openapi: 3.0.1 info: title: Jans Config API contact: name: Contact url: https://github.com/JanssenProject/jans/discussions license: name: License url: https://github.com/JanssenProject/jans/blob/main/LICENSE version: OAS Version servers: - url: https://jans.local.io description: The Jans server tags: - name: Attribute - name: Default Authentication Method - name: Cache Configuration - name: Cache Configuration – Memcached - name: Cache Configuration – Redis - name: Cache Configuration – in-Memory - name: Cache Configuration – Native-Persistence - name: Configuration – Properties - name: Configuration – SMTP - name: Configuration – Logging - name: Configuration – JWK - JSON Web Key (JWK) - name: Custom Scripts - name: Database - LDAP configuration - name: OAuth - OpenID Connect - Clients - name: OAuth - UMA Resources - name: OAuth - Scopes - name: Agama - Configuration - name: Agama - name: Statistics - User - name: Health - Check - name: Server Stats - name: Auth - Session Management - name: Organization Configuration - name: Auth Server Health - Check - name: Plugins - name: Configuration – Config API - name: Client Authorization - name: Jans Assets paths: /api/v1/health/app-version: get: tags: - Health - Check summary: Returns application version description: Returns application version operationId: get-app-version parameters: - name: artifact in: query description: artifact name for which version is requied else ALL schema: type: string default: all responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/JsonNode' "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/app-version.readonly /api/v1/health: get: tags: - Health - Check summary: Returns application health status description: Returns application health status operationId: get-config-health responses: "200": description: Ok content: application/json: schema: type: array items: $ref: '#/components/schemas/HealthStatus' "500": description: InternalServerError /api/v1/health/live: get: tags: - Health - Check summary: Returns application liveness status description: Returns application liveness status operationId: get-config-health-live responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/Status' "500": description: InternalServerError /api/v1/health/ready: get: tags: - Health - Check summary: Returns application readiness status description: Returns application readiness status operationId: get-config-health-ready responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/Status' "500": description: InternalServerError /api/v1/health/server-stat: get: tags: - Health - Check summary: Returns application server status description: Returns application server status operationId: get-server-stat responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/StatsData' "500": description: InternalServerError /api/v1/acrs: get: tags: - Default Authentication Method summary: Gets default authentication method. description: Gets default authentication method. operationId: get-acrs responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/AuthenticationMethod' examples: Response example: description: Response example value: | { "defaultAcr": "basic" } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/acrs.readonly - https://jans.io/oauth/config/acrs.write - https://jans.io/oauth/config/read-all put: tags: - Default Authentication Method summary: Updates default authentication method. description: Updates default authentication method. operationId: put-acrs requestBody: description: String representing patch-document. content: application/json: schema: $ref: '#/components/schemas/AuthenticationMethod' examples: Request json example: description: Request json example value: | { "defaultAcr": "basic" } responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/AuthenticationMethod' "400": description: Bad Request "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/acrs.write - https://jans.io/oauth/config/write-all /api/v1/agama-deployment/{name}: get: tags: - Agama summary: Fetches deployed Agama project based on name. description: Fetches deployed Agama project based on name. operationId: get-agama-prj-by-name parameters: - name: name in: path description: Agama project name required: true schema: type: string responses: "200": description: Agama project content: application/json: schema: $ref: '#/components/schemas/Deployment' examples: Response json example: description: Response json example value: "" "204": description: No Content "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/agama.readonly post: tags: - Agama summary: Deploy an Agama project. description: Deploy an Agama project. operationId: post-agama-prj parameters: - name: name in: path description: Agama project name required: true schema: type: string - name: autoconfigure in: query schema: type: string requestBody: content: application/zip: schema: type: array items: type: string format: byte responses: "202": description: Agama project accepted content: application/zip: schema: type: string examples: Response json example: description: Response json example value: "" "400": description: Bad Request "401": description: Unauthorized "409": description: Conflict "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/agama.write delete: tags: - Agama summary: Delete a deployed Agama project. description: Delete a deployed Agama project. operationId: delete-agama-prj parameters: - name: name in: path description: Agama project name required: true schema: type: string responses: "204": description: No Content "401": description: Unauthorized "404": description: Not Found "409": description: Conflict "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/agama.delete /api/v1/agama-deployment/configs/{name}: get: tags: - Agama summary: Retrieve the list of configs based on name. description: Retrieve the list of configs based on name. operationId: get-agama-prj-configs parameters: - name: name in: path description: Agama project name required: true schema: type: string responses: "200": description: Agama projects configs content: application/json: schema: type: string examples: Response json example: description: Response json example value: "" "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/agama.readonly put: tags: - Agama summary: Update an Agama project. description: Update an Agama project. operationId: put-agama-prj parameters: - name: name in: path description: Agama project name required: true schema: type: string requestBody: content: application/json: schema: type: object additionalProperties: type: object additionalProperties: type: object responses: "202": description: Agama project accepted content: application/json: schema: type: string examples: Response json example: description: Response json example value: "" "400": description: Bad Request "401": description: Unauthorized "409": description: Conflict "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/agama.write /api/v1/agama-deployment: get: tags: - Agama summary: Retrieve the list of projects deployed currently. description: Retrieve the list of projects deployed currently. operationId: get-agama-prj parameters: - name: start in: query schema: type: integer format: int32 - name: count in: query schema: type: integer format: int32 responses: "200": description: Agama projects content: application/json: schema: $ref: '#/components/schemas/PagedResult' examples: Response json example: description: Response json example value: "" "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/agama.readonly /api/v1/agama/syntax-check/{qname}: post: tags: - Agama - Configuration summary: Determine if the text passed is valid Agama code description: Determine if the text passed is valid Agama code operationId: agama-syntax-check parameters: - name: qname in: path description: Agama Flow name required: true schema: type: string requestBody: content: text/plain: schema: type: string responses: "200": description: Agama Syntax Check message content: application/json: schema: type: string "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/agama.readonly - https://jans.io/oauth/config/agama.write - https://jans.io/oauth/config/read-all /api/v1/jans-assets/{inum}: get: tags: - Jans Assets summary: Gets an asset by inum - unique identifier description: Gets an asset by inum - unique identifier operationId: get-asset-by-inum parameters: - name: inum in: path description: Asset Inum required: true schema: type: string responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/PagedResult' examples: Response example: description: Response example value: | { "dn": "inum=0b436302-b729-4eb2-b211-335980dcab43,ou=document,o=jans", "selected": false, "inum": "0b436302-b729-4eb2-b211-335980dcab43", "displayName": "mermaid-extra.css", "description": "/opt/jans/jetty/jans-config-api/", "document": ".mermaid {\r\n\toverflow: auto;\r\n}\r\n\r\n.mermaid svg {\r\n\twidth: 1315px;\r\n\theight: 600px;\r\n}\r\n", "jansModuleProperty": [ "config-api", "jar", "/opt/jans/jetty/jans-config-api/custom/lib" ], "jansLevel": "1", "jansRevision": "2", "jansEnabled": true, "baseDn": "inum=0b436302-b729-4eb2-b211-335980dcab43,ou=document,o=jans" } "401": description: Unauthorized "404": description: Not Found content: application/json: schema: $ref: '#/components/schemas/ApiError' "500": description: InternalServerError content: application/json: schema: $ref: '#/components/schemas/ApiError' security: - oauth2: - https://jans.io/oauth/config/jans_asset-read delete: tags: - Jans Assets summary: Delete an asset description: Delete an asset operationId: delete-asset parameters: - name: inum in: path description: Asset identifier required: true schema: type: string responses: "204": description: No Content "400": description: Bad Request content: application/json: schema: $ref: '#/components/schemas/ApiError' "401": description: Unauthorized "404": description: Not Found content: application/json: schema: $ref: '#/components/schemas/ApiError' "500": description: InternalServerError content: application/json: schema: $ref: '#/components/schemas/ApiError' security: - oauth2: - https://jans.io/oauth/config/jans_asset-delete /api/v1/jans-assets/name/{name}: get: tags: - Jans Assets summary: Fetch asset by name description: Fetch asset by name. operationId: get-asset-by-name parameters: - name: name in: path description: Asset Name required: true schema: type: string responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/PagedResult' examples: Response example: description: Response example value: "" "401": description: Unauthorized "404": description: Not Found content: application/json: schema: $ref: '#/components/schemas/ApiError' "500": description: InternalServerError content: application/json: schema: $ref: '#/components/schemas/ApiError' security: - oauth2: - https://jans.io/oauth/config/jans_asset-read /api/v1/jans-assets: get: tags: - Jans Assets summary: Gets all Jans assets. description: Gets all Jans assets. operationId: get-all-assets parameters: - name: limit in: query description: Search size - max size of the results to return schema: type: integer format: int32 default: 50 - name: pattern in: query description: Search pattern schema: type: string default: "" - name: status in: query description: Status of the attribute schema: type: string default: all - name: startIndex in: query description: The 1-based index of the first query result schema: type: integer format: int32 default: 0 - name: sortBy in: query description: Attribute whose value will be used to order the returned response schema: type: string default: inum - name: sortOrder in: query description: Order in which the sortBy param is applied. Allowed values are "ascending" and "descending" schema: type: string default: ascending - name: fieldValuePair in: query description: Field and value pair for seraching schema: type: string default: "" examples: Field value example: description: Field value example value: "adminCanEdit=true,dataType=string" responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/PagedResult' examples: Response example: description: Response example value: | { "start": 0, "totalEntriesCount": 2, "entriesCount": 2, "entries": [ { "dn": "inum=0b436302-b729-4eb2-b211-335980dcab43,ou=document,o=jans", "selected": false, "inum": "0b436302-b729-4eb2-b211-335980dcab43", "displayName": "mermaid-extra.css", "description": "/opt/jans/jetty/jans-config-api/", "document": ".mermaid {\r\n\toverflow: auto;\r\n}\r\n\r\n.mermaid svg {\r\n\twidth: 1315px;\r\n\theight: 600px;\r\n}\r\n", "jansModuleProperty": [ "config-api", "jar", "/opt/jans/jetty/jans-config-api/custom/lib" ], "jansLevel": "1", "jansRevision": "2", "jansEnabled": true, "baseDn": "inum=0b436302-b729-4eb2-b211-335980dcab43,ou=document,o=jans" }, { "dn": "inum=9d2f39f5-a910-4a03-a888-6f0f1ee03445,ou=document,o=jans", "selected": false, "inum": "9d2f39f5-a910-4a03-a888-6f0f1ee03445", "displayName": "kc-saml-plugin.jar", "description": "/opt/jans/jetty/jans-config-api/", "creationDate": "2024-03-14T12:53:00", "jansModuleProperty": [ "config-api", "jar", "/opt/jans/jetty/jans-config-api/custom/lib" ], "jansEnabled": true, "baseDn": "inum=9d2f39f5-a910-4a03-a888-6f0f1ee03445,ou=document,o=jans" } ] } "401": description: Unauthorized "500": description: InternalServerError content: application/json: schema: $ref: '#/components/schemas/ApiError' security: - oauth2: - https://jans.io/oauth/config/jans_asset-read /api/v1/jans-assets/upload: put: tags: - Jans Assets summary: Update existing asset description: Update existing asset operationId: put-asset requestBody: description: String multipart form. content: multipart/form-data: schema: $ref: '#/components/schemas/AssetForm' examples: Response json example: description: Response json example value: "{\n \"dn\": \"inum=ed901270-c0cd-43cf-a683-10795ff66349,ou=document,o=jans\"\ ,\n \"selected\": false,\n \"inum\": \"ed901270-c0cd-43cf-a683-10795ff66349\"\ ,\n \"displayName\": \"janssen_dove_icon.png\",\n \"description\"\ : \"/opt/jans/jetty/jans-auth/custom/static\",\n\t\"jansModuleProperty\"\ : [\n \"agama\",\n \"img\",\n \"/opt/jans/jetty/jans-auth\"\ \n ],\n \"jansLevel\": \"1\",\n \"jansRevision\": \"2\"\ ,\n \"jansEnabled\": true,\n \"baseDn\": \"inum=ed901270-c0cd-43cf-a683-10795ff66349,ou=document,o=jans\"\ \n}\n" responses: "200": description: Modified Asset content: application/json-patch+json: schema: $ref: '#/components/schemas/Document' examples: Response json example: description: Response json example value: "{\n \"dn\": \"inum=ed901270-c0cd-43cf-a683-10795ff66349,ou=document,o=jans\"\ ,\n \"selected\": false,\n \"inum\": \"ed901270-c0cd-43cf-a683-10795ff66349\"\ ,\n \"displayName\": \"janssen_dove_icon.png\",\n \"description\"\ : \"/opt/jans/jetty/jans-auth/custom/static\",\n\t\"jansModuleProperty\"\ : [\n \"agama\",\n \"img\",\n \"/opt/jans/jetty/jans-auth\"\ \n ],\n \"jansLevel\": \"1\",\n \"jansRevision\": \"\ 2\",\n \"jansEnabled\": true,\n \"baseDn\": \"inum=ed901270-c0cd-43cf-a683-10795ff66349,ou=document,o=jans\"\ \n}\n" "400": description: Bad Request content: application/json: schema: $ref: '#/components/schemas/ApiError' "401": description: Unauthorized "404": description: Not Found content: application/json: schema: $ref: '#/components/schemas/ApiError' "500": description: InternalServerError content: application/json: schema: $ref: '#/components/schemas/ApiError' security: - oauth2: - https://jans.io/oauth/config/jans_asset-write post: tags: - Jans Assets summary: Upload new asset description: Upload new asset operationId: post-new-asset requestBody: description: String multipart form. content: multipart/form-data: schema: $ref: '#/components/schemas/AssetForm' examples: Response json example: description: Response json example value: "{\n \"displayName\": \"kc-saml-plugin.jar\",\n \"description\"\ : \"Config api pligin\",\n \"document\":\"\",\n \"jansModuleProperty\"\ : [\n\t\t\"config-api\",\n\t\t\"jar\",\n\t\t\"/opt/jans/jetty/jans-config-api/custom/lib\"\ \n\t],\t\n \"jansLevel\": \"1\",\n \"jansRevision\": \"1\"\ ,\n \"jansEnabled\": true,\n \"jansAlias\": \"\"\n}\n" responses: "201": description: Newly created Asset content: application/json-patch+json: schema: $ref: '#/components/schemas/Document' examples: Response json example: description: Response json example value: "{\n \"displayName\": \"kc-saml-plugin.jar\",\n \"\ description\": \"Config api pligin\",\n \"document\":\"\",\n\ \ \"jansModuleProperty\": [\n\t\t\"config-api\",\n\t\t\"jar\"\ ,\n\t\t\"/opt/jans/jetty/jans-config-api/custom/lib\"\n\t],\t\n\ \ \"jansLevel\": \"1\",\n \"jansRevision\": \"1\",\n \ \ \"jansEnabled\": true,\n \"jansAlias\": \"\"\n}\n" "400": description: Bad Request content: application/json: schema: $ref: '#/components/schemas/ApiError' "401": description: Unauthorized "404": description: Not Found content: application/json: schema: $ref: '#/components/schemas/ApiError' "500": description: InternalServerError content: application/json: schema: $ref: '#/components/schemas/ApiError' security: - oauth2: - https://jans.io/oauth/config/jans_asset-write /api/v1/attributes: get: tags: - Attribute summary: Gets a list of Jans attributes. description: Gets a list of Jans attributes. operationId: get-attributes parameters: - name: limit in: query description: Search size - max size of the results to return schema: type: integer format: int32 default: 50 - name: pattern in: query description: Search pattern schema: type: string default: "" - name: status in: query description: Status of the attribute schema: type: string default: all - name: startIndex in: query description: The 1-based index of the first query result schema: type: integer format: int32 default: 0 - name: sortBy in: query description: Attribute whose value will be used to order the returned response schema: type: string default: inum - name: sortOrder in: query description: Order in which the sortBy param is applied. Allowed values are "ascending" and "descending" schema: type: string default: ascending - name: fieldValuePair in: query description: Field and value pair for seraching schema: type: string default: "" examples: Field value example: description: Field value example value: "adminCanEdit=true,dataType=string" responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/PagedResult' examples: Response example: description: Response example value: | { "start": 0, "totalEntriesCount": 78, "entriesCount": 2, "entries": [ { "dn": "inum=08E2,ou=attributes,o=jans", "selected": false, "inum": "08E2", "name": "departmentNumber", "displayName": "Department", "description": "Organizational Department", "origin": "jansCustomPerson", "dataType": "string", "editType": [ "admin" ], "viewType": [ "user", "admin" ], "claimName": "department_number", "status": "inactive", "saml1Uri": "urn:mace:dir:attribute-def:departmentNumber", "saml2Uri": "urn:oid:2.16.840.1.113730.3.1.2", "urn": "urn:mace:dir:attribute-def:departmentNumber", "oxMultiValuedAttribute": false, "custom": false, "requred": false, "whitePagesCanView": false, "adminCanEdit": true, "userCanView": true, "userCanEdit": false, "adminCanAccess": true, "adminCanView": true, "userCanAccess": true, "baseDn": "inum=08E2,ou=attributes,o=jans" }, { "dn": "inum=0C18,ou=attributes,o=jans", "selected": false, "inum": "0C18", "name": "telephoneNumber", "displayName": "Home Telephone Number", "description": "Home Telephone Number", "origin": "jansCustomPerson", "dataType": "string", "editType": [ "user", "admin" ], "viewType": [ "user", "admin" ], "claimName": "phone_number", "status": "inactive", "saml1Uri": "urn:mace:dir:attribute-def:telephoneNumber", "saml2Uri": "urn:oid:2.5.4.20", "urn": "urn:mace:dir:attribute-def:phone_number", "oxMultiValuedAttribute": false, "custom": false, "requred": false, "whitePagesCanView": false, "adminCanEdit": true, "userCanView": true, "userCanEdit": true, "adminCanAccess": true, "adminCanView": true, "userCanAccess": true, "baseDn": "inum=0C18,ou=attributes,o=jans" } } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/attributes.readonly put: tags: - Attribute summary: Updates an existing attribute description: Updates an existing attribute operationId: put-attributes requestBody: description: JansAttribute object content: application/json: schema: $ref: '#/components/schemas/JansAttribute' examples: Request example: description: Request example value: | { "adminCanAccess": true, "adminCanEdit": true, "adminCanView": true, "custom": false, "dataType": "string", "description": "QAAdded Attribute", "displayName": "QAAdded Attribute", "editType": [ "admin", "user" ], "name": "qaattribute", "origin": "jansPerson", "jansMultivaluedAttr": false, "requred": false, "status": "active", "urn": "urn:mace:dir:attribute-def:qaattribute", "userCanAccess": true, "userCanEdit": true, "userCanView": true, "viewType": [ "admin", "user" ], "whitePagesCanView": false } responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/JansAttribute' examples: Response example: description: Response example value: | { "adminCanAccess": true, "adminCanEdit": true, "adminCanView": true, "custom": false, "dataType": "string", "description": "QAAdded Attribute", "displayName": "QAAdded Attribute", "editType": [ "admin", "user" ], "name": "qaattribute", "origin": "jansPerson", "jansMultivaluedAttr": false, "requred": false, "status": "active", "urn": "urn:mace:dir:attribute-def:qaattribute", "userCanAccess": true, "userCanEdit": true, "userCanView": true, "viewType": [ "admin", "user" ], "whitePagesCanView": false } "401": description: Unauthorized "406": description: NotAcceptable "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/attributes.write post: tags: - Attribute summary: Adds a new attribute description: Adds a new attribute operationId: post-attributes requestBody: description: JansAttribute object content: application/json: schema: $ref: '#/components/schemas/JansAttribute' examples: Request example: description: Request example value: | { "adminCanAccess": true, "adminCanEdit": true, "adminCanView": true, "custom": false, "dataType": "string", "description": "QAAdded Attribute", "displayName": "QAAdded Attribute", "editType": [ "admin", "user" ], "name": "qaattribute", "origin": "jansPerson", "jansMultivaluedAttr": false, "requred": false, "status": "active", "urn": "urn:mace:dir:attribute-def:qaattribute", "userCanAccess": true, "userCanEdit": true, "userCanView": true, "viewType": [ "admin", "user" ], "whitePagesCanView": false } responses: "201": description: Created content: application/json: schema: $ref: '#/components/schemas/JansAttribute' examples: Response example: description: Response example value: | { "adminCanAccess": true, "adminCanEdit": true, "adminCanView": true, "custom": false, "dataType": "string", "description": "QAAdded Attribute", "displayName": "QAAdded Attribute", "editType": [ "admin", "user" ], "name": "qaattribute", "origin": "jansPerson", "jansMultivaluedAttr": false, "requred": false, "status": "active", "urn": "urn:mace:dir:attribute-def:qaattribute", "userCanAccess": true, "userCanEdit": true, "userCanView": true, "viewType": [ "admin", "user" ], "whitePagesCanView": false } "400": description: BadRequest "401": description: Unauthorized "406": description: NotAcceptable "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/attributes.write /api/v1/attributes/{inum}: get: tags: - Attribute summary: Gets an attribute based on inum description: Gets an attribute based on inum operationId: get-attributes-by-inum parameters: - name: inum in: path description: Attribute Id required: true schema: type: string responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/JansAttribute' examples: Response example: description: Response example value: | { "dn": "inum=08E2,ou=attributes,o=jans", "selected": false, "inum": "08E2", "name": "departmentNumber", "displayName": "Department", "description": "Organizational Department", "origin": "jansCustomPerson", "dataType": "string", "editType": [ "admin" ], "viewType": [ "user", "admin" ], "claimName": "department_number", "status": "inactive", "saml1Uri": "urn:mace:dir:attribute-def:departmentNumber", "saml2Uri": "urn:oid:2.16.840.1.113730.3.1.2", "urn": "urn:mace:dir:attribute-def:departmentNumber", "oxMultiValuedAttribute": false, "custom": false, "requred": false, "whitePagesCanView": false, "adminCanEdit": true, "userCanView": true, "userCanEdit": false, "adminCanAccess": true, "adminCanView": true, "userCanAccess": true, "baseDn": "inum=08E2,ou=attributes,o=jans" } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/attributes.readonly delete: tags: - Attribute summary: Deletes an attribute based on inum description: Deletes an attribute based on inum operationId: delete-attributes-by-inum parameters: - name: inum in: path description: Attribute Id required: true schema: type: string responses: "204": description: No Content "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/attributes.delete patch: tags: - Attribute summary: Partially modify a JansAttribute description: Partially modify a JansAttribute operationId: patch-attributes-by-inum parameters: - name: inum in: path description: Attribute Id required: true schema: type: string requestBody: description: String representing patch-document. content: application/json-patch+json: schema: type: array items: $ref: '#/components/schemas/PatchRequest' examples: Patch request example: description: Patch request example value: | [ {op:replace, path: displayName, value: "CustomAttribute" } ] responses: "200": description: Updated JansAttribute content: application/json: schema: $ref: '#/components/schemas/JansAttribute' examples: Response example: description: Response example value: | { "adminCanAccess": true, "adminCanEdit": true, "adminCanView": true, "custom": false, "dataType": "string", "description": "QAAdded Attribute", "displayName": "QAAdded Attribute", "editType": [ "admin", "user" ], "name": "qaattribute", "origin": "jansPerson", "jansMultivaluedAttr": false, "requred": false, "status": "active", "urn": "urn:mace:dir:attribute-def:qaattribute", "userCanAccess": true, "userCanEdit": true, "userCanView": true, "viewType": [ "admin", "user" ], "whitePagesCanView": false } "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/attributes.write /api/v1/jans-auth-server/config: get: tags: - Configuration – Properties summary: Gets all Jans authorization server configuration properties. description: Gets all Jans authorization server configuration properties. operationId: get-properties responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/AppConfiguration' "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/jans-auth-server/config/properties.readonly patch: tags: - Configuration – Properties summary: Partially modifies Jans authorization server Application configuration properties. description: Partially modifies Jans authorization server AppConfiguration properties. operationId: patch-properties requestBody: description: String representing patch-document. content: application/json-patch+json: schema: type: array items: $ref: '#/components/schemas/JsonPatch' examples: Request json example: description: Request json example value: | [ {"op":"add","path":"/authenticationFilters","value":[{}]}, {"op":"replace","path":"/useNestedJwtDuringEncryption","value":"true"}, {"op":"add","path":"/loggingLevel","value":"TRACE"} ] responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/AppConfiguration' "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/jans-auth-server/config/properties.write /api/v1/jans-auth-server/config/feature-flags: get: tags: - Configuration – Properties summary: Returns feature flags type configured for Jans authorization server. description: Returns feature flags type configured for Jans authorization server. operationId: get-feature-flag-type responses: "200": description: Ok content: application/json: schema: type: array items: type: string "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/jans-auth-server/config/properties.readonly /api/v1/jans-auth-server/config/persistence: get: tags: - Configuration – Properties summary: Returns persistence type configured for Jans authorization server. description: Returns persistence type configured for Jans authorization server. operationId: get-properties-persistence responses: "200": description: Jans Authorization Server persistence type content: application/json: schema: $ref: '#/components/schemas/PersistenceConfiguration' examples: Response json example: description: Response json example value: | { "persistenceType": "ldap" } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/jans-auth-server/config/properties.readonly /api/v1/config/cache: get: tags: - Cache Configuration summary: Returns cache configuration. description: Returns cache configuration. operationId: get-config-cache responses: "200": description: Cache configuration details content: application/json: schema: $ref: '#/components/schemas/CacheConfiguration' examples: Response json example: description: Response json example value: | { "cacheProviderType": "NATIVE_PERSISTENCE", "memcachedConfiguration": { "servers": "localhost:11211", "maxOperationQueueLength": 100000, "bufferSize": 32768, "defaultPutExpiration": 60, "connectionFactoryType": "DEFAULT" }, "inMemoryConfiguration": { "defaultPutExpiration": 60 }, "redisConfiguration": { "redisProviderType": "STANDALONE", "servers": "localhost:6379", "defaultPutExpiration": 60, "useSSL": false, "maxIdleConnections": 10, "maxTotalConnections": 500, "connectionTimeout": 3000, "soTimeout": 3000, "maxRetryAttempts": 5 }, "nativePersistenceConfiguration": { "defaultPutExpiration": 60, "defaultCleanupBatchSize": 10000, "deleteExpiredOnGetRequest": false, "disableAttemptUpdateBeforeInsert": false } } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/cache.readonly patch: tags: - Cache Configuration