๐๏ธ Retrieve a list of OAuth2 clients
Retrieve a list of existing OAuth 2.0 clients for your organization.
๐๏ธ Create a new OAuth2 client
Create a new client ID/secret pair that can be used with the client credentials grant type. A valid SlashID organization ID and API key must be used to authenticate and authorize the request. The client credentials can be configured. SlashID currently supports the following OAuth 2.0 grants: - client credentials - authorization code - refresh token The `grant_types` field may contain only the values `client_credentials` and `authorization_code`. Other values will return a `400` error code. The client credentials grant requires a client secret, and so all clients allowing that grant should be regarded as confidential, as defined in the OAuth 2.0 specification (https://oauth.net/2/client-types/). The response body will include the client ID and client secret. For the client credentials grant, these can be used with the `/oauth2/tokens` endpoints to obtain an access token. For the authorization code grant, these can be used as described in the [OAuth 2.0 specification](https://datatracker.ietf.org/doc/html/rfc6749). The client secret must be stored securely, and cannot be retrieved in subsequent API calls. If you lose the client secret, a new secret can be generated using the `PUT /oauth2/clients/{oauth_client_id}/secret` endpoint.
๐๏ธ Retrieve an OAuth2 client
Get details on the identified client. Authenticated with a SlashID organization ID and API key; the organization ID must match or be a parent of the client owner.
๐๏ธ Delete an existing OAuth2 client
Delete the identified client. Authenticated with a SlashID organization ID and API key; the organization ID must match or be a parent of the client owner.
๐๏ธ Modify an existing OAuth2 client
Update the identified client. Authenticated with a SlashID organization ID and API key; the organization ID must match or be a parent of the client owner. SlashID currently only supported a subset of OAuth clients, therefore we enforce that grant_types must be ['client_credentials']. Setting this field to any other value will result in an error response with a `400` status code.
๐๏ธ Generate a new client secret
A new client secret is created and returned. The previous secret will no longer be valid after this.
๐๏ธ Retrieve the configuration for the hosted UI
The configuration is used to theme the hosted UI.
๐๏ธ Modify the configuration for the hosted UI
The configuration is used to theme the hosted UI.
๐๏ธ Request an authorization code
Used to initiate an authorization code flow. SlashID is an OAuth 2.0 and OpenID Connect 1.0 provider.
๐๏ธ Obtain an access token
Obtain a new OAuth 2.0 access token using an OAuth 2.0 client ID/secret pair.
๐๏ธ Revoke an access token
Revoke an OAuth 2.0 access token using an OAuth 2.0 client ID/secret pair.
๐๏ธ Introspect an access token
Introspect an OAuth 2.0 access or refresh token using an OAuth 2.0 client ID/secret pair. Note: there is a know issue for this endpoint, whereby the expiry for refresh tokens in the response is incorrect. However, expired refresh tokens will still return a response with `active: false`.