/rotate", \
    headers={"Authorization": "Bearer ${API_TOKEN}"}, \
    json=payload,
)
print(response.json())

import httpx

payload = {}
with httpx.Client() as client:
    response = client.request( \
        "POST", \
        "${BASE_URL}/api/clients/cid789/keys/rotate", \
        headers={"Authorization": "Bearer ${API_TOKEN}"}, \
        json=payload,
    )
print(response.json())

payload := bytes.NewBuffer([]byte(`{}`))

req, err := http.NewRequest("POST", "${BASE_URL}/api/clients/cid789/keys/rotate", payload)
if err != nil {
  panic(err)
}
req.Header.Set("Authorization", "Bearer ${API_TOKEN}")
if payload != http.NoBody {
  req.Header.Set("Content-Type", "application/json")
}

res, err := (&http.Client{}).Do(req)
if err != nil {
  panic(err)
}
defer res.Body.Close()

require "json"
require "net/http"

payload = {}
uri = URI("${BASE_URL}/api/clients/cid789/keys/rotate")
request = Net::HTTP::Post.new(uri)
request["Authorization"] = "Bearer ${API_TOKEN}"
request["Content-Type"] = "application/json"
request.body = payload.to_json
response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") { |http| \
  http.request(request) \
}
puts response.body

<?php

use GuzzleHttp\Client;

$payload = {};
$client = new Client();
$response = $client->request("POST", "${BASE_URL}/api/clients/cid789/keys/rotate", [
  'headers' => [
    'Authorization' => 'Bearer ${API_TOKEN}',
  ],
  'json' => $payload,
]);

echo $response->getBody();

using System.Net.Http;
using System.Text;

var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Post, "${BASE_URL}/api/clients/cid789/keys/rotate");
request.Headers.Add("Authorization", "Bearer ${API_TOKEN}");
request.Content = new StringContent("{}", Encoding.UTF8, "application/json");
var response = await client.SendAsync(request);
Console.WriteLine(await response.Content.ReadAsStringAsync());

GET/api/clients/{client_id}/oauth-providers

List OAuth provider configurations for a client. Secrets are never returned. More

Responses

200application/json

schemaobject

dataarrayrequired

itemobjectrequired

idstringrequired

Unique identifier for an OAuth provider configuration.

client_idstringrequired

Unique identifier for a client application.

providerrequired

provider_client_idstringrequired

enabledbooleanrequired

scopesstringrequired

linksobjectrequired

selfstringrequired

URL of the current page

nextstring

URL of the next page

defaultapplication/problem+jsonProblemDetails

HTTP Error

schemaProblemDetails

typestring · urirequired

titlestringrequired

statusintegerrequired

detailstring

instancestring · uri

codestring

curl -X GET \\
  "${BASE_URL}/api/clients/cid789/oauth-providers?limit=20&cursor=eyJpZCI6ImFjYzEyMyJ9" \\
  -H "Authorization: Bearer ${API_TOKEN}"

const url = "${BASE_URL}/api/clients/cid789/oauth-providers?limit=20&cursor=eyJpZCI6ImFjYzEyMyJ9";
const response = await fetch(url, {
  method: "GET",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
  },
});

console.log(await response.json());

const url = "${BASE_URL}/api/clients/cid789/oauth-providers?limit=20&cursor=eyJpZCI6ImFjYzEyMyJ9";
const response = await fetch(url, {
  method: "GET",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
  },
} as RequestInit);

console.log(await response.json());

const response = await axios({
  method: "get",
  url: "${BASE_URL}/api/clients/cid789/oauth-providers?limit=20&cursor=eyJpZCI6ImFjYzEyMyJ9",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
  },
});

console.log(response.data);

const response: AxiosResponse = await axios({
  method: "get",
  url: "${BASE_URL}/api/clients/cid789/oauth-providers?limit=20&cursor=eyJpZCI6ImFjYzEyMyJ9",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
  },
});

console.log(response.data);

import { request } from "undici";

const { body } = await request("${BASE_URL}/api/clients/cid789/oauth-providers?limit=20&cursor=eyJpZCI6ImFjYzEyMyJ9", {
  method: "GET",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
  },
});