summary: Patch cache configuration. description: Patch cache configuration operationId: patch-config-cache requestBody: description: String representing patch-document. content: application/json-patch+json: schema: type: array items: $ref: '#/components/schemas/JsonPatch' examples: Request json example: description: Request json example value: "[{ \"op\": \"replace\", \"path\": \"/memcachedConfiguration\"\ , \"value\": {\n \"servers\": \"localhost:11211\",\n \ \ \"maxOperationQueueLength\": 100000,\n \"bufferSize\"\ : 32768,\n \"defaultPutExpiration\":80,\n \"connectionFactoryType\"\ : \"DEFAULT\"\n }}] \n" responses: "200": description: Cache configuration details content: application/json: schema: $ref: '#/components/schemas/CacheConfiguration' examples: Response json example: description: Response json example value: | { "cacheProviderType": "NATIVE_PERSISTENCE", "memcachedConfiguration": { "servers": "localhost:11211", "maxOperationQueueLength": 100000, "bufferSize": 32768, "defaultPutExpiration": 60, "connectionFactoryType": "DEFAULT" }, "inMemoryConfiguration": { "defaultPutExpiration": 60 }, "redisConfiguration": { "redisProviderType": "STANDALONE", "servers": "localhost:6379", "defaultPutExpiration": 60, "useSSL": false, "maxIdleConnections": 10, "maxTotalConnections": 500, "connectionTimeout": 3000, "soTimeout": 3000, "maxRetryAttempts": 5 }, "nativePersistenceConfiguration": { "defaultPutExpiration": 60, "defaultCleanupBatchSize": 10000, "deleteExpiredOnGetRequest": false, "disableAttemptUpdateBeforeInsert": false } } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/cache.write /api/v1/config/cache/in-memory: get: tags: - Cache Configuration – in-Memory summary: Returns in-Memory cache configuration. description: Returns in-Memory cache configuration. operationId: get-config-cache-in-memory responses: "200": description: In-Memory configuration details content: application/json: schema: $ref: '#/components/schemas/InMemoryConfiguration' examples: Response json example: description: Response json example value: | { "defaultPutExpiration": 60 } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/cache.readonly put: tags: - Cache Configuration – in-Memory summary: Updates in-Memory cache configuration. description: Updates in-Memory cache configuration operationId: put-config-cache-in-memory requestBody: description: inMemoryConfiguration object content: application/json: schema: $ref: '#/components/schemas/InMemoryConfiguration' examples: Request json example: description: Request json example value: | { "defaultPutExpiration": 60 } responses: "200": description: In-Memory cache configuration details content: application/json: schema: $ref: '#/components/schemas/InMemoryConfiguration' examples: Response json example: description: Response json example value: | { "defaultPutExpiration": 60 } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/cache.write patch: tags: - Cache Configuration – in-Memory summary: Patch In-Memory cache configuration. description: Patch In-Memory cache configuration operationId: patch-config-cache-in-memory requestBody: description: String representing patch-document. content: application/json-patch+json: schema: type: array items: $ref: '#/components/schemas/JsonPatch' examples: Request json example: description: Request json example value: "[{ \"op\": \"replace\", \"path\": \"/defaultPutExpiration\"\ , \"value\":80}] \n" responses: "200": description: In-Memory cache configuration details content: application/json: schema: $ref: '#/components/schemas/InMemoryConfiguration' examples: Response json example: description: Response json example value: | { "defaultPutExpiration": 60 } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/cache.write /api/v1/config/cache/memcached: get: tags: - Cache Configuration – Memcached summary: Returns memcached cache configuration. description: Returns memcached cache configuration. operationId: get-config-cache-memcached responses: "200": description: Memcached configuration details content: application/json: schema: $ref: '#/components/schemas/MemcachedConfiguration' examples: Response json example: description: Response json example value: | { "servers": "localhost:11211", "maxOperationQueueLength": 100000, "bufferSize": 32768, "defaultPutExpiration": 80, "connectionFactoryType": "DEFAULT" } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/cache.readonly put: tags: - Cache Configuration – Memcached summary: Updates memcached cache configuration. description: Updates memcached cache configuration operationId: put-config-cache-memcached requestBody: description: Memcached Configuration object content: application/json: schema: $ref: '#/components/schemas/MemcachedConfiguration' examples: Request json example: description: Request json example value: | { "servers": "localhost:11211", "maxOperationQueueLength": 100000, "bufferSize": 32768, "defaultPutExpiration": 80, "connectionFactoryType": "DEFAULT" } responses: "200": description: Native persistence cache configuration details content: application/json: schema: $ref: '#/components/schemas/MemcachedConfiguration' examples: Response json example: description: Response json example value: | { "servers": "localhost:11211", "maxOperationQueueLength": 100000, "bufferSize": 32768, "defaultPutExpiration": 80, "connectionFactoryType": "DEFAULT" } "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/cache.write patch: tags: - Cache Configuration – Memcached summary: Patch memcached cache configuration. description: Patch memcached cache configuration operationId: patch-config-cache-memcached requestBody: description: String representing patch-document. content: application/json-patch+json: schema: type: array items: $ref: '#/components/schemas/JsonPatch' examples: Request json example: description: Request json example value: "[{ \"op\": \"replace\", \"path\": \"/maxOperationQueueLength\"\ , \"value\":10001}] \n" responses: "200": description: Memcached cache configuration details content: application/json: schema: $ref: '#/components/schemas/MemcachedConfiguration' examples: Response json example: description: Response json example value: | { "servers": "localhost:11211", "maxOperationQueueLength": 100000, "bufferSize": 32768, "defaultPutExpiration": 80, "connectionFactoryType": "DEFAULT" } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/cache.write /api/v1/config/cache/native-persistence: get: tags: - Cache Configuration – Native-Persistence summary: Returns native persistence cache configuration. description: Returns native persistence cache configuration. operationId: get-config-cache-native-persistence responses: "200": description: Native persistence configuration details content: application/json: schema: $ref: '#/components/schemas/NativePersistenceConfiguration' examples: Response json example: description: Response json example value: | { "defaultPutExpiration": 60, "defaultCleanupBatchSize": 10000, "deleteExpiredOnGetRequest": false, "disableAttemptUpdateBeforeInsert": false } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/cache.readonly put: tags: - Cache Configuration – Native-Persistence summary: Updates native persistence cache configuration. description: Updates native persistence cache configuration operationId: put-config-cache-native-persistence requestBody: description: NativePersistenceConfiguration object content: application/json: schema: $ref: '#/components/schemas/NativePersistenceConfiguration' examples: Request json example: description: Request json example value: | { "defaultPutExpiration": 60, "defaultCleanupBatchSize": 10000, "deleteExpiredOnGetRequest": false, "disableAttemptUpdateBeforeInsert": false } responses: "200": description: Native persistence cache configuration details content: application/json: schema: $ref: '#/components/schemas/NativePersistenceConfiguration' examples: Response json example: description: Response json example value: | { "defaultPutExpiration": 60, "defaultCleanupBatchSize": 10000, "deleteExpiredOnGetRequest": false, "disableAttemptUpdateBeforeInsert": false } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/cache.write patch: tags: - Cache Configuration – Native-Persistence summary: Patch native persistence cache configuration. description: Patch native persistence cache configuration operationId: patch-config-cache-native-persistence requestBody: description: String representing patch-document. content: application/json-patch+json: schema: type: array items: $ref: '#/components/schemas/JsonPatch' examples: Request json example: description: Request json example value: "[{ \"op\": \"replace\", \"path\": \"/defaultCleanupBatchSize\"\ , \"value\":10001}] \n" responses: "200": description: Native persistence cache configuration details content: application/json: schema: $ref: '#/components/schemas/NativePersistenceConfiguration' examples: Response json example: description: Response json example value: | { "defaultPutExpiration": 60, "defaultCleanupBatchSize": 10000, "deleteExpiredOnGetRequest": false, "disableAttemptUpdateBeforeInsert": false } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/cache.write /api/v1/config/cache/redis: get: tags: - Cache Configuration – Redis summary: Returns Redis cache configuration. description: Returns Redis cache configuration operationId: get-config-cache-redis responses: "200": description: Redis cache configuration details content: application/json: schema: $ref: '#/components/schemas/RedisConfiguration' examples: Response json example: description: Response json example value: | { "redisProviderType": "STANDALONE", "servers": "localhost:6379", "defaultPutExpiration": 60, "useSSL": false, "maxIdleConnections": 10, "maxTotalConnections": 500, "connectionTimeout": 3000, "soTimeout": 3000, "maxRetryAttempts": 5 } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/cache.readonly put: tags: - Cache Configuration – Redis summary: Updates Redis cache configuration. description: Updates Redis cache configuration operationId: put-config-cache-redis requestBody: description: RedisConfiguration object content: application/json: schema: $ref: '#/components/schemas/RedisConfiguration' examples: Request json example: description: Request json example value: | { "redisProviderType": "STANDALONE", "servers": "localhost:6379", "defaultPutExpiration": 60, "useSSL": false, "maxIdleConnections": 10, "maxTotalConnections": 500, "connectionTimeout": 3000, "soTimeout": 3000, "maxRetryAttempts": 5 } responses: "200": description: Redis cache configuration details content: application/json: schema: $ref: '#/components/schemas/RedisConfiguration' examples: Response json example: description: Response json example value: | { "redisProviderType": "STANDALONE", "servers": "localhost:6379", "defaultPutExpiration": 60, "useSSL": false, "maxIdleConnections": 10, "maxTotalConnections": 500, "connectionTimeout": 3000, "soTimeout": 3000, "maxRetryAttempts": 5 } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/cache.write patch: tags: - Cache Configuration – Redis summary: Patch Redis cache configuration. description: Patch Redis cache configuration operationId: patch-config-cache-redis requestBody: description: String representing patch-document. content: application/json-patch+json: schema: type: array items: $ref: '#/components/schemas/JsonPatch' examples: Request json example: description: Request json example value: "[{ \"op\": \"replace\", \"path\": \"/defaultPutExpiration\"\ , \"value\":80}] \n" responses: "200": description: Redis cache configuration details content: application/json: schema: $ref: '#/components/schemas/RedisConfiguration' examples: Response json example: description: Response json example value: | { "redisProviderType": "STANDALONE", "servers": "localhost:6379", "defaultPutExpiration": 60, "useSSL": false, "maxIdleConnections": 10, "maxTotalConnections": 500, "connectionTimeout": 3000, "soTimeout": 3000, "maxRetryAttempts": 5 } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/cache.write /api/v1/clients/authorizations/{userId}/{clientId}/{username}: delete: tags: - Client Authorization summary: Revoke client authorization description: Revoke client authorizations operationId: delete-client-authorization parameters: - name: userId in: path description: User identifier required: true schema: type: string - name: clientId in: path description: Client identifier required: true schema: type: string - name: username in: path description: User name required: true schema: type: string responses: "204": description: No Content "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/client/authorizations.delete /api/v1/clients/authorizations/{userId}: get: tags: - Client Authorization summary: Gets list of client authorization description: Gets list of client authorizations operationId: get-client-authorization parameters: - name: userId in: path description: User identifier required: true schema: type: string responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/ClientAuth' examples: Response json example: description: Response json example value: | { "DeletableEntity{expirationDate=null, deletable=false} BaseEntry [dn=inum=3000.1e5c4db0-e01e-4e8c-9360-28cb6f0a8026,ou=clients,o=jans]": [ { "dn": "inum=10B2,ou=scopes,o=jans", "inum": "10B2", "displayName": "view_username", "id": "user_name", "description": "View your local username in the Janssen Server.", "scopeType": "openid", "claims": [ "inum=42E0,ou=attributes,o=jans" ], "defaultScope": false, "attributes": { "showInConfigurationEndpoint": true }, "creationDate": "2023-03-31T12:03:39", "umaType": false, "baseDn": "inum=10B2,ou=scopes,o=jans" }, { "dn": "inum=43F1,ou=scopes,o=jans", "inum": "43F1", "displayName": "view_profile", "id": "profile", "description": "View your basic profile info.", "scopeType": "openid", "claims": [ "inum=2B29,ou=attributes,o=jans", "inum=0C85,ou=attributes,o=jans", "inum=B4B0,ou=attributes,o=jans", "inum=A0E8,ou=attributes,o=jans", "inum=5EC6,ou=attributes,o=jans", "inum=B52A,ou=attributes,o=jans", "inum=64A0,ou=attributes,o=jans", "inum=EC3A,ou=attributes,o=jans", "inum=3B47,ou=attributes,o=jans", "inum=3692,ou=attributes,o=jans", "inum=98FC,ou=attributes,o=jans", "inum=A901,ou=attributes,o=jans", "inum=36D9,ou=attributes,o=jans", "inum=BE64,ou=attributes,o=jans", "inum=6493,ou=attributes,o=jans", "inum=4CF1,ou=attributes,o=jans", "inum=29DA,ou=attributes,o=jans" ], "defaultScope": false, "attributes": { "showInConfigurationEndpoint": true }, "creationDate": "2023-03-31T12:03:39", "umaType": false, "baseDn": "inum=43F1,ou=scopes,o=jans" }, { "dn": "inum=F0C4,ou=scopes,o=jans", "inum": "F0C4", "displayName": "authenticate_openid_connect", "id": "openid", "description": "Authenticate using OpenID Connect.", "scopeType": "openid", "defaultScope": true, "attributes": { "showInConfigurationEndpoint": true }, "creationDate": "2023-03-31T12:03:39", "umaType": false, "baseDn": "inum=F0C4,ou=scopes,o=jans" }, { "dn": "inum=341A,ou=scopes,o=jans", "inum": "341A", "displayName": "view_client", "id": "clientinfo", "description": "View the client info.", "scopeType": "openid", "claims": [ "inum=2B29,ou=attributes,o=jans", "inum=29DA,ou=attributes,o=jans" ], "defaultScope": false, "attributes": { "showInConfigurationEndpoint": true }, "creationDate": "2023-03-31T12:03:39", "umaType": false, "baseDn": "inum=341A,ou=scopes,o=jans" } ] } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/client/authorizations.readonly /api/v1/openid/clients: get: tags: - OAuth - OpenID Connect - Clients summary: Gets list of OpenID Connect clients description: Gets list of OpenID Connect clients operationId: get-oauth-openid-clients parameters: - name: limit in: query description: Search size - max size of the results to return schema: type: integer format: int32 default: 50 - name: pattern in: query description: Search pattern schema: type: string default: "" - name: startIndex in: query description: The 1-based index of the first query result schema: type: integer format: int32 default: 0 - name: sortBy in: query description: Attribute whose value will be used to order the returned response schema: type: string default: inum - name: sortOrder in: query description: Order in which the sortBy param is applied. Allowed values are "ascending" and "descending" schema: type: string default: ascending - name: fieldValuePair in: query description: Field and value pair for seraching schema: type: string default: "" examples: Field value example: description: Field value example value: "applicationType=web,persistClientAuthorizations=true" responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/PagedResult' examples: Response json example: description: Response json example value: | { "start": 0, "totalEntriesCount": 8, "entriesCount": 8, "entries": [ { "dn": "inum=1201.c091b1aa-4429-454e-8c80-bc11ed9bac0d,ou=clients,o=jans", "clientSecret": "hm7fKhoxVfsR", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://pujavs-definite-dory.gluu.info/.well-known/scim-configuration" ], "grantTypes": [ "client_credentials" ], "applicationType": "native", "clientName": "SCIM client", "clientNameLocalized": {}, "logoUriLocalized": {}, "clientUriLocalized": {}, "policyUriLocalized": {}, "tosUriLocalized": {}, "subjectType": "pairwise", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ "inum=1200.485475,ou=scopes,o=jans", "inum=1200.EE9755,ou=scopes,o=jans", "inum=1200.57CC3F,ou=scopes,o=jans", "inum=1200.57EA2A,ou=scopes,o=jans", "inum=1200.C5C2EF,ou=scopes,o=jans", "inum=1200.369E7D,ou=scopes,o=jans", "inum=1200.472E10,ou=scopes,o=jans", "inum=1200.D8FE2A,ou=scopes,o=jans", "inum=1200.0F2F42,ou=scopes,o=jans", "inum=1200.A9B43A,ou=scopes,o=jans" ], "trustedClient": false, "persistClientAuthorizations": false, "includeClaimsInIdToken": false, "customAttributes": [], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "dpopBoundAccessToken": false, "jansDefaultPromptLogin": false, "minimumAcrLevel": -1 }, "displayName": "SCIM client", "allAuthenticationMethods": [ "client_secret_basic" ], "authenticationMethod": "client_secret_basic", "baseDn": "inum=1201.c091b1aa-4429-454e-8c80-bc11ed9bac0d,ou=clients,o=jans", "inum": "1201.c091b1aa-4429-454e-8c80-bc11ed9bac0d" }, { "dn": "inum=1800.bc140317-7ee2-42a1-8b9e-c653c9a68927,ou=clients,o=jans", "deletable": false, "clientSecret": "d2U1A5Es6uuE", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://pujavs-definite-dory.gluu.info/admin-ui", "http://localhost:4100" ], "responseTypes": [ "code" ], "grantTypes": [ "authorization_code", "refresh_token", "client_credentials" ], "applicationType": "web", "clientName": "Jans Config Api Client", "clientNameLocalized": {}, "logoUriLocalized": {}, "clientUriLocalized": {}, "policyUriLocalized": {}, "tosUriLocalized": {}, "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ "inum=C4F7,ou=scopes,o=jans", "inum=1200.485475,ou=scopes,o=jans", "inum=1200.EE9755,ou=scopes,o=jans", "inum=1800.01.1,ou=scopes,o=jans", "inum=1800.01.2,ou=scopes,o=jans", "inum=1800.03.1,ou=scopes,o=jans", "inum=1800.03.2,ou=scopes,o=jans", "inum=1800.01.3,ou=scopes,o=jans", "inum=1800.01.4,ou=scopes,o=jans", "inum=1800.01.5,ou=scopes,o=jans", "inum=1800.03.3,ou=scopes,o=jans", "inum=1800.01.6,ou=scopes,o=jans", "inum=1800.01.7,ou=scopes,o=jans", "inum=1800.01.8,ou=scopes,o=jans", "inum=1800.02.1,ou=scopes,o=jans", "inum=1800.01.9,ou=scopes,o=jans", "inum=1800.02.2,ou=scopes,o=jans", "inum=1800.01.10,ou=scopes,o=jans", "inum=1800.02.3,ou=scopes,o=jans", "inum=1800.01.11,ou=scopes,o=jans", "inum=1800.01.12,ou=scopes,o=jans", "inum=1800.01.13,ou=scopes,o=jans", "inum=1800.01.14,ou=scopes,o=jans", "inum=1800.01.15,ou=scopes,o=jans", "inum=1800.01.16,ou=scopes,o=jans", "inum=1800.01.17,ou=scopes,o=jans", "inum=1800.01.18,ou=scopes,o=jans", "inum=1800.01.19,ou=scopes,o=jans", "inum=1800.01.20,ou=scopes,o=jans", "inum=1800.01.21,ou=scopes,o=jans", "inum=1800.01.22,ou=scopes,o=jans", "inum=1800.01.23,ou=scopes,o=jans", "inum=1800.01.24,ou=scopes,o=jans", "inum=1800.01.25,ou=scopes,o=jans", "inum=1800.01.26,ou=scopes,o=jans", "inum=1800.01.27,ou=scopes,o=jans", "inum=1800.01.28,ou=scopes,o=jans", "inum=1800.01.29,ou=scopes,o=jans", "inum=1800.01.30,ou=scopes,o=jans", "inum=1800.01.31,ou=scopes,o=jans", "inum=1800.01.32,ou=scopes,o=jans", "inum=1800.01.33,ou=scopes,o=jans", "inum=1800.02.4,ou=scopes,o=jans", "inum=1800.02.5,ou=scopes,o=jans", "inum=1800.01.34,ou=scopes,o=jans", "inum=1800.02.6,ou=scopes,o=jans", "inum=1800.01.35,ou=scopes,o=jans", "inum=1800.01.36,ou=scopes,o=jans", "inum=1800.01.37,ou=scopes,o=jans", "inum=1800.01.38,ou=scopes,o=jans", "inum=1800.01.39,ou=scopes,o=jans", "inum=1800.01.40,ou=scopes,o=jans", "inum=1800.01.41,ou=scopes,o=jans", "inum=1800.01.42,ou=scopes,o=jans", "inum=1800.01.43,ou=scopes,o=jans", "inum=1800.01.44,ou=scopes,o=jans", "inum=1800.01.45,ou=scopes,o=jans", "inum=1800.01.46,ou=scopes,o=jans", "inum=1800.01.47,ou=scopes,o=jans", "inum=1800.04.1,ou=scopes,o=jans", "inum=1800.04.2,ou=scopes,o=jans", "inum=1800.04.12,ou=scopes,o=jans", "inum=1800.04.13,ou=scopes,o=jans", "inum=1800.04.3,ou=scopes,o=jans", "inum=1800.04.14,ou=scopes,o=jans", "inum=1800.04.4,ou=scopes,o=jans", "inum=1800.04.5,ou=scopes,o=jans", "inum=1800.04.6,ou=scopes,o=jans", "inum=1800.04.7,ou=scopes,o=jans", "inum=1800.04.8,ou=scopes,o=jans", "inum=1800.04.9,ou=scopes,o=jans", "inum=1800.04.10,ou=scopes,o=jans", "inum=1800.04.11,ou=scopes,o=jans", "inum=1800.01.49,ou=scopes,o=jans", "inum=1800.01.50,ou=scopes,o=jans", "inum=1800.01.51,ou=scopes,o=jans", "inum=1800.01.52,ou=scopes,o=jans", "inum=1800.01.53,ou=scopes,o=jans", "inum=1800.01.54,ou=scopes,o=jans", "inum=1800.01.55,ou=scopes,o=jans", "inum=1800.01.56,ou=scopes,o=jans", "inum=1800.01.57,ou=scopes,o=jans", "inum=1800.01.58,ou=scopes,o=jans", "inum=1800.01.59,ou=scopes,o=jans", "inum=1800.01.60,ou=scopes,o=jans", "inum=1800.01.61,ou=scopes,o=jans", "inum=1800.01.62,ou=scopes,o=jans", "inum=1800.01.63,ou=scopes,o=jans", "inum=1800.01.64,ou=scopes,o=jans", "inum=1800.01.65,ou=scopes,o=jans", "inum=1800.01.66,ou=scopes,o=jans", "inum=1800.01.67,ou=scopes,o=jans", "inum=1800.01.067,ou=scopes,o=jans", "inum=1800.01.68,ou=scopes,o=jans", "inum=1800.01.69,ou=scopes,o=jans", "inum=1800.01.70,ou=scopes,o=jans", "inum=1800.01.71,ou=scopes,o=jans", "inum=1800.01.72,ou=scopes,o=jans", "inum=1800.01.73,ou=scopes,o=jans", "inum=1800.01.74,ou=scopes,o=jans", "inum=1800.01.75,ou=scopes,o=jans", "inum=1800.01.76,ou=scopes,o=jans", "inum=1800.01.77,ou=scopes,o=jans" ], "trustedClient": false, "persistClientAuthorizations": true, "includeClaimsInIdToken": false, "customAttributes": [], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "dpopBoundAccessToken": false, "jansDefaultPromptLogin": false, "minimumAcrLevel": -1 }, "displayName": "Jans Config Api Client", "allAuthenticationMethods": [ "client_secret_basic" ], "authenticationMethod": "client_secret_basic", "baseDn": "inum=1800.bc140317-7ee2-42a1-8b9e-c653c9a68927,ou=clients,o=jans", "inum": "1800.bc140317-7ee2-42a1-8b9e-c653c9a68927" }, { "dn": "inum=2000.6b0541e3-acc7-4fb1-96c2-b704c3e65f9f,ou=clients,o=jans", "deletable": false, "clientSecret": "RyF17ubsbdTb", "frontChannelLogoutUri": "http://localhost:4100/logout", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://pujavs-definite-dory.gluu.info/admin", "http://localhost:4100" ], "responseTypes": [ "code" ], "grantTypes": [ "authorization_code", "refresh_token", "client_credentials", "urn:ietf:params:oauth:grant-type:device_code" ], "applicationType": "web", "clientName": "Jans TUI Client", "clientNameLocalized": {}, "logoUriLocalized": {}, "clientUriLocalized": {}, "policyUriLocalized": {}, "tosUriLocalized": {}, "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "userInfoSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "postLogoutRedirectUris": [ "http://localhost:4100", "https://pujavs-definite-dory.gluu.info/admin" ], "scopes": [ "inum=C4F7,ou=scopes,o=jans", "inum=C4F6,ou=scopes,o=jans", "inum=43F1,ou=scopes,o=jans", "inum=764C,ou=scopes,o=jans", "inum=F0C4,ou=scopes,o=jans", "inum=B9D2-D6E5,ou=scopes,o=jans" ], "trustedClient": true, "persistClientAuthorizations": true, "includeClaimsInIdToken": false, "accessTokenLifetime": 2592000, "customAttributes": [], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "updateTokenScriptDns": [ "inum=2D3E.5A04,ou=scripts,o=jans" ], "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "dpopBoundAccessToken": false, "jansDefaultPromptLogin": false, "minimumAcrLevel": -1 }, "displayName": "Jans TUI Client", "allAuthenticationMethods": [ "client_secret_basic" ], "authenticationMethod": "client_secret_basic", "baseDn": "inum=2000.6b0541e3-acc7-4fb1-96c2-b704c3e65f9f,ou=clients,o=jans", "inum": "2000.6b0541e3-acc7-4fb1-96c2-b704c3e65f9f" }, { "dn": "inum=2100.45b8d476-f4a7-4351-a936-d49623aedf85,ou=clients,o=jans", "deletable": false, "clientSecret": "oruB9zGAzlEs", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://pujavs-definite-dory.gluu.info/admin-ui", "http://localhost:4100" ], "grantTypes": [ "authorization_code", "client_credentials", "password", "refresh_token" ], "applicationType": "web", "clientName": "Jans SCIM Client for SAML", "clientNameLocalized": {}, "logoUriLocalized": {}, "clientUriLocalized": {}, "policyUriLocalized": {}, "tosUriLocalized": {}, "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ "inum=F0C4,ou=scopes,o=jans" ], "trustedClient": false, "persistClientAuthorizations": true, "includeClaimsInIdToken": false, "customAttributes": [], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "dpopBoundAccessToken": false, "jansDefaultPromptLogin": false, "minimumAcrLevel": -1 }, "description": "Jans SCIM Client for SAML", "displayName": "Jans SCIM Client for SAML", "allAuthenticationMethods": [ "client_secret_basic" ], "authenticationMethod": "client_secret_basic", "baseDn": "inum=2100.45b8d476-f4a7-4351-a936-d49623aedf85,ou=clients,o=jans", "inum": "2100.45b8d476-f4a7-4351-a936-d49623aedf85" }, { "dn": "inum=2101.90177254-fdc7-44bb-a2e2-56ad4c8b71f7,ou=clients,o=jans", "deletable": false, "clientSecret": "0m3XirLDM4u4", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://pujavs-definite-dory.gluu.info/kc/realms/jans/kc-jans-authn-rest-bridge/auth-complete" ], "responseTypes": [ "code", "token" ], "grantTypes": [ "authorization_code" ], "applicationType": "web", "clientName": "kc_saml_openid", "clientNameLocalized": {}, "logoUriLocalized": {}, "clientUriLocalized": {}, "policyUriLocalized": {}, "tosUriLocalized": {}, "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "trustedClient": false, "persistClientAuthorizations": true, "includeClaimsInIdToken": false, "customAttributes": [], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "dpopBoundAccessToken": false, "jansDefaultPromptLogin": false, "minimumAcrLevel": -1 }, "description": "Keycloak OpenID client used for SAML authentication", "displayName": "kc_saml_openid", "allAuthenticationMethods": [ "client_secret_basic" ], "authenticationMethod": "client_secret_basic", "baseDn": "inum=2101.90177254-fdc7-44bb-a2e2-56ad4c8b71f7,ou=clients,o=jans", "inum": "2101.90177254-fdc7-44bb-a2e2-56ad4c8b71f7" }, { "dn": "inum=2102.bc5b8f1b-fa8b-405e-9063-9efb69d80146,ou=clients,o=jans", "deletable": false, "clientSecret": "hFZN4udFr6am", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://pujavs-definite-dory.gluu.info/kc/realms/jans/dev/null" ], "responseTypes": [ "token" ], "grantTypes": [ "client_credentials" ], "applicationType": "web", "clientName": "kc_scheduler_api", "clientNameLocalized": {}, "logoUriLocalized": {}, "clientUriLocalized": {}, "policyUriLocalized": {}, "tosUriLocalized": {}, "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "trustedClient": false, "persistClientAuthorizations": true, "includeClaimsInIdToken": false, "customAttributes": [], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "dpopBoundAccessToken": false, "jansDefaultPromptLogin": false, "minimumAcrLevel": -1 }, "description": "keycloak scheduler openid client used to obtain API keys to invoke the config-api", "displayName": "kc_scheduler_api", "allAuthenticationMethods": [ "client_secret_basic" ], "authenticationMethod": "client_secret_basic", "baseDn": "inum=2102.bc5b8f1b-fa8b-405e-9063-9efb69d80146,ou=clients,o=jans", "inum": "2102.bc5b8f1b-fa8b-405e-9063-9efb69d80146" }, { "dn": "inum=2103.6eecd736-a1b0-4411-bfc1-c93e40fa328f,ou=clients,o=jans", "deletable": false, "clientSecret": "A4bnhfJ6qynt", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://pujavs-definite-dory.gluu.info/kc/realms/master/kc-jans-authn-rest-bridge/auth-complete" ], "responseTypes": [ "code", "token" ], "grantTypes": [ "authorization_code" ], "applicationType": "web", "clientName": "kc_master_auth", "clientNameLocalized": {}, "logoUriLocalized": {}, "clientUriLocalized": {}, "policyUriLocalized": {}, "tosUriLocalized": {}, "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "trustedClient": false, "persistClientAuthorizations": true, "includeClaimsInIdToken": false, "customAttributes": [], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "dpopBoundAccessToken": false, "jansDefaultPromptLogin": false, "minimumAcrLevel": -1 }, "description": "keycloak master realm client used to authenticate administrators", "displayName": "kc_master_auth", "allAuthenticationMethods": [ "client_secret_basic" ], "authenticationMethod": "client_secret_basic", "baseDn": "inum=2103.6eecd736-a1b0-4411-bfc1-c93e40fa328f,ou=clients,o=jans", "inum": "2103.6eecd736-a1b0-4411-bfc1-c93e40fa328f" }, { "dn": "inum=3000.6a724dcb-2dd1-47be-9fcd-981b83556965,ou=clients,o=jans", "deletable": false, "clientSecret": "4MfT17z8Bt1O", "frontChannelLogoutUri": "https://pujavs-definite-dory.gluu.info/jans-casa/autologout", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://pujavs-definite-dory.gluu.info/jans-casa" ], "responseTypes": [ "code" ], "grantTypes": [ "authorization_code", "refresh_token", "client_credentials" ], "applicationType": "web", "clientName": "Client for Casa", "clientNameLocalized": {}, "logoUriLocalized": {}, "clientUriLocalized": {}, "policyUriLocalized": {}, "tosUriLocalized": {}, "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "userInfoSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "postLogoutRedirectUris": [ "https://pujavs-definite-dory.gluu.info/jans-casa/bye.zul" ], "scopes": [ "inum=F0C4,ou=scopes,o=jans", "inum=43F1,ou=scopes,o=jans", "inum=10B2,ou=scopes,o=jans", "inum=341A,ou=scopes,o=jans", "inum=3000.01.1,ou=scopes,o=jans", "inum=3000.01.2,ou=scopes,o=jans", "inum=3000.01.3,ou=scopes,o=jans" ], "trustedClient": true, "persistClientAuthorizations": true, "includeClaimsInIdToken": false, "customAttributes": [], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "dpopBoundAccessToken": false, "jansDefaultPromptLogin": false, "minimumAcrLevel": -1 }, "displayName": "Client for Casa", "allAuthenticationMethods": [ "client_secret_basic" ], "authenticationMethod": "client_secret_basic", "baseDn": "inum=3000.6a724dcb-2dd1-47be-9fcd-981b83556965,ou=clients,o=jans", "inum": "3000.6a724dcb-2dd1-47be-9fcd-981b83556965" } ] } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/openid/clients.readonly put: tags: - OAuth - OpenID Connect - Clients summary: Update OpenId Connect client description: Update OpenId Connect client operationId: put-oauth-openid-client requestBody: description: OpenID Connect Client object content: application/json: schema: $ref: '#/components/schemas/Client' examples: Request json example: description: Request json example value: | { "dn": "inum=f8c1a111-0919-47e8-a4d4-f7c18f73a644,ou=clients,o=jans", "baseDn": "inum=f8c1a111-0919-47e8-a4d4-f7c18f73a644,ou=clients,o=jans", "inum": "f8c1a111-0919-47e8-a4d4-f7c18f73a644", "deletable": false, "clientSecret": "test1234", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://jans.server2/admin-ui", "http://localhost:4100" ], "responseTypes": [ "code" ], "grantTypes": [ "authorization_code", "refresh_token", "client_credentials" ], "applicationType": "web", "clientName": "", "logoUri": "", "clientUri": "", "policyUri":"", "tosUri": "", "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ "inum=C4F7,ou=scopes,o=jans" ], "trustedClient": false, "persistClientAuthorizations": true, "includeClaimsInIdToken": false, "customAttributes": [ { "name": "displayName", "multiValued": false, "values": [ "Api Client" ], "value": "Api Client", "displayValue": "Api Client" } ], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "jansDefaultPromptLogin": false }, "tokenBindingSupported": false, "authenticationMethod": "client_secret_basic", "displayName": "Api Client" } responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/Client' examples: Response json example: description: Response json example value: | { "dn": "inum=1800.768b3d38-a6e8-4be4-93d1-72df33d34fd6,ou=clients,o=jans", "deletable": false, "clientSecret": "WZMK8thDpvw1xtE0N+SbXA==", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://jans.server2/admin-ui", "http://localhost:4100" ], "responseTypes": [ "code" ], "grantTypes": [ "authorization_code", "refresh_token", "client_credentials" ], "applicationType": "web", "clientName": "Jans Config Api Client", "logoUri": "", "clientUri": "", "policyUri": "", "tosUri": "", "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ "inum=C4F7,ou=scopes,o=jans", "inum=1200.487800,ou=scopes,o=jans", "inum=1200.9CEE5C,ou=scopes,o=jans", "inum=1800.FFE5C0,ou=scopes,o=jans", "inum=1800.472951,ou=scopes,o=jans", "inum=1800.556F45,ou=scopes,o=jans", "inum=1800.77FB4F,ou=scopes,o=jans", "inum=1800.AA8DFE,ou=scopes,o=jans", "inum=1800.CD5B72,ou=scopes,o=jans", "inum=1800.CBCF52,ou=scopes,o=jans", "inum=1800.12284F,ou=scopes,o=jans", "inum=1800.141B26,ou=scopes,o=jans", "inum=1800.A018AC,ou=scopes,o=jans", "inum=1800.6E4456,ou=scopes,o=jans", "inum=1800.55499D,ou=scopes,o=jans", "inum=1800.E730AA,ou=scopes,o=jans", "inum=1800.097318,ou=scopes,o=jans", "inum=1800.04CF24,ou=scopes,o=jans", "inum=1800.F963F9,ou=scopes,o=jans", "inum=1800.31F580,ou=scopes,o=jans", "inum=1800.E512E3,ou=scopes,o=jans", "inum=1800.E65DC6,ou=scopes,o=jans", "inum=1800.3C1F46,ou=scopes,o=jans", "inum=1800.20D48C,ou=scopes,o=jans", "inum=1800.4601AA,ou=scopes,o=jans", "inum=1800.A9B842,ou=scopes,o=jans", "inum=1800.864485,ou=scopes,o=jans", "inum=1800.F0B654,ou=scopes,o=jans", "inum=1800.45F1D7,ou=scopes,o=jans", "inum=1800.B78FA5,ou=scopes,o=jans", "inum=1800.E3D7E0,ou=scopes,o=jans", "inum=1800.E212DC,ou=scopes,o=jans", "inum=1800.94F80F,ou=scopes,o=jans", "inum=1800.9F96F3,ou=scopes,o=jans", "inum=1800.CB50EC,ou=scopes,o=jans", "inum=1800.1CA946,ou=scopes,o=jans", "inum=1800.18231E,ou=scopes,o=jans", "inum=1800.C25D78,ou=scopes,o=jans", "inum=1800.12B340,ou=scopes,o=jans", "inum=1800.7A78C3,ou=scopes,o=jans", "inum=1800.ECB839,ou=scopes,o=jans", "inum=1800.62579C,ou=scopes,o=jans", "inum=1800.29B156,ou=scopes,o=jans", "inum=1800.9DC774,ou=scopes,o=jans", "inum=1800.71BA21,ou=scopes,o=jans", "inum=1800.FC35D2,ou=scopes,o=jans", "inum=1800.F8CA5F,ou=scopes,o=jans", "inum=1800.D92553,ou=scopes,o=jans", "inum=1800.08CB80,ou=scopes,o=jans", "inum=1800.DF434B,ou=scopes,o=jans", "inum=1800.127954,ou=scopes,o=jans", "inum=1800.E7CB8C,ou=scopes,o=jans" ], "trustedClient": false, "persistClientAuthorizations": true, "includeClaimsInIdToken": false, "customAttributes": [ { "name": "displayName", "multiValued": false, "values": [ "Jans Config Api Client" ], "value": "Jans Config Api Client", "displayValue": "Jans Config Api Client" } ], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "jansDefaultPromptLogin": false }, "tokenBindingSupported": false, "authenticationMethod": "client_secret_basic", "displayName": "Jans Config Api Client", "baseDn": "inum=1800.768b3d38-a6e8-4be4-93d1-72df33d34fd6,ou=clients,o=jans", "inum": "1800.768b3d38-a6e8-4be4-93d1-72df33d34fd6" } "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/openid/clients.write post: tags: - OAuth - OpenID Connect - Clients summary: Create new OpenId Connect client description: Create new OpenId Connect client operationId: post-oauth-openid-client requestBody: description: OpenID Connect Client object content: application/json: schema: $ref: '#/components/schemas/Client' examples: Request json example: description: Request json example value: | { "deletable": false, "clientSecret": "test1234", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://jans.server2/admin-ui", "http://localhost:4100" ], "responseTypes": [ "code" ], "grantTypes": [ "authorization_code", "refresh_token", "client_credentials" ], "applicationType": "web", "clientName": "", "logoUri": "", "clientUri": "", "policyUri":"", "tosUri": "", "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ "inum=C4F7,ou=scopes,o=jans" ], "trustedClient": false, "persistClientAuthorizations": true, "includeClaimsInIdToken": false, "customAttributes": [ { "name": "displayName", "multiValued": false, "values": [ "Api Client" ], "value": "Api Client", "displayValue": "Api Client" } ], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "jansDefaultPromptLogin": false }, "tokenBindingSupported": false, "authenticationMethod": "client_secret_basic", "displayName": "Api Client" } responses: "201": description: Created content: application/json: schema: $ref: '#/components/schemas/Client' examples: Response json example: description: Response json example value: | { "dn": "inum=1800.768b3d38-a6e8-4be4-93d1-72df33d34fd6,ou=clients,o=jans", "deletable": false, "clientSecret": "WZMK8thDpvw1xtE0N+SbXA==", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://jans.server2/admin-ui", "http://localhost:4100" ], "responseTypes": [ "code" ], "grantTypes": [ "authorization_code", "refresh_token", "client_credentials" ], "applicationType": "web", "clientName": "Jans Config Api Client", "logoUri": "", "clientUri": "", "policyUri": "", "tosUri": "", "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ "inum=C4F7,ou=scopes,o=jans", "inum=1200.487800,ou=scopes,o=jans", "inum=1200.9CEE5C,ou=scopes,o=jans", "inum=1800.FFE5C0,ou=scopes,o=jans", "inum=1800.472951,ou=scopes,o=jans", "inum=1800.556F45,ou=scopes,o=jans", "inum=1800.77FB4F,ou=scopes,o=jans", "inum=1800.AA8DFE,ou=scopes,o=jans", "inum=1800.CD5B72,ou=scopes,o=jans", "inum=1800.CBCF52,ou=scopes,o=jans", "inum=1800.12284F,ou=scopes,o=jans", "inum=1800.141B26,ou=scopes,o=jans", "inum=1800.A018AC,ou=scopes,o=jans", "inum=1800.6E4456,ou=scopes,o=jans", "inum=1800.55499D,ou=scopes,o=jans", "inum=1800.E730AA,ou=scopes,o=jans", "inum=1800.097318,ou=scopes,o=jans", "inum=1800.04CF24,ou=scopes,o=jans", "inum=1800.F963F9,ou=scopes,o=jans", "inum=1800.31F580,ou=scopes,o=jans", "inum=1800.E512E3,ou=scopes,o=jans", "inum=1800.E65DC6,ou=scopes,o=jans", "inum=1800.3C1F46,ou=scopes,o=jans", "inum=1800.20D48C,ou=scopes,o=jans", "inum=1800.4601AA,ou=scopes,o=jans", "inum=1800.A9B842,ou=scopes,o=jans", "inum=1800.864485,ou=scopes,o=jans", "inum=1800.F0B654,ou=scopes,o=jans", "inum=1800.45F1D7,ou=scopes,o=jans", "inum=1800.B78FA5,ou=scopes,o=jans", "inum=1800.E3D7E0,ou=scopes,o=jans", "inum=1800.E212DC,ou=scopes,o=jans", "inum=1800.94F80F,ou=scopes,o=jans", "inum=1800.9F96F3,ou=scopes,o=jans", "inum=1800.CB50EC,ou=scopes,o=jans", "inum=1800.1CA946,ou=scopes,o=jans", "inum=1800.18231E,ou=scopes,o=jans", "inum=1800.C25D78,ou=scopes,o=jans", "inum=1800.12B340,ou=scopes,o=jans", "inum=1800.7A78C3,ou=scopes,o=jans", "inum=1800.ECB839,ou=scopes,o=jans", "inum=1800.62579C,ou=scopes,o=jans", "inum=1800.29B156,ou=scopes,o=jans", "inum=1800.9DC774,ou=scopes,o=jans", "inum=1800.71BA21,ou=scopes,o=jans", "inum=1800.FC35D2,ou=scopes,o=jans", "inum=1800.F8CA5F,ou=scopes,o=jans", "inum=1800.D92553,ou=scopes,o=jans", "inum=1800.08CB80,ou=scopes,o=jans", "inum=1800.DF434B,ou=scopes,o=jans", "inum=1800.127954,ou=scopes,o=jans", "inum=1800.E7CB8C,ou=scopes,o=jans" ], "trustedClient": false, "persistClientAuthorizations": true, "includeClaimsInIdToken": false, "customAttributes": [ { "name": "displayName", "multiValued": false, "values": [ "Jans Config Api Client" ], "value": "Jans Config Api Client", "displayValue": "Jans Config Api Client" } ], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "jansDefaultPromptLogin": false }, "tokenBindingSupported": false, "authenticationMethod": "client_secret_basic", "displayName": "Jans Config Api Client", "baseDn": "inum=1800.768b3d38-a6e8-4be4-93d1-72df33d34fd6,ou=clients,o=jans", "inum": "1800.768b3d38-a6e8-4be4-93d1-72df33d34fd6" } "400": description: Bad Request "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/openid/clients.write /api/v1/openid/clients/{inum}: get: tags: - OAuth - OpenID Connect - Clients summary: Get OpenId Connect Client by Inum description: Get OpenId Connect Client by Inum operationId: get-oauth-openid-clients-by-inum parameters: - name: inum in: path description: Client identifier required: true schema: type: string responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/Client' examples: Response json example: description: Response json example value: | { "dn": "inum=1800.768b3d38-a6e8-4be4-93d1-72df33d34fd6,ou=clients,o=jans", "deletable": false, "clientSecret": "WZMK8thDpvw1xtE0N+SbXA==", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://jans.server2/admin-ui", "http://localhost:4100" ], "responseTypes": [ "code" ], "grantTypes": [ "authorization_code", "refresh_token", "client_credentials" ], "applicationType": "web", "clientName": "Jans Config Api Client", "logoUri": "", "clientUri": "", "policyUri": "", "tosUri": "", "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ "inum=C4F7,ou=scopes,o=jans", "inum=1200.487800,ou=scopes,o=jans", "inum=1200.9CEE5C,ou=scopes,o=jans", "inum=1800.FFE5C0,ou=scopes,o=jans", "inum=1800.472951,ou=scopes,o=jans", "inum=1800.556F45,ou=scopes,o=jans", "inum=1800.77FB4F,ou=scopes,o=jans", "inum=1800.AA8DFE,ou=scopes,o=jans", "inum=1800.CD5B72,ou=scopes,o=jans", "inum=1800.CBCF52,ou=scopes,o=jans", "inum=1800.12284F,ou=scopes,o=jans", "inum=1800.141B26,ou=scopes,o=jans", "inum=1800.A018AC,ou=scopes,o=jans", "inum=1800.6E4456,ou=scopes,o=jans", "inum=1800.55499D,ou=scopes,o=jans", "inum=1800.E730AA,ou=scopes,o=jans", "inum=1800.097318,ou=scopes,o=jans", "inum=1800.04CF24,ou=scopes,o=jans", "inum=1800.F963F9,ou=scopes,o=jans", "inum=1800.31F580,ou=scopes,o=jans", "inum=1800.E512E3,ou=scopes,o=jans", "inum=1800.E65DC6,ou=scopes,o=jans", "inum=1800.3C1F46,ou=scopes,o=jans", "inum=1800.20D48C,ou=scopes,o=jans", "inum=1800.4601AA,ou=scopes,o=jans", "inum=1800.A9B842,ou=scopes,o=jans", "inum=1800.864485,ou=scopes,o=jans", "inum=1800.F0B654,ou=scopes,o=jans", "inum=1800.45F1D7,ou=scopes,o=jans", "inum=1800.B78FA5,ou=scopes,o=jans", "inum=1800.E3D7E0,ou=scopes,o=jans", "inum=1800.E212DC,ou=scopes,o=jans", "inum=1800.94F80F,ou=scopes,o=jans", "inum=1800.9F96F3,ou=scopes,o=jans", "inum=1800.CB50EC,ou=scopes,o=jans", "inum=1800.1CA946,ou=scopes,o=jans", "inum=1800.18231E,ou=scopes,o=jans", "inum=1800.C25D78,ou=scopes,o=jans", "inum=1800.12B340,ou=scopes,o=jans", "inum=1800.7A78C3,ou=scopes,o=jans", "inum=1800.ECB839,ou=scopes,o=jans", "inum=1800.62579C,ou=scopes,o=jans", "inum=1800.29B156,ou=scopes,o=jans", "inum=1800.9DC774,ou=scopes,o=jans", "inum=1800.71BA21,ou=scopes,o=jans", "inum=1800.FC35D2,ou=scopes,o=jans", "inum=1800.F8CA5F,ou=scopes,o=jans", "inum=1800.D92553,ou=scopes,o=jans", "inum=1800.08CB80,ou=scopes,o=jans", "inum=1800.DF434B,ou=scopes,o=jans", "inum=1800.127954,ou=scopes,o=jans", "inum=1800.E7CB8C,ou=scopes,o=jans" ], "trustedClient": false, "persistClientAuthorizations": true, "includeClaimsInIdToken": false, "customAttributes": [ { "name": "displayName", "multiValued": false, "values": [ "Jans Config Api Client" ], "value": "Jans Config Api Client", "displayValue": "Jans Config Api Client" } ], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "jansDefaultPromptLogin": false }, "tokenBindingSupported": false, "authenticationMethod": "client_secret_basic", "displayName": "Jans Config Api Client", "baseDn": "inum=1800.768b3d38-a6e8-4be4-93d1-72df33d34fd6,ou=clients,o=jans", "inum": "1800.768b3d38-a6e8-4be4-93d1-72df33d34fd6" } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/openid/clients.readonly delete: tags: - OAuth - OpenID Connect - Clients summary: Delete OpenId Connect client description: Delete OpenId Connect client operationId: delete-oauth-openid-client-by-inum parameters: - name: inum in: path description: Client identifier required: true schema: type: string responses: "204": description: No Content "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/openid/clients.delete patch: tags: - OAuth - OpenID Connect - Clients summary: Patch OpenId Connect client description: Patch OpenId Connect client operationId: patch-oauth-openid-client-by-inum parameters: - name: inum in: path description: Client identifier required: true schema: type: string requestBody: description: String representing patch-document. content: application/json-patch+json: schema: type: array items: $ref: '#/components/schemas/JsonPatch' examples: Request json example: description: Request json example value: "[{ \"op\": \"replace\", \"path\": \"/responseTypes\", \"value\"\ :[\"code\",\"token\"]}] \n" responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/Client' examples: Response json example: description: Response json example value: | { "dn": "inum=1800.768b3d38-a6e8-4be4-93d1-72df33d34fd6,ou=clients,o=jans", "deletable": false, "clientSecret": "WZMK8thDpvw1xtE0N+SbXA==", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://jans.server2/admin-ui", "http://localhost:4100" ], "responseTypes": [ "code" ], "grantTypes": [ "authorization_code", "refresh_token", "client_credentials" ], "applicationType": "web", "clientName": "Jans Config Api Client", "logoUri": "", "clientUri": "", "policyUri": "", "tosUri": "", "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ "inum=C4F7,ou=scopes,o=jans", "inum=1200.487800,ou=scopes,o=jans", "inum=1200.9CEE5C,ou=scopes,o=jans", "inum=1800.FFE5C0,ou=scopes,o=jans", "inum=1800.472951,ou=scopes,o=jans", "inum=1800.556F45,ou=scopes,o=jans", "inum=1800.77FB4F,ou=scopes,o=jans", "inum=1800.AA8DFE,ou=scopes,o=jans", "inum=1800.CD5B72,ou=scopes,o=jans", "inum=1800.CBCF52,ou=scopes,o=jans", "inum=1800.12284F,ou=scopes,o=jans", "inum=1800.141B26,ou=scopes,o=jans", "inum=1800.A018AC,ou=scopes,o=jans", "inum=1800.6E4456,ou=scopes,o=jans", "inum=1800.55499D,ou=scopes,o=jans", "inum=1800.E730AA,ou=scopes,o=jans", "inum=1800.097318,ou=scopes,o=jans", "inum=1800.04CF24,ou=scopes,o=jans", "inum=1800.F963F9,ou=scopes,o=jans", "inum=1800.31F580,ou=scopes,o=jans", "inum=1800.E512E3,ou=scopes,o=jans", "inum=1800.E65DC6,ou=scopes,o=jans", "inum=1800.3C1F46,ou=scopes,o=jans", "inum=1800.20D48C,ou=scopes,o=jans", "inum=1800.4601AA,ou=scopes,o=jans", "inum=1800.A9B842,ou=scopes,o=jans", "inum=1800.864485,ou=scopes,o=jans", "inum=1800.F0B654,ou=scopes,o=jans", "inum=1800.45F1D7,ou=scopes,o=jans", "inum=1800.B78FA5,ou=scopes,o=jans", "inum=1800.E3D7E0,ou=scopes,o=jans", "inum=1800.E212DC,ou=scopes,o=jans", "inum=1800.94F80F,ou=scopes,o=jans", "inum=1800.9F96F3,ou=scopes,o=jans", "inum=1800.CB50EC,ou=scopes,o=jans", "inum=1800.1CA946,ou=scopes,o=jans", "inum=1800.18231E,ou=scopes,o=jans", "inum=1800.C25D78,ou=scopes,o=jans", "inum=1800.12B340,ou=scopes,o=jans", "inum=1800.7A78C3,ou=scopes,o=jans", "inum=1800.ECB839,ou=scopes,o=jans", "inum=1800.62579C,ou=scopes,o=jans", "inum=1800.29B156,ou=scopes,o=jans", "inum=1800.9DC774,ou=scopes,o=jans", "inum=1800.71BA21,ou=scopes,o=jans", "inum=1800.FC35D2,ou=scopes,o=jans", "inum=1800.F8CA5F,ou=scopes,o=jans", "inum=1800.D92553,ou=scopes,o=jans", "inum=1800.08CB80,ou=scopes,o=jans", "inum=1800.DF434B,ou=scopes,o=jans", "inum=1800.127954,ou=scopes,o=jans", "inum=1800.E7CB8C,ou=scopes,o=jans" ], "trustedClient": false, "persistClientAuthorizations": true, "includeClaimsInIdToken": false, "customAttributes": [ { "name": "displayName", "multiValued": false, "values": [ "Jans Config Api Client" ], "value": "Jans Config Api Client", "displayValue": "Jans Config Api Client" } ], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "jansDefaultPromptLogin": false }, "tokenBindingSupported": false, "authenticationMethod": "client_secret_basic", "displayName": "Jans Config Api Client", "baseDn": "inum=1800.768b3d38-a6e8-4be4-93d1-72df33d34fd6,ou=clients,o=jans", "inum": "1800.768b3d38-a6e8-4be4-93d1-72df33d34fd6" } "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/openid/clients.write /api/v1/api-config: get: tags: - Configuration – Config API summary: Gets config-api configuration properties. description: Gets config-api configuration properties. operationId: get-config-api-properties responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/ApiAppConfiguration' "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/properties.readonly patch: tags: - Configuration – Config API summary: Partially modifies config-api configuration properties. description: Partially modifies config-api Configuration properties. operationId: patch-config-api-properties requestBody: description: String representing patch-document. content: application/json-patch+json: schema: type: array items: $ref: '#/components/schemas/JsonPatch' examples: Request json example: description: Request json example value: "" responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/ApiAppConfiguration' "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/properties.write /api/v1/config/smtp: get: tags: - Configuration – SMTP summary: Returns SMTP server configuration description: Returns SMTP server configuration operationId: get-config-smtp responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/SmtpConfiguration' examples: Response json example: description: Response json example value: | { "valid": false, "port": 0, "requires_ssl": false, "trust_host": false, "requires_authentication": false } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/smtp.readonly put: tags: - Configuration – SMTP summary: Updates SMTP server configuration description: Updates SMTP server configuration operationId: put-config-smtp requestBody: description: SmtpConfiguration object content: application/json: schema: $ref: '#/components/schemas/SmtpConfiguration' examples: Request json example: description: Request json example value: | { "valid": true, "host": "localhost", "port": 260, "requires_ssl": true, "trust_host": true, "from_name": "John", "from_email_address": "john@grow.org", "requires_authentication": true, "user_name": "smtp_user", "password": "password" } responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/SmtpConfiguration' examples: Response json example: description: Response json example value: | { "valid": false, "port": 0, "requires_ssl": false, "trust_host": false, "requires_authentication": false } "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/smtp.write post: tags: - Configuration – SMTP summary: Adds SMTP server configuration description: Adds SMTP server configuration operationId: post-config-smtp requestBody: description: SmtpConfiguration object content: application/json: schema: $ref: '#/components/schemas/SmtpConfiguration' examples: Request json example: description: Request json example value: | { "valid": true, "host": "localhost", "port": 260, "requires_ssl": true, "trust_host": true, "from_name": "John", "from_email_address": "john@grow.org", "requires_authentication": true, "user_name": "smtp_user", "password": "password" } responses: "201": description: Created content: application/json: schema: $ref: '#/components/schemas/SmtpConfiguration' examples: Response json example: description: Response json example value: | { "valid": false, "port": 0, "requires_ssl": false, "trust_host": false, "requires_authentication": false } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/smtp.write delete: tags: - Configuration – SMTP summary: Deletes SMTP server configuration description: Deletes SMTP server configuration operationId: delete-config-smtp responses: "204": description: No Content "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/smtp.delete /api/v1/config/smtp/test: post: tags: - Configuration – SMTP summary: Signing Test SMTP server configuration description: Signing Test SMTP server configuration operationId: test-config-smtp requestBody: description: SmtpTest object content: application/json: schema: $ref: '#/components/schemas/SmtpTest' examples: Request json example: description: Request json example value: "" responses: "200": description: Ok content: application/json: schema: type: boolean description: boolean value true if successful "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/smtp.write /api/v1/config/scripts: get: tags: - Custom Scripts summary: Gets a list of custom scripts description: Gets a list of custom scripts operationId: get-config-scripts parameters: - name: limit in: query description: Search size - max size of the results to return schema: type: integer format: int32 default: 50 - name: pattern in: query description: Search pattern schema: type: string default: "" - name: startIndex in: query description: The 1-based index of the first query result schema: type: integer format: int32 default: 0 - name: sortBy in: query description: Attribute whose value will be used to order the returned response schema: type: string default: inum - name: sortOrder in: query description: Order in which the sortBy param is applied. Allowed values are "ascending" and "descending" schema: type: string default: ascending - name: fieldValuePair in: query description: Field and value pair for seraching schema: type: string default: "" examples: Field value example: description: Field value example value: "adminCanEdit=true,dataType=string" responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/PagedResult' examples: Response json example: description: Response json example value: | { "start": 0, "totalEntriesCount": 37, "entriesCount": 2, "entries": [ { "dn": "inum=0300-BA90,ou=scripts,o=jans", "inum": "0300-BA90", "name": "discovery_java_params", "description": "Java Custom Sample Script", "script": "/* Copyright (c) 2022, Gluu\n Author: Yuriy Z\n */\n\nimport io.jans.model.SimpleCustomProperty;\nimport io.jans.model.custom.script.model.CustomScript;\nimport io.jans.model.custom.script.type.discovery.DiscoveryType;\nimport io.jans.service.custom.script.CustomScriptManager;\nimport org.slf4j.Logger;\nimport org.slf4j.LoggerFactory;\nimport org.json.JSONObject;\n\nimport java.util.Map;\n\npublic class Discovery implements DiscoveryType {\n\n private static final Logger log = LoggerFactory.getLogger(Discovery.class);\n private static final Logger scriptLogger = LoggerFactory.getLogger(CustomScriptManager.class);\n\n @Override\n public boolean init(Map configurationAttributes) {\n log.info(\"Init of Discovery Java custom script\");\n return true;\n }\n\n @Override\n public boolean init(CustomScript customScript, Map configurationAttributes) {\n log.info(\"Init of Discovery Java custom script\");\n return true;\n }\n\n @Override\n public boolean destroy(Map configurationAttributes) {\n log.info(\"Destroy of Discovery Java custom script\");\n return true;\n }\n\n @Override\n public int getApiVersion() {\n log.info(\"getApiVersion Discovery Java custom script: 11\");\n return 11;\n }\n\n @Override\n public boolean modifyResponse(Object responseAsJsonObject, Object context) {\n scriptLogger.info(\"write to script logger\");\n JSONObject response = (JSONObject) responseAsJsonObject;\n response.accumulate(\"key_from_java\", \"value_from_script_on_java\");\n return true;\n }\n}\n", "scriptType": "discovery", "programmingLanguage": "java", "moduleProperties": [ { "value1": "location_type", "value2": "ldap" } ], "level": 1, "revision": 11, "enabled": true, "modified": false, "internal": false, "locationType": "ldap", "baseDn": "inum=0300-BA90,ou=scripts,o=jans" }, { "dn": "inum=031C-4A65,ou=scripts,o=jans", "inum": "031C-4A65", "name": "id_generator", "description": "Sample Id Generator script", "script": "# oxAuth is available under the MIT License (2008). See http://opensource.org/licenses/MIT for full text.\n# Copyright (c) 2016, Janssen\n#\n# Author: Yuriy Movchan\n#\n\nfrom io.jans.model.custom.script.type.id import IdGeneratorType\nfrom io.jans.util import StringHelper, ArrayHelper\nfrom java.util import Arrays, ArrayList\n\nimport java\n\nclass IdGenerator(IdGeneratorType):\n def __init__(self, currentTimeMillis):\n self.currentTimeMillis = currentTimeMillis\n\n def init(self, customScript, configurationAttributes):\n print \"Id generator. Initialization\"\n print \"Id generator. Initialized successfully\"\n\n return True \n\n def destroy(self, configurationAttributes):\n print \"Id generator. Destroy\"\n print \"Id generator. Destroyed successfully\"\n return True \n\n def getApiVersion(self):\n return 11\n\n # Id generator init method\n # appId is application Id\n # idType is Id Type\n # idPrefix is Id Prefix\n # user is io.jans.oxtrust.model.JanssenCustomPerson\n # configurationAttributes is java.util.Map\n def generateId(self, appId, idType, idPrefix, configurationAttributes):\n print \"Id generator. Generate Id\"\n print \"Id generator. Generate Id. AppId: '\", appId, \"', IdType: '\", idType, \"', IdPrefix: '\", idPrefix, \"'\"\n\n # Return None or empty string to trigger default Id generation method\n return None\n", "scriptType": "id_generator", "programmingLanguage": "python", "moduleProperties": [ { "value1": "location_type", "value2": "ldap" } ], "level": 100, "revision": 1, "enabled": false, "modified": false, "internal": false, "locationType": "ldap", "baseDn": "inum=031C-4A65,ou=scripts,o=jans" } ] } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/scripts.readonly put: tags: - Custom Scripts summary: Updates a custom script description: Updates a custom script operationId: put-config-scripts requestBody: description: CustomScript object content: application/json: schema: $ref: '#/components/schemas/CustomScript' examples: Request json example: description: Request json example value: | { "name": "test_application_session_test", "description": "Sample Application Session script", "script": "# oxAuth is available under the MIT License (2008). See http://opensource.org/licenses/MIT for full text.\n# Copyright (c) 2016, Janssen\n#\n# Author: Yuriy Movchan\n#\n\nfrom io.jans.model.custom.script.type.session import ApplicationSessionType\nfrom io.jans.service.cdi.util import CdiUtil\nfrom io.jans.persist import PersistenceEntryManager\nfrom io.jans.as.model.config import StaticConfiguration\nfrom io.jans.as.model.ldap import TokenEntity\nfrom jakarta.faces.application import FacesMessage\nfrom io.jans.jsf2.message import FacesMessages\nfrom io.jans.util import StringHelper, ArrayHelper\nfrom io.jans.as.model.config import Constants\nfrom java.util import Arrays, ArrayList\nfrom io.jans.as.service.external.session import SessionEventType\n\nimport java\n\nclass ApplicationSession(ApplicationSessionType):\n def __init__(self, currentTimeMillis):\n self.currentTimeMillis = currentTimeMillis\n\n def init(self, customScript, configurationAttributes):\n print \"Application session. Initialization\"\n\n self.entryManager = CdiUtil.bean(PersistenceEntryManager)\n self.staticConfiguration = CdiUtil.bean(StaticConfiguration)\n\n print \"Application session. Initialized successfully\"\n\n return True \n\n def destroy(self, configurationAttributes):\n print \"Application session. Destroy\"\n print \"Application session. Destroyed successfully\"\n return True \n\n def getApiVersion(self):\n return 11\n\n # Called each time specific session event occurs\n # event is io.jans.as.service.external.session.SessionEvent\n def onEvent(self, event):\n if event.getType() == SessionEventType.AUTHENTICATED:\n print \"Session is authenticated, session: \" + event.getSessionId().getId()\n return\n\n # Application calls it at start session request to allow notify 3rd part systems\n # httpRequest is jakarta.servlet.http.HttpServletRequest\n # sessionId is io.jans.as.model.common.SessionId\n # configurationAttributes is java.util.Map\n def startSession(self, httpRequest, sessionId, configurationAttributes):\n print \"Application session. Starting external session\"\n\n user_name = sessionId.getSessionAttributes().get(Constants.AUTHENTICATED_USER)\n\n first_session = self.isFirstSession(user_name)\n if not first_session:\n facesMessages = CdiUtil.bean(FacesMessages)\n facesMessages.add(FacesMessage.SEVERITY_ERROR, \"Please, end active session first!\")\n return False\n\n print \"Application session. External session started successfully\"\n return True\n\n # Application calls it at end session request to allow notify 3rd part systems\n # httpRequest is jakarta.servlet.http.HttpServletRequest\n # sessionId is io.jans.as.model.common.SessionId\n # configurationAttributes is java.util.Map\n def endSession(self, httpRequest, sessionId, configurationAttributes):\n print \"Application session. Starting external session end\"\n\n print \"Application session. External session ended successfully\"\n return True\n\n # Application calls it during /session/active endpoint call to modify response if needed\n # jsonArray is org.json.JSONArray\n # context is io.jans.as.server.model.common.ExecutionContext\n def modifyActiveSessionsResponse(self, jsonArray, context):\n return False\n\n def isFirstSession(self, user_name):\n tokenLdap = TokenEntity()\n tokenLdap.setDn(self.staticConfiguration.getBaseDn().getClients())\n tokenLdap.setUserId(user_name)\n\n tokenLdapList = self.entryManager.findEntries(tokenLdap, 1)\n print \"Application session. isFirstSession. Get result: '%s'\" % tokenLdapList\n\n if (tokenLdapList != None) and (tokenLdapList.size() > 0):\n print \"Application session. isFirstSession: False\"\n return False\n\n print \"Application session. isFirstSession: True\"\n return True\n", "scriptType": "application_session", "programmingLanguage": "python", "moduleProperties": [ { "value1": "location_type", "value2": "ldap" } ], "level": 800, "revision": 8, "enabled": false, "modified": false, "internal": false, "locationType": "ldap" } responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/CustomScript' examples: Response json example: description: Response json example value: | { "dn": "inum=4144edf6-af99-451d-be29-f3eb5c0e9143,ou=scripts,o=jans", "inum": "4144edf6-af99-451d-be29-f3eb5c0e9143", "name": "test_application_session_test", "description": "Sample Application Session script", "script": "# oxAuth is available under the MIT License (2008). See http://opensource.org/licenses/MIT for full text.\n# Copyright (c) 2016, Janssen\n#\n# Author: Yuriy Movchan\n#\n\nfrom io.jans.model.custom.script.type.session import ApplicationSessionType\nfrom io.jans.service.cdi.util import CdiUtil\nfrom io.jans.persist import PersistenceEntryManager\nfrom io.jans.as.model.config import StaticConfiguration\nfrom io.jans.as.model.ldap import TokenEntity\nfrom jakarta.faces.application import FacesMessage\nfrom io.jans.jsf2.message import FacesMessages\nfrom io.jans.util import StringHelper, ArrayHelper\nfrom io.jans.as.model.config import Constants\nfrom java.util import Arrays, ArrayList\nfrom io.jans.as.service.external.session import SessionEventType\n\nimport java\n\nclass ApplicationSession(ApplicationSessionType):\n def __init__(self, currentTimeMillis):\n self.currentTimeMillis = currentTimeMillis\n\n def init(self, customScript, configurationAttributes):\n print \"Application session. Initialization\"\n\n self.entryManager = CdiUtil.bean(PersistenceEntryManager)\n self.staticConfiguration = CdiUtil.bean(StaticConfiguration)\n\n print \"Application session. Initialized successfully\"\n\n return True \n\n def destroy(self, configurationAttributes):\n print \"Application session. Destroy\"\n print \"Application session. Destroyed successfully\"\n return True \n\n def getApiVersion(self):\n return 11\n\n # Called each time specific session event occurs\n # event is io.jans.as.service.external.session.SessionEvent\n def onEvent(self, event):\n if event.getType() == SessionEventType.AUTHENTICATED:\n print \"Session is authenticated, session: \" + event.getSessionId().getId()\n return\n\n # Application calls it at start session request to allow notify 3rd part systems\n # httpRequest is jakarta.servlet.http.HttpServletRequest\n # sessionId is io.jans.as.model.common.SessionId\n # configurationAttributes is java.util.Map\n def startSession(self, httpRequest, sessionId, configurationAttributes):\n print \"Application session. Starting external session\"\n\n user_name = sessionId.getSessionAttributes().get(Constants.AUTHENTICATED_USER)\n\n first_session = self.isFirstSession(user_name)\n if not first_session:\n facesMessages = CdiUtil.bean(FacesMessages)\n facesMessages.add(FacesMessage.SEVERITY_ERROR, \"Please, end active session first!\")\n return False\n\n print \"Application session. External session started successfully\"\n return True\n\n # Application calls it at end session request to allow notify 3rd part systems\n # httpRequest is jakarta.servlet.http.HttpServletRequest\n # sessionId is io.jans.as.model.common.SessionId\n # configurationAttributes is java.util.Map\n def endSession(self, httpRequest, sessionId, configurationAttributes):\n print \"Application session. Starting external session end\"\n\n print \"Application session. External session ended successfully\"\n return True\n\n # Application calls it during /session/active endpoint call to modify response if needed\n # jsonArray is org.json.JSONArray\n # context is io.jans.as.server.model.common.ExecutionContext\n def modifyActiveSessionsResponse(self, jsonArray, context):\n return False\n\n def isFirstSession(self, user_name):\n tokenLdap = TokenEntity()\n tokenLdap.setDn(self.staticConfiguration.getBaseDn().getClients())\n tokenLdap.setUserId(user_name)\n\n tokenLdapList = self.entryManager.findEntries(tokenLdap, 1)\n print \"Application session. isFirstSession. Get result: '%s'\" % tokenLdapList\n\n if (tokenLdapList != None) and (tokenLdapList.size() > 0):\n print \"Application session. isFirstSession: False\"\n return False\n\n print \"Application session. isFirstSession: True\"\n return True\n", "scriptType": "application_session", "programmingLanguage": "python", "moduleProperties": [ { "value1": "location_type", "value2": "ldap" } ], "level": 800, "revision": 8, "enabled": false, "modified": false, "internal": false, "locationType": "ldap", "baseDn": "inum=4144edf6-af99-451d-be29-f3eb5c0e9143,ou=scripts,o=jans" } "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/scripts.write post: tags: - Custom Scripts summary: Adds a new custom script description: Adds a new custom script operationId: post-config-scripts parameters: - name: addScriptTemplate in: query description: Boolean flag to indicate if script template is to be added. If CustomScript request object has script populated then script template will not be added. schema: type: boolean default: false requestBody: description: CustomScript object content: application/json: schema: $ref: '#/components/schemas/CustomScript' examples: Request json example: description: Request json example value: | { "name": "test_application_session_test", "description": "Sample Application Session script", "script": "# oxAuth is available under the MIT License (2008). See http://opensource.org/licenses/MIT for full text.\n# Copyright (c) 2016, Janssen\n#\n# Author: Yuriy Movchan\n#\n\nfrom io.jans.model.custom.script.type.session import ApplicationSessionType\nfrom io.jans.service.cdi.util import CdiUtil\nfrom io.jans.persist import PersistenceEntryManager\nfrom io.jans.as.model.config import StaticConfiguration\nfrom io.jans.as.model.ldap import TokenEntity\nfrom jakarta.faces.application import FacesMessage\nfrom io.jans.jsf2.message import FacesMessages\nfrom io.jans.util import StringHelper, ArrayHelper\nfrom io.jans.as.model.config import Constants\nfrom java.util import Arrays, ArrayList\nfrom io.jans.as.service.external.session import SessionEventType\n\nimport java\n\nclass ApplicationSession(ApplicationSessionType):\n def __init__(self, currentTimeMillis):\n self.currentTimeMillis = currentTimeMillis\n\n def init(self, customScript, configurationAttributes):\n print \"Application session. Initialization\"\n\n self.entryManager = CdiUtil.bean(PersistenceEntryManager)\n self.staticConfiguration = CdiUtil.bean(StaticConfiguration)\n\n print \"Application session. Initialized successfully\"\n\n return True \n\n def destroy(self, configurationAttributes):\n print \"Application session. Destroy\"\n print \"Application session. Destroyed successfully\"\n return True \n\n def getApiVersion(self):\n return 11\n\n # Called each time specific session event occurs\n # event is io.jans.as.service.external.session.SessionEvent\n def onEvent(self, event):\n if event.getType() == SessionEventType.AUTHENTICATED:\n print \"Session is authenticated, session: \" + event.getSessionId().getId()\n return\n\n # Application calls it at start session request to allow notify 3rd part systems\n # httpRequest is jakarta.servlet.http.HttpServletRequest\n # sessionId is io.jans.as.model.common.SessionId\n # configurationAttributes is java.util.Map\n def startSession(self, httpRequest, sessionId, configurationAttributes):\n print \"Application session. Starting external session\"\n\n user_name = sessionId.getSessionAttributes().get(Constants.AUTHENTICATED_USER)\n\n first_session = self.isFirstSession(user_name)\n if not first_session:\n facesMessages = CdiUtil.bean(FacesMessages)\n facesMessages.add(FacesMessage.SEVERITY_ERROR, \"Please, end active session first!\")\n return False\n\n print \"Application session. External session started successfully\"\n return True\n\n # Application calls it at end session request to allow notify 3rd part systems\n # httpRequest is jakarta.servlet.http.HttpServletRequest\n # sessionId is io.jans.as.model.common.SessionId\n # configurationAttributes is java.util.Map\n def endSession(self, httpRequest, sessionId, configurationAttributes):\n print \"Application session. Starting external session end\"\n\n print \"Application session. External session ended successfully\"\n return True\n\n # Application calls it during /session/active endpoint call to modify response if needed\n # jsonArray is org.json.JSONArray\n # context is io.jans.as.server.model.common.ExecutionContext\n def modifyActiveSessionsResponse(self, jsonArray, context):\n return False\n\n def isFirstSession(self, user_name):\n tokenLdap = TokenEntity()\n tokenLdap.setDn(self.staticConfiguration.getBaseDn().getClients())\n tokenLdap.setUserId(user_name)\n\n tokenLdapList = self.entryManager.findEntries(tokenLdap, 1)\n print \"Application session. isFirstSession. Get result: '%s'\" % tokenLdapList\n\n if (tokenLdapList != None) and (tokenLdapList.size() > 0):\n print \"Application session. isFirstSession: False\"\n return False\n\n print \"Application session. isFirstSession: True\"\n return True\n", "scriptType": "application_session", "programmingLanguage": "python", "moduleProperties": [ { "value1": "location_type", "value2": "ldap" } ], "level": 800, "revision": 8, "enabled": false, "modified": false, "internal": false, "locationType": "ldap" } responses: "201": description: Created content: application/json: schema: $ref: '#/components/schemas/CustomScript' examples: Response json example: description: Response json example value: | { "dn": "inum=4144edf6-af99-451d-be29-f3eb5c0e9143,ou=scripts,o=jans", "inum": "4144edf6-af99-451d-be29-f3eb5c0e9143", "name": "test_application_session_test", "description": "Sample Application Session script", "script": "# oxAuth is available under the MIT License (2008). See http://opensource.org/licenses/MIT for full text.\n# Copyright (c) 2016, Janssen\n#\n# Author: Yuriy Movchan\n#\n\nfrom io.jans.model.custom.script.type.session import ApplicationSessionType\nfrom io.jans.service.cdi.util import CdiUtil\nfrom io.jans.persist import PersistenceEntryManager\nfrom io.jans.as.model.config import StaticConfiguration\nfrom io.jans.as.model.ldap import TokenEntity\nfrom jakarta.faces.application import FacesMessage\nfrom io.jans.jsf2.message import FacesMessages\nfrom io.jans.util import StringHelper, ArrayHelper\nfrom io.jans.as.model.config import Constants\nfrom java.util import Arrays, ArrayList\nfrom io.jans.as.service.external.session import SessionEventType\n\nimport java\n\nclass ApplicationSession(ApplicationSessionType):\n def __init__(self, currentTimeMillis):\n self.currentTimeMillis = currentTimeMillis\n\n def init(self, customScript, configurationAttributes):\n print \"Application session. Initialization\"\n\n self.entryManager = CdiUtil.bean(PersistenceEntryManager)\n self.staticConfiguration = CdiUtil.bean(StaticConfiguration)\n\n print \"Application session. Initialized successfully\"\n\n return True \n\n def destroy(self, configurationAttributes):\n print \"Application session. Destroy\"\n print \"Application session. Destroyed successfully\"\n return True \n\n def getApiVersion(self):\n return 11\n\n # Called each time specific session event occurs\n # event is io.jans.as.service.external.session.SessionEvent\n def onEvent(self, event):\n if event.getType() == SessionEventType.AUTHENTICATED:\n print \"Session is authenticated, session: \" + event.getSessionId().getId()\n return\n\n # Application calls it at start session request to allow notify 3rd part systems\n # httpRequest is jakarta.servlet.http.HttpServletRequest\n # sessionId is io.jans.as.model.common.SessionId\n # configurationAttributes is java.util.Map\n def startSession(self, httpRequest, sessionId, configurationAttributes):\n print \"Application session. Starting external session\"\n\n user_name = sessionId.getSessionAttributes().get(Constants.AUTHENTICATED_USER)\n\n first_session = self.isFirstSession(user_name)\n if not first_session:\n facesMessages = CdiUtil.bean(FacesMessages)\n facesMessages.add(FacesMessage.SEVERITY_ERROR, \"Please, end active session first!\")\n return False\n\n print \"Application session. External session started successfully\"\n return True\n\n # Application calls it at end session request to allow notify 3rd part systems\n # httpRequest is jakarta.servlet.http.HttpServletRequest\n # sessionId is io.jans.as.model.common.SessionId\n # configurationAttributes is java.util.Map\n def endSession(self, httpRequest, sessionId, configurationAttributes):\n print \"Application session. Starting external session end\"\n\n print \"Application session. External session ended successfully\"\n return True\n\n # Application calls it during /session/active endpoint call to modify response if needed\n # jsonArray is org.json.JSONArray\n # context is io.jans.as.server.model.common.ExecutionContext\n def modifyActiveSessionsResponse(self, jsonArray, context):\n return False\n\n def isFirstSession(self, user_name):\n tokenLdap = TokenEntity()\n tokenLdap.setDn(self.staticConfiguration.getBaseDn().getClients())\n tokenLdap.setUserId(user_name)\n\n tokenLdapList = self.entryManager.findEntries(tokenLdap, 1)\n print \"Application session. isFirstSession. Get result: '%s'\" % tokenLdapList\n\n if (tokenLdapList != None) and (tokenLdapList.size() > 0):\n print \"Application session. isFirstSession: False\"\n return False\n\n print \"Application session. isFirstSession: True\"\n return True\n", "scriptType": "application_session", "programmingLanguage": "python", "moduleProperties": [ { "value1": "location_type", "value2": "ldap" } ], "level": 800, "revision": 8, "enabled": false, "modified": false, "internal": false, "locationType": "ldap", "baseDn": "inum=4144edf6-af99-451d-be29-f3eb5c0e9143,ou=scripts,o=jans" } "401": description: Unauthorized "400": description: Bad Request "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/scripts.write /api/v1/config/scripts/{inum}: delete: tags: - Custom Scripts summary: Deletes a custom script description: Deletes a custom script operationId: delete-config-scripts-by-inum parameters: - name: inum in: path description: Script identifier required: true schema: type: string responses: "204": description: No Content "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/scripts.delete patch: tags: - Custom Scripts summary: Patches a custom script description: Patches a custom script operationId: patch-config-scripts-by-inum parameters: - name: inum in: path description: Script identifier required: true schema: type: string requestBody: description: JsonPatch object content: application/json-patch+json: schema: type: array items: $ref: '#/components/schemas/JsonPatch' examples: Request json example: description: Request json example value: "[{ \"op\": \"replace\", \"path\": \"/enabled\", \"value\"\ :false},{ \"op\": \"replace\", \"path\": \"/revision\", \"value\"\ :2}] \n" responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/CustomScript' "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/scripts.write /api/v1/config/scripts/inum/{inum}: get: tags: - Custom Scripts summary: Gets a script by Inum description: Gets a script by Inum operationId: get-config-scripts-by-inum parameters: - name: inum in: path description: Script identifier required: true schema: type: string responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/CustomScript' examples: Response json example: description: Response json example value: | { "dn": "inum=0300-BA90,ou=scripts,o=jans", "inum": "0300-BA90", "name": "discovery_java_params", "description": "Java Custom Sample Script", "script": "/* Copyright (c) 2022, Gluu\n Author: Yuriy Z\n */\n\nimport io.jans.model.SimpleCustomProperty;\nimport io.jans.model.custom.script.model.CustomScript;\nimport io.jans.model.custom.script.type.discovery.DiscoveryType;\nimport io.jans.service.custom.script.CustomScriptManager;\nimport org.slf4j.Logger;\nimport org.slf4j.LoggerFactory;\nimport org.json.JSONObject;\n\nimport java.util.Map;\n\npublic class Discovery implements DiscoveryType {\n\n private static final Logger log = LoggerFactory.getLogger(Discovery.class);\n private static final Logger scriptLogger = LoggerFactory.getLogger(CustomScriptManager.class);\n\n @Override\n public boolean init(Map configurationAttributes) {\n log.info(\"Init of Discovery Java custom script\");\n return true;\n }\n\n @Override\n public boolean init(CustomScript customScript, Map configurationAttributes) {\n log.info(\"Init of Discovery Java custom script\");\n return true;\n }\n\n @Override\n public boolean destroy(Map configurationAttributes) {\n log.info(\"Destroy of Discovery Java custom script\");\n return true;\n }\n\n @Override\n public int getApiVersion() {\n log.info(\"getApiVersion Discovery Java custom script: 11\");\n return 11;\n }\n\n @Override\n public boolean modifyResponse(Object responseAsJsonObject, Object context) {\n scriptLogger.info(\"write to script logger\");\n JSONObject response = (JSONObject) responseAsJsonObject;\n response.accumulate(\"key_from_java\", \"value_from_script_on_java\");\n return true;\n }\n}\n", "scriptType": "discovery", "programmingLanguage": "java", "moduleProperties": [ { "value1": "location_type", "value2": "ldap" } ], "level": 1, "revision": 11, "enabled": true, "modified": false, "internal": false, "locationType": "ldap", "baseDn": "inum=0300-BA90,ou=scripts,o=jans" } "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/scripts.readonly /api/v1/config/scripts/name/{name}: get: tags: - Custom Scripts summary: Fetch custom script by name description: Fetch custom script by name operationId: get-custom-script-by-name parameters: - name: name in: path description: Script name required: true schema: type: string responses: "200": description: CustomScript content: application/json: schema: $ref: '#/components/schemas/CustomScript' examples: Response json example: description: Response json example value: | { "dn": "inum=0300-BA90,ou=scripts,o=jans", "inum": "0300-BA90", "name": "discovery_java_params", "description": "Java Custom Sample Script", "script": "/* Copyright (c) 2022, Gluu\n Author: Yuriy Z\n */\n\nimport io.jans.model.SimpleCustomProperty;\nimport io.jans.model.custom.script.model.CustomScript;\nimport io.jans.model.custom.script.type.discovery.DiscoveryType;\nimport io.jans.service.custom.script.CustomScriptManager;\nimport org.slf4j.Logger;\nimport org.slf4j.LoggerFactory;\nimport org.json.JSONObject;\n\nimport java.util.Map;\n\npublic class Discovery implements DiscoveryType {\n\n private static final Logger log = LoggerFactory.getLogger(Discovery.class);\n private static final Logger scriptLogger = LoggerFactory.getLogger(CustomScriptManager.class);\n\n @Override\n public boolean init(Map configurationAttributes) {\n log.info(\"Init of Discovery Java custom script\");\n return true;\n }\n\n @Override\n public boolean init(CustomScript customScript, Map configurationAttributes) {\n log.info(\"Init of Discovery Java custom script\");\n return true;\n }\n\n @Override\n public boolean destroy(Map configurationAttributes) {\n log.info(\"Destroy of Discovery Java custom script\");\n return true;\n }\n\n @Override\n public int getApiVersion() {\n log.info(\"getApiVersion Discovery Java custom script: 11\");\n return 11;\n }\n\n @Override\n public boolean modifyResponse(Object responseAsJsonObject, Object context) {\n scriptLogger.info(\"write to script logger\");\n JSONObject response = (JSONObject) responseAsJsonObject;\n response.accumulate(\"key_from_java\", \"value_from_script_on_java\");\n return true;\n }\n}\n", "scriptType": "discovery", "programmingLanguage": "java", "moduleProperties": [ { "value1": "location_type", "value2": "ldap" } ], "level": 1, "revision": 11, "enabled": true, "modified": false, "internal": false, "locationType": "ldap", "baseDn": "inum=0300-BA90,ou=scripts,o=jans" } "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/scripts.readonly /api/v1/config/scripts/types: get: tags: - Custom Scripts summary: Fetch custom script types description: Fetch custom script types operationId: get-custom-script-type responses: "200": description: Ok content: application/json: schema: type: array items: type: string enum: - person_authentication - authorization_challenge - introspection - resource_owner_password_credentials - application_session - cache_refresh - client_registration - id_generator - uma_rpt_policy - uma_rpt_claims - uma_claims_gathering - consent_gathering - dynamic_scope - spontaneous_scope - end_session - post_authn - select_account - create_user - scim - ciba_end_user_notification - revoke_token - persistence_extension - idp - discovery - health_check - authz_detail - update_token - config_api_auth - modify_ssa_response - fido2_extension - lock_extension examples: Response json example: description: Response json example value: | [ "discovery", "consent_gathering", "ciba_end_user_notification", "id_generator", "idp", "introspection", "persistence_extension", "cache_refresh", "uma_rpt_policy", "update_token", "scim", "end_session", "config_api_auth", "uma_claims_gathering", "person_authentication", "resource_owner_password_credentials", "authorization_challenge", "client_registration", "dynamic_scope", "application_session" ] "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/scripts.readonly /api/v1/config/scripts/script-types: get: tags: - Custom Scripts summary: Fetch custom script types description: Fetch custom script types operationId: get-custom-script-types responses: "200": description: Ok content: application/json: schema: type: array items: type: string examples: Response json example: description: Response json example value: | [ "discovery", "consent_gathering", "ciba_end_user_notification", "id_generator", "idp", "introspection", "persistence_extension", "cache_refresh", "uma_rpt_policy", "update_token", "scim", "end_session", "config_api_auth", "uma_claims_gathering", "person_authentication", "resource_owner_password_credentials", "authorization_challenge", "client_registration", "dynamic_scope", "application_session" ] "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/scripts.readonly /api/v1/config/scripts/type/{type}: get: tags: - Custom Scripts summary: Gets list of scripts by type description: Gets list of scripts by type operationId: get-config-scripts-by-type parameters: - name: type in: path description: Script type required: true schema: type: string - name: limit in: query description: Search size - max size of the results to return schema: type: integer format: int32 default: 50 - name: pattern in: query description: Search pattern schema: type: string default: "" - name: startIndex in: query description: The 1-based index of the first query result schema: type: integer format: int32 default: 0 - name: sortBy in: query description: Attribute whose value will be used to order the returned response schema: type: string default: inum - name: sortOrder in: query description: Order in which the sortBy param is applied. Allowed values are "ascending" and "descending" schema: type: string default: ascending - name: fieldValuePair in: query description: Field and value pair for seraching schema: type: string default: "" examples: Field value example: description: Field value example value: "adminCanEdit=true,dataType=string" responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/PagedResult' examples: Response json example: description: Response json example value: | { "start": 0, "totalEntriesCount": 1, "entriesCount": 1, "entries": [ { "dn": "inum=0300-BA90,ou=scripts,o=jans", "inum": "0300-BA90", "name": "discovery_java_params", "description": "Java Custom Sample Script", "script": "/* Copyright (c) 2022, Gluu\n Author: Yuriy Z\n */\n\nimport io.jans.model.SimpleCustomProperty;\nimport io.jans.model.custom.script.model.CustomScript;\nimport io.jans.model.custom.script.type.discovery.DiscoveryType;\nimport io.jans.service.custom.script.CustomScriptManager;\nimport org.slf4j.Logger;\nimport org.slf4j.LoggerFactory;\nimport org.json.JSONObject;\n\nimport java.util.Map;\n\npublic class Discovery implements DiscoveryType {\n\n private static final Logger log = LoggerFactory.getLogger(Discovery.class);\n private static final Logger scriptLogger = LoggerFactory.getLogger(CustomScriptManager.class);\n\n @Override\n public boolean init(Map configurationAttributes) {\n log.info(\"Init of Discovery Java custom script\");\n return true;\n }\n\n @Override\n public boolean init(CustomScript customScript, Map configurationAttributes) {\n log.info(\"Init of Discovery Java custom script\");\n return true;\n }\n\n @Override\n public boolean destroy(Map configurationAttributes) {\n log.info(\"Destroy of Discovery Java custom script\");\n return true;\n }\n\n @Override\n public int getApiVersion() {\n log.info(\"getApiVersion Discovery Java custom script: 11\");\n return 11;\n }\n\n @Override\n public boolean modifyResponse(Object responseAsJsonObject, Object context) {\n scriptLogger.info(\"write to script logger\");\n JSONObject response = (JSONObject) responseAsJsonObject;\n response.accumulate(\"key_from_java\", \"value_from_script_on_java\");\n return true;\n }\n}\n", "scriptType": "discovery", "programmingLanguage": "java", "moduleProperties": [ { "value1": "location_type", "value2": "ldap" } ], "level": 1, "revision": 11, "enabled": true, "modified": false, "internal": false, "locationType": "ldap", "baseDn": "inum=0300-BA90,ou=scripts,o=jans" } ] } "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/scripts.readonly /api/v1/jans-auth-server/health: get: tags: - Auth Server Health - Check summary: Returns auth server health status description: Returns auth server health status operationId: get-auth-server-health responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/JsonNode' examples: Response json example: description: Response json example value: | { "status": "running", "db_status": "online" } "500": description: InternalServerError /api/v1/config/jwks/{kid}: get: tags: - Configuration – JWK - JSON Web Key (JWK) summary: Get a JSON Web Key based on kid description: Get a JSON Web Key based on kid operationId: get-jwk-by-kid parameters: - name: kid in: path description: The unique identifier for the key required: true schema: type: string responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/JSONWebKey' examples: Response json example: description: Response json example value: | { "kid": "1230bfb-276a-44aa-a97d-667b57587108_sig_rs256", "kty": "RSA", "use": "sig", "alg": "RS256", "exp": 1599751946863, "x5c": [ "A0GCSqGSIb3DQEBCwUAMCExHzAdBgNVBAMMFm94QXV0aCBDQSBDZXJ0aWZpY2F0ZXMwHhcNMjAwOTA4MTUzMjE3WhcNMjAwOTEwMTUzMjI2WjAhMR8wHQYDVQQDDBZveEF1dGggQ0EgQ2VydGlmaWNhdGVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzj1NEHyGk/ywG25py2s/zVVrRggzRO0jE6VOUvqUzsEJwt1aszQ4onFu6vgtjNwq2ZmEFZbw1Jw7dlz4Xrdj12pQlLVuEhyVaTziQp3LvspqxyACHQb8XSKFdKZaa1eBF8PGN5zDN/d+tIrAZYnQS2gH8BoPIuB3Z9AoCLTzifnPvmOwW/e+/Wags/ApZiEfF2Po0InV5NeJAyoIpaGhlwjqqOWXm/GpCASAk9ZD8Ebnmy9RM71zDCgmvq/hPueKnbNTZdQ3TQdzEuSwxbWEHu16v5MbF7QtNzvFSFlllhgwqI2ccEljDbs18j3DUS2B1VTTAr/DLR3SVyCYbKBbRQIDAQABoycwJTAjBgNVHSUEHDAaBggrBgEFBQcDAQYIKwYBBQUHAwIGBFUdJQAwDQYJKoZIhvcNAQELBQADggEBADaqrfVH1FX0FLp99TG9fHOiOMD12vsIPANb9QbIADineFrSvUI3zIX56PpvMT+EApaLPcIYSwG1YziWT1oGDGkfyinofSRGl4JcC63slChUBfjlBZlXTIlc7CJA7CfzO6BW3SvO0GPF0NStCUD9Ou4oOVaIc3XrPzhIAp71cF9iLFnQUK1hiD9NhQUm5v2Nq+sQdjAxSlqigXnc+rB9+V8snCkr9x9q1cysq1ZyCRT55psa53Irqtc50T2PHA6kyzEVW51+yFaZa8z+WMoofr6ndx2DFI7n5+8jFGs9WoP+/zV8E/XK61iy+EdXVjXQYVcArjEzeIahn8QOd/hUcfo=" ], "n": "EFZbw1Jw7dlz4Xrdj12pQlLVuEhyVaTziQp3LvspqxyACHQb8XSKFdKZaa1eBF8PGN5zDN_d-tIrAZYnQS2gH8BoPIuB3Z9AoCLTzifnPvmOwW_e-_Wags_ApZiEfF2Po0InV5NeJAyoIpaGhlwjqqOWXm_GpCASAk9ZD8Ebnmy9RