Skip to main content

Openid-connect Dynamic Register

Introduction

Openid-connect allows a service provider registers dynamically other service providers.

Dynamic Register

To dynamically register a client, acquire an initial access token, and then register the new application by using the registration API. You can get the access token from Soffid.

Register Server

Request
POST https://<YOUR_SERVER>:2443/register

Authorization

  • Authorization: contains the Bearer Token.

Header

  • Content-type: application/x-www-form-urlencoded

JSON

{
    "application_type": "web",
    "redirect_uris":
        ["https://client.example.org/callback",
         "https://client.example.org/callback2"],
    "client_name": "My Example 7",
    "logo_uri": "https://client.example.org/logo.png",
    "subject_type": "pairwise",
    "token_endpoint_auth_method": "client_secret_basic",
    "jwks_uri": "https://client.example.org/my_public_keys.jwks",
    "userinfo_encrypted_response_alg": "RSA1_5",
    "userinfo_encrypted_response_enc": "A128CBC-HS256",
    "contacts": ["ve7jtb@example.org", "mary@example.org"],
    "request_uris":
        ["https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"]
}
Response 200 OK
{
    "client_secret_expires_at": 0,
    "registration_client_uri": "https://iam-sync-tenantidp.soffidnet:2443/register?client_id=DR_7",
    "client_secret": "wBeH8G6hT2GRwr7jJ6HfX2lMJDGdwGi9M49SKF2MjHRGOtwZ",
    "redirect_uris": [
        "https://client.example.org/callback",
        "https://client.example.org/callback2"
    ],
    "registration_access_token": "NjYxODg1Ng.AFa8jQbltq+bocWQpT3okPvHXHrTM+HqXQC26Kz5mfAWfXWG",
    "client_name": "My Example 7",
    "client_id": "DR_7"
}

Client read request

Request
GET https://<YOUR_SERVER>:2443/register?client_id=DR_7

Authorization

  • Authorization: contains the Bearer Token. It contains the registration_access_token Token received as the response when the server was registered.

Header

  • Content-type: application/json

Params

  • client_id
Response
{
    "client_secret_expires_at": 0,
    "registration_client_uri": "https://iam-sync-tenantidp.soffidnet:2443/register?client_id=DR_7",
    "redirect_uris": [
        "https://client.example.org/callback",
        "https://client.example.org/callback2"
    ],
    "client_name": "My Example 7",
    "client_id": "DR_7"
}