console.log(await body.json());

import requests

payload = None
response = requests.request( \
    "GET", \
    "${BASE_URL}/api/clients/cid789/oauth-providers?limit=20&cursor=eyJpZCI6ImFjYzEyMyJ9", \
    headers={"Authorization": "Bearer ${API_TOKEN}"}, \
    json=payload,
)
print(response.json())

import httpx

payload = None
with httpx.Client() as client:
    response = client.request( \
        "GET", \
        "${BASE_URL}/api/clients/cid789/oauth-providers?limit=20&cursor=eyJpZCI6ImFjYzEyMyJ9", \
        headers={"Authorization": "Bearer ${API_TOKEN}"}, \
        json=payload,
    )
print(response.json())

payload := http.NoBody

req, err := http.NewRequest("GET", "${BASE_URL}/api/clients/cid789/oauth-providers?limit=20&cursor=eyJpZCI6ImFjYzEyMyJ9", payload)
if err != nil {
  panic(err)
}
req.Header.Set("Authorization", "Bearer ${API_TOKEN}")
if payload != http.NoBody {
  req.Header.Set("Content-Type", "application/json")
}

res, err := (&http.Client{}).Do(req)
if err != nil {
  panic(err)
}
defer res.Body.Close()

require "json"
require "net/http"

payload = nil
uri = URI("${BASE_URL}/api/clients/cid789/oauth-providers?limit=20&cursor=eyJpZCI6ImFjYzEyMyJ9")
request = Net::HTTP::Get.new(uri)
request["Authorization"] = "Bearer ${API_TOKEN}"
request["Content-Type"] = "application/json"
response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") { |http| \
  http.request(request) \
}
puts response.body

<?php

use GuzzleHttp\Client;

$payload = null;
$client = new Client();
$response = $client->request("GET", "${BASE_URL}/api/clients/cid789/oauth-providers?limit=20&cursor=eyJpZCI6ImFjYzEyMyJ9", [
  'headers' => [
    'Authorization' => 'Bearer ${API_TOKEN}',
  ],
]);

echo $response->getBody();

using System.Net.Http;
using System.Text;

var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Get, "${BASE_URL}/api/clients/cid789/oauth-providers?limit=20&cursor=eyJpZCI6ImFjYzEyMyJ9");
request.Headers.Add("Authorization", "Bearer ${API_TOKEN}");
var response = await client.SendAsync(request);
Console.WriteLine(await response.Content.ReadAsStringAsync());

POST/api/clients/{client_id}/oauth-providers

Create an OAuth provider configuration for a client, including write-only secret fields. More

Body application/json

providerrequired

provider_client_idstringrequired

provider_client_secretstringrequired

enabledboolean

scopesstring

Responses

200application/json

schemaobject

dataobjectrequired

idstringrequired

Unique identifier for an OAuth provider configuration.

client_idstringrequired

Unique identifier for a client application.

providerrequired

provider_client_idstringrequired

enabledbooleanrequired

scopesstringrequired

created_atstringrequired

updated_atstringrequired

linksobjectrequired

selfstringrequired

URL of the created resource

defaultapplication/problem+jsonProblemDetails

HTTP Error

schemaProblemDetails

typestring · urirequired

titlestringrequired

statusintegerrequired

detailstring

instancestring · uri

codestring

curl -X POST \\
  "${BASE_URL}/api/clients/cid789/oauth-providers" \\
  -H "Authorization: Bearer ${API_TOKEN}" \\
  -H "Content-Type: application/json" \\
  -d '{"provider":"google","provider_client_id":"string","provider_client_secret":"string","enabled":true,"scopes":"string"}'

const payload = {"provider":"google","provider_client_id":"string","provider_client_secret":"string","enabled":true,"scopes":"string"};
const url = "${BASE_URL}/api/clients/cid789/oauth-providers";
const response = await fetch(url, {
  method: "POST",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  body: JSON.stringify(payload),
});

console.log(await response.json());

const payload = {"provider":"google","provider_client_id":"string","provider_client_secret":"string","enabled":true,"scopes":"string"};
const url = "${BASE_URL}/api/clients/cid789/oauth-providers";
const response = await fetch(url, {
  method: "POST",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  body: JSON.stringify(payload),
} as RequestInit);

console.log(await response.json());

const payload = {"provider":"google","provider_client_id":"string","provider_client_secret":"string","enabled":true,"scopes":"string"};
const response = await axios({
  method: "post",
  url: "${BASE_URL}/api/clients/cid789/oauth-providers",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  data: payload,
});

console.log(response.data);

const payload = {"provider":"google","provider_client_id":"string","provider_client_secret":"string","enabled":true,"scopes":"string"};
const response: AxiosResponse = await axios({
  method: "post",
  url: "${BASE_URL}/api/clients/cid789/oauth-providers",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  data: payload,
});

console.log(response.data);

import { request } from "undici";

const bodyData = {"provider":"google","provider_client_id":"string","provider_client_secret":"string","enabled":true,"scopes":"string"};
const { body } = await request("${BASE_URL}/api/clients/cid789/oauth-providers", {
  method: "POST",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
      "Content-Type": "application/json",
  },
    body: JSON.stringify(bodyData),
});

console.log(await body.json());

import requests

payload = {"provider":"google","provider_client_id":"string","provider_client_secret":"string","enabled":true,"scopes":"string"}
response = requests.request( \
    "POST", \
    "${BASE_URL}/api/clients/cid789/oauth-providers", \
    headers={"Authorization": "Bearer ${API_TOKEN}"}, \
    json=payload,
)
print(response.json())

import httpx

payload = {"provider":"google","provider_client_id":"string","provider_client_secret":"string","enabled":true,"scopes":"string"}
with httpx.Client() as client:
    response = client.request( \
        "POST", \
        "${BASE_URL}/api/clients/cid789/oauth-providers", \
        headers={"Authorization": "Bearer ${API_TOKEN}"}, \
        json=payload,
    )
print(response.json())

payload := bytes.NewBuffer([]byte(`{"provider":"google","provider_client_id":"string","provider_client_secret":"string","enabled":true,"scopes":"string"}`))

req, err := http.NewRequest("POST", "${BASE_URL}/api/clients/cid789/oauth-providers", payload)
if err != nil {
  panic(err)
}
req.Header.Set("Authorization", "Bearer ${API_TOKEN}")
if payload != http.NoBody {
  req.Header.Set("Content-Type", "application/json")
}

res, err := (&http.Client{}).Do(req)
if err != nil {
  panic(err)
}
defer res.Body.Close()

require "json"
require "net/http"

payload = {"provider":"google","provider_client_id":"string","provider_client_secret":"string","enabled":true,"scopes":"string"}
uri = URI("${BASE_URL}/api/clients/cid789/oauth-providers")
request = Net::HTTP::Post.new(uri)
request["Authorization"] = "Bearer ${API_TOKEN}"
request["Content-Type"] = "application/json"
request.body = payload.to_json
response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") { |http| \
  http.request(request) \
}
puts response.body

<?php

use GuzzleHttp\Client;

$payload = {"provider":"google","provider_client_id":"string","provider_client_secret":"string","enabled":true,"scopes":"string"};
$client = new Client();
$response = $client->request("POST", "${BASE_URL}/api/clients/cid789/oauth-providers", [
  'headers' => [
    'Authorization' => 'Bearer ${API_TOKEN}',
  ],
  'json' => $payload,
]);

echo $response->getBody();

using System.Net.Http;
using System.Text;

var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Post, "${BASE_URL}/api/clients/cid789/oauth-providers");
request.Headers.Add("Authorization", "Bearer ${API_TOKEN}");
request.Content = new StringContent("{\"provider\":\"google\",\"provider_client_id\":\"string\",\"provider_client_secret\":\"string\",\"enabled\":true,\"scopes\":\"string\"}", Encoding.UTF8, "application/json");
var response = await client.SendAsync(request);
Console.WriteLine(await response.Content.ReadAsStringAsync());

DELETE/api/clients/{client_id}/oauth-providers/{provider}

Delete a client OAuth provider configuration and paired secrets. More

Responses

200application/json

schemaobject

dataobjectrequired

idstringrequired

Unique identifier for an OAuth provider configuration.

client_idstringrequired

Unique identifier for a client application.

providerrequired

provider_client_idstringrequired

enabledbooleanrequired

scopesstringrequired

created_atstringrequired

updated_atstringrequired

linksobjectrequired

defaultapplication/problem+jsonProblemDetails

HTTP Error

schemaProblemDetails

typestring · urirequired

titlestringrequired

statusintegerrequired

detailstring

instancestring · uri

codestring

curl -X DELETE \\
  "${BASE_URL}/api/clients/cid789/oauth-providers/google" \\
  -H "Authorization: Bearer ${API_TOKEN}"

const url = "${BASE_URL}/api/clients/cid789/oauth-providers/google";
const response = await fetch(url, {
  method: "DELETE",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
  },
});

console.log(await response.json());

const url = "${BASE_URL}/api/clients/cid789/oauth-providers/google";
const response = await fetch(url, {
  method: "DELETE",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
  },
} as RequestInit);

console.log(await response.json());

const response = await axios({
  method: "delete",
  url: "${BASE_URL}/api/clients/cid789/oauth-providers/google",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
  },
});

console.log(response.data);

const response: AxiosResponse = await axios({
  method: "delete",
  url: "${BASE_URL}/api/clients/cid789/oauth-providers/google",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
  },
});

console.log(response.data);

import { request } from "undici";

const { body } = await request("${BASE_URL}/api/clients/cid789/oauth-providers/google", {
  method: "DELETE",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
  },
});

console.log(await body.json());

import requests

payload = None
response = requests.request( \
    "DELETE", \
    "${BASE_URL}/api/clients/cid789/oauth-providers/google", \
    headers={"Authorization": "Bearer ${API_TOKEN}"}, \
    json=payload,
)
print(response.json())

import httpx

payload = None
with httpx.Client() as client:
    response = client.request( \
        "DELETE", \
        "${BASE_URL}/api/clients/cid789/oauth-providers/google", \
        headers={"Authorization": "Bearer ${API_TOKEN}"}, \
        json=payload,
    )
print(response.json())

payload := http.NoBody

req, err := http.NewRequest("DELETE", "${BASE_URL}/api/clients/cid789/oauth-providers/google", payload)
if err != nil {
  panic(err)
}
req.Header.Set("Authorization", "Bearer ${API_TOKEN}")
if payload != http.NoBody {
  req.Header.Set("Content-Type", "application/json")
}

res, err := (&http.Client{}).Do(req)
if err != nil {
  panic(err)
}
defer res.Body.Close()

require "json"
require "net/http"

payload = nil
uri = URI("${BASE_URL}/api/clients/cid789/oauth-providers/google")
request = Net::HTTP::Delete.new(uri)
request["Authorization"] = "Bearer ${API_TOKEN}"
request["Content-Type"] = "application/json"
response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") { |http| \
  http.request(request) \
}
puts response.body

<?php

use GuzzleHttp\Client;

$payload = null;
$client = new Client();
$response = $client->request("DELETE", "${BASE_URL}/api/clients/cid789/oauth-providers/google", [
  'headers' => [
    'Authorization' => 'Bearer ${API_TOKEN}',
  ],
]);

echo $response->getBody();

using System.Net.Http;
using System.Text;

var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Delete, "${BASE_URL}/api/clients/cid789/oauth-providers/google");
request.Headers.Add("Authorization", "Bearer ${API_TOKEN}");
var response = await client.SendAsync(request);
Console.WriteLine(await response.Content.ReadAsStringAsync());

GET/api/clients/{client_id}/oauth-providers/{provider}

Get a client OAuth provider configuration by provider key. Secrets are never returned. More

Responses

200application/json

schemaobject

dataobjectrequired

idstringrequired

Unique identifier for an OAuth provider configuration.

client_idstringrequired

Unique identifier for a client application.

providerrequired

provider_client_idstringrequired

enabledbooleanrequired

scopesstringrequired

created_atstringrequired

updated_atstringrequired

linksobjectrequired

selfstringrequired

URL of the current resource

defaultapplication/problem+jsonProblemDetails

HTTP Error

schemaProblemDetails

typestring · urirequired

titlestringrequired

statusintegerrequired

detailstring

instancestring · uri

codestring

curl -X GET \\
  "${BASE_URL}/api/clients/cid789/oauth-providers/google" \\
  -H "Authorization: Bearer ${API_TOKEN}"

const url = "${BASE_URL}/api/clients/cid789/oauth-providers/google";
const response = await fetch(url, {
  method: "GET",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
  },
});

console.log(await response.json());

const url = "${BASE_URL}/api/clients/cid789/oauth-providers/google";
const response = await fetch(url, {
  method: "GET",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
  },
} as RequestInit);

console.log(await response.json());

const response = await axios({
  method: "get",
  url: "${BASE_URL}/api/clients/cid789/oauth-providers/google",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
  },
});

console.log(response.data);

const response: AxiosResponse = await axios({
  method: "get",
  url: "${BASE_URL}/api/clients/cid789/oauth-providers/google",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
  },
});

console.log(response.data);

import { request } from "undici";

const { body } = await request("${BASE_URL}/api/clients/cid789/oauth-providers/google", {
  method: "GET",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
  },
});

console.log(await body.json());

import requests

payload = None
response = requests.request( \
    "GET", \
    "${BASE_URL}/api/clients/cid789/oauth-providers/google", \
    headers={"Authorization": "Bearer ${API_TOKEN}"}, \
    json=payload,
)
print(response.json())

import httpx

payload = None
with httpx.Client() as client:
    response = client.request( \
        "GET", \
        "${BASE_URL}/api/clients/cid789/oauth-providers/google", \
        headers={"Authorization": "Bearer ${API_TOKEN}"}, \
        json=payload,
    )
print(response.json())

payload := http.NoBody

req, err := http.NewRequest("GET", "${BASE_URL}/api/clients/cid789/oauth-providers/google", payload)
if err != nil {
  panic(err)
}
req.Header.Set("Authorization", "Bearer ${API_TOKEN}")
if payload != http.NoBody {
  req.Header.Set("Content-Type", "application/json")
}

res, err := (&http.Client{}).Do(req)
if err != nil {
  panic(err)
}
defer res.Body.Close()

require "json"
require "net/http"

payload = nil
uri = URI("${BASE_URL}/api/clients/cid789/oauth-providers/google")
request = Net::HTTP::Get.new(uri)
request["Authorization"] = "Bearer ${API_TOKEN}"
request["Content-Type"] = "application/json"
response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") { |http| \
  http.request(request) \
}
puts response.body

<?php

use GuzzleHttp\Client;

$payload = null;
$client = new Client();
$response = $client->request("GET", "${BASE_URL}/api/clients/cid789/oauth-providers/google", [
  'headers' => [
    'Authorization' => 'Bearer ${API_TOKEN}',
  ],
]);

echo $response->getBody();

using System.Net.Http;
using System.Text;

var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Get, "${BASE_URL}/api/clients/cid789/oauth-providers/google");
request.Headers.Add("Authorization", "Bearer ${API_TOKEN}");
var response = await client.SendAsync(request);
Console.WriteLine(await response.Content.ReadAsStringAsync());

PATCH/api/clients/{client_id}/oauth-providers/{provider}

Patch a client OAuth provider configuration. Secret fields are write-only; null clears stored secret. More

Body application/json

provider_client_idstring

provider_client_secretstring | null

enabledboolean

scopesstring

Responses

200application/json

schemaobject

dataobjectrequired

idstringrequired

Unique identifier for an OAuth provider configuration.

client_idstringrequired

Unique identifier for a client application.

providerrequired

provider_client_idstringrequired

enabledbooleanrequired

scopesstringrequired

created_atstringrequired

updated_atstringrequired

linksobjectrequired

selfstringrequired

URL of the current resource

defaultapplication/problem+jsonProblemDetails

HTTP Error

schemaProblemDetails

typestring · urirequired

titlestringrequired

statusintegerrequired

detailstring

instancestring · uri

codestring

curl -X PATCH \\
  "${BASE_URL}/api/clients/cid789/oauth-providers/google" \\
  -H "Authorization: Bearer ${API_TOKEN}" \\
  -H "Content-Type: application/json" \\
  -d '{"provider_client_id":"string","provider_client_secret":"value","enabled":true,"scopes":"string"}'

const payload = {"provider_client_id":"string","provider_client_secret":"value","enabled":true,"scopes":"string"};
const url = "${BASE_URL}/api/clients/cid789/oauth-providers/google";
const response = await fetch(url, {
  method: "PATCH",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  body: JSON.stringify(payload),
});

console.log(await response.json());

const payload = {"provider_client_id":"string","provider_client_secret":"value","enabled":true,"scopes":"string"};
const url = "${BASE_URL}/api/clients/cid789/oauth-providers/google";
const response = await fetch(url, {
  method: "PATCH",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  body: JSON.stringify(payload),
} as RequestInit);

console.log(await response.json());

const payload = {"provider_client_id":"string","provider_client_secret":"value","enabled":true,"scopes":"string"};
const response = await axios({
  method: "patch",
  url: "${BASE_URL}/api/clients/cid789/oauth-providers/google",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  data: payload,
});

console.log(response.data);

const payload = {"provider_client_id":"string","provider_client_secret":"value","enabled":true,"scopes":"string"};
const response: AxiosResponse = await axios({
  method: "patch",
  url: "${BASE_URL}/api/clients/cid789/oauth-providers/google",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  data: payload,
});

console.log(response.data);

import { request } from "undici";

const bodyData = {"provider_client_id":"string","provider_client_secret":"value","enabled":true,"scopes":"string"};
const { body } = await request("${BASE_URL}/api/clients/cid789/oauth-providers/google", {
  method: "PATCH",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
      "Content-Type": "application/json",
  },
    body: JSON.stringify(bodyData),
});

console.log(await body.json());

import requests

payload = {"provider_client_id":"string","provider_client_secret":"value","enabled":true,"scopes":"string"}
response = requests.request( \
    "PATCH", \
    "${BASE_URL}/api/clients/cid789/oauth-providers/google", \
    headers={"Authorization": "Bearer ${API_TOKEN}"}, \
    json=payload,
)
print(response.json())

import httpx

payload = {"provider_client_id":"string","provider_client_secret":"value","enabled":true,"scopes":"string"}
with httpx.Client() as client:
    response = client.request( \
        "PATCH", \
        "${BASE_URL}/api/clients/cid789/oauth-providers/google", \
        headers={"Authorization": "Bearer ${API_TOKEN}"}, \
        json=payload,
    )
print(response.json())

payload := bytes.NewBuffer([]byte(`{"provider_client_id":"string","provider_client_secret":"value","enabled":true,"scopes":"string"}`))

req, err := http.NewRequest("PATCH", "${BASE_URL}/api/clients/cid789/oauth-providers/google", payload)
if err != nil {
  panic(err)
}
req.Header.Set("Authorization", "Bearer ${API_TOKEN}")
if payload != http.NoBody {
  req.Header.Set("Content-Type", "application/json")
}

res, err := (&http.Client{}).Do(req)
if err != nil {
  panic(err)
}
defer res.Body.Close()

require "json"
require "net/http"

payload = {"provider_client_id":"string","provider_client_secret":"value","enabled":true,"scopes":"string"}
uri = URI("${BASE_URL}/api/clients/cid789/oauth-providers/google")
request = Net::HTTP::Patch.new(uri)
request["Authorization"] = "Bearer ${API_TOKEN}"
request["Content-Type"] = "application/json"
request.body = payload.to_json
response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") { |http| \
  http.request(request) \
}
puts response.body

<?php

use GuzzleHttp\Client;

$payload = {"provider_client_id":"string","provider_client_secret":"value","enabled":true,"scopes":"string"};
$client = new Client();
$response = $client->request("PATCH", "${BASE_URL}/api/clients/cid789/oauth-providers/google", [
  'headers' => [
    'Authorization' => 'Bearer ${API_TOKEN}',
  ],
  'json' => $payload,
]);

echo $response->getBody();

using System.Net.Http;
using System.Text;

var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Patch, "${BASE_URL}/api/clients/cid789/oauth-providers/google");
request.Headers.Add("Authorization", "Bearer ${API_TOKEN}");
request.Content = new StringContent("{\"provider_client_id\":\"string\",\"provider_client_secret\":\"value\",\"enabled\":true,\"scopes\":\"string\"}", Encoding.UTF8, "application/json");
var response = await client.SendAsync(request);
Console.WriteLine(await response.Content.ReadAsStringAsync());

