Create a client

OAuth clients help web applications to get access to a resource server. Here configuration helps to manage them in order to use boruta for authentication and authorization. Beyond authorization, clients are the entrypoint for decentralized identity flows. The field descriptions are available in the main documentation pages.

POST /api/clients creates a client resource

Required scope: clients:manage:all

Request Body — REQUIRED

client object — REQUIRED id string public_client_id string check_public_client_id boolean name string secret string confidential boolean redirect_uris string[] public_refresh_token boolean public_revoke boolean authorize_scope boolean enforce_dpop boolean enforce_tx_code boolean access_token_ttl int32 authorization_code_ttl int32 authorization_request_ttl int32 refresh_token_ttl int32 id_token_ttl int32 pkce boolean public_key string key_pair_type object signatures_adapter string did string identity_provider object — REQUIRED id string name string authorized_scopes object[] id string name string public boolean supported_grant_types string[] id_token_signature_alg string userinfo_signed_response_alg string token_endpoint_jwt_auth_alg string token_endpoint_auth_methods string[] jwt_public_key string response_mode string

Responses
201 Schema — OPTIONAL data object — OPTIONAL id string — OPTIONAL public_client_id string — OPTIONAL check_public_client_id boolean — OPTIONAL name string — OPTIONAL secret string — OPTIONAL confidential boolean — OPTIONAL redirect_uris string[] — OPTIONAL public_refresh_token boolean — OPTIONAL public_revoke boolean — OPTIONAL authorize_scope boolean — OPTIONAL enforce_dpop boolean — OPTIONAL enforce_tx_code boolean — OPTIONAL access_token_ttl int32 — OPTIONAL authorization_code_ttl int32 — OPTIONAL authorization_request_ttl int32 — OPTIONAL refresh_token_ttl int32 — OPTIONAL id_token_ttl int32 — OPTIONAL pkce boolean — OPTIONAL public_key string — OPTIONAL key_pair_type object — OPTIONAL signatures_adapter string — OPTIONAL did string — OPTIONAL identity_provider object id string — OPTIONAL name string — OPTIONAL authorized_scopes object[] — OPTIONAL id string — OPTIONAL name string — OPTIONAL public boolean — OPTIONAL supported_grant_types string[] — OPTIONAL id_token_signature_alg string — OPTIONAL userinfo_signed_response_alg string — OPTIONAL token_endpoint_jwt_auth_alg string — OPTIONAL token_endpoint_auth_methods string[] — OPTIONAL jwt_public_key string — OPTIONAL response_mode string — OPTIONAL
401 The client is unauthorized to access this resource. Schema — OPTIONAL code string message string
403 The client is forbidden to access this resource. Schema — OPTIONAL code string message string