POST/api/clients/{client_id}/oauth-providers/search

Search client OAuth provider configurations using Lucene syntax. More

Body application/json

querystringrequired

limitinteger

offsetinteger

Responses

200application/json

schemaobject

dataarrayrequired

itemobjectrequired

idstringrequired

Unique identifier for an OAuth provider configuration.

client_idstringrequired

Unique identifier for a client application.

providerrequired

provider_client_idstringrequired

enabledbooleanrequired

scopesstringrequired

created_atstringrequired

updated_atstringrequired

metaobjectrequired

querystringrequired

totalnumberrequired

limitnumberrequired

offsetnumberrequired

linksobjectrequired

selfstringrequired

defaultapplication/problem+jsonProblemDetails

HTTP Error

schemaProblemDetails

typestring · urirequired

titlestringrequired

statusintegerrequired

detailstring

instancestring · uri

codestring

curl -X POST \\
  "${BASE_URL}/api/clients/cid789/oauth-providers/search" \\
  -H "Authorization: Bearer ${API_TOKEN}" \\
  -H "Content-Type: application/json" \\
  -d '{"query":"string","limit":123,"offset":123}'

const payload = {"query":"string","limit":123,"offset":123};
const url = "${BASE_URL}/api/clients/cid789/oauth-providers/search";
const response = await fetch(url, {
  method: "POST",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  body: JSON.stringify(payload),
});

console.log(await response.json());

const payload = {"query":"string","limit":123,"offset":123};
const url = "${BASE_URL}/api/clients/cid789/oauth-providers/search";
const response = await fetch(url, {
  method: "POST",
  headers: {
    "Authorization": "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  body: JSON.stringify(payload),
} as RequestInit);

console.log(await response.json());

const payload = {"query":"string","limit":123,"offset":123};
const response = await axios({
  method: "post",
  url: "${BASE_URL}/api/clients/cid789/oauth-providers/search",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  data: payload,
});

console.log(response.data);

const payload = {"query":"string","limit":123,"offset":123};
const response: AxiosResponse = await axios({
  method: "post",
  url: "${BASE_URL}/api/clients/cid789/oauth-providers/search",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
    "Content-Type": "application/json",
  },
  data: payload,
});

console.log(response.data);

import { request } from "undici";

const bodyData = {"query":"string","limit":123,"offset":123};
const { body } = await request("${BASE_URL}/api/clients/cid789/oauth-providers/search", {
  method: "POST",
  headers: {
    Authorization: "Bearer ${API_TOKEN}",
      "Content-Type": "application/json",
  },
    body: JSON.stringify(bodyData),
});

console.log(await body.json());

import requests

payload = {"query":"string","limit":123,"offset":123}
response = requests.request( \
    "POST", \
    "${BASE_URL}/api/clients/cid789/oauth-providers/search", \
    headers={"Authorization": "Bearer ${API_TOKEN}"}, \
    json=payload,
)
print(response.json())

import httpx

payload = {"query":"string","limit":123,"offset":123}
with httpx.Client() as client:
    response = client.request( \
        "POST", \
        "${BASE_URL}/api/clients/cid789/oauth-providers/search", \
        headers={"Authorization": "Bearer ${API_TOKEN}"}, \
        json=payload,
    )
print(response.json())

payload := bytes.NewBuffer([]byte(`{"query":"string","limit":123,"offset":123}`))

req, err := http.NewRequest("POST", "${BASE_URL}/api/clients/cid789/oauth-providers/search", payload)
if err != nil {
  panic(err)
}
req.Header.Set("Authorization", "Bearer ${API_TOKEN}")
if payload != http.NoBody {
  req.Header.Set("Content-Type", "application/json")
}

res, err := (&http.Client{}).Do(req)
if err != nil {
  panic(err)
}
defer res.Body.Close()

require "json"
require "net/http"

payload = {"query":"string","limit":123,"offset":123}
uri = URI("${BASE_URL}/api/clients/cid789/oauth-providers/search")
request = Net::HTTP::Post.new(uri)
request["Authorization"] = "Bearer ${API_TOKEN}"
request["Content-Type"] = "application/json"
request.body = payload.to_json
response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") { |http| \
  http.request(request) \
}
puts response.body

<?php

use GuzzleHttp\Client;

$payload = {"query":"string","limit":123,"offset":123};
$client = new Client();
$response = $client->request("POST", "${BASE_URL}/api/clients/cid789/oauth-providers/search", [
  'headers' => [
    'Authorization' => 'Bearer ${API_TOKEN}',
  ],
  'json' => $payload,
]);

echo $response->getBody();

using System.Net.Http;
using System.Text;

var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Post, "${BASE_URL}/api/clients/cid789/oauth-providers/search");
request.Headers.Add("Authorization", "Bearer ${API_TOKEN}");
request.Content = new StringContent("{\"query\":\"string\",\"limit\":123,\"offset\":123}", Encoding.UTF8, "application/json");
var response = await client.SendAsync(request);
Console.WriteLine(await response.Content.ReadAsStringAsync());

Client

idstringrequired

Unique identifier for a client application.

resource_idstringrequired

Variant

Unique identifier for an account.

Option 1string

Unique identifier for an account.

Unique identifier for an application.

Option 2string

Unique identifier for an application.

hostnamestring | nullrequired

Optional hostname that maps requests to this client when client_id is omitted.

issuerstringrequired

audiencestringrequired

allowed_originsarrayrequired

itemstringrequired

allowed_scopestring | nullrequired

default_scopestringrequired

redirect_urisarrayrequired

itemstringrequired

seamless_sign_inbooleanrequired

login_enabledbooleanrequired

register_enabledbooleanrequired

csrf_requiredbooleanrequired

email_provider_configobject | nullrequired

providerrequired

mock_inbox_idstringrequired

access_token_configobject | nullrequired

Configuration for access tokens issued by this client. Access tokens are short-lived and authorize API requests on behalf of the user.

expires_innumber

cookie_optionsobject

namestringrequired

http_onlyboolean

secureboolean

same_site

max_ageintegerrequired

pathstring

refresh_token_configobject | nullrequired

Configuration for refresh tokens issued by this client. Refresh tokens are long-lived and allow obtaining new access tokens without re-authentication.

expires_innumber

cookie_optionsobject

namestringrequired

http_onlyboolean

secureboolean

same_site

max_ageintegerrequired

pathstring

id_token_configobject | nullrequired

Configuration for ID tokens issued by this client. ID tokens are JWTs containing user claims like email and name for client-side personalization.

expires_innumber

cookie_optionsobject

namestringrequired

http_onlyboolean

secureboolean

same_site

max_ageintegerrequired

pathstring

external_jwks_configobject | nullrequired

jwks_urlstring

public_keysarray

itemstringrequired

saml_configobject | nullrequired

saml_metadata_urlstring

public_keysarray

itemstringrequired

expected_issuerstring

rate_limit_configobject | nullrequired

Configuration for rate limiting client requests. Higher limits may be useful for testing environments.

login_maxinteger

auth_maxinteger

unauth_maxinteger

ClientKey

kidstringrequired

credential_idstringrequired

Unique identifier for a client application.

jwkrequired

public_keystringrequired

ProblemDetails

typestring · urirequired

titlestringrequired

statusintegerrequired

detailstring

instancestring · uri

codestring

ValidationProblemDetails

typestring · urirequired

titlestringrequired

statusintegerrequired

detailstring

instancestring · uri

codestring

invalid_paramsarray

itemobjectrequired

instring

pathstring

typestring

expectedstring

receivedstring

Clients

Contents

Delete Client

Get Client

Update Client

List Client Keys

Create Client Key

Delete Client Key

Rotate Client JWKs

List Client OAuth Providers

Create Client OAuth Provider

Delete Client OAuth Provider

Get Client OAuth Provider

Patch Client OAuth Provider

Search Client OAuth Providers

Models

Features

Types

Contents

Models

Related Features and Types

Features

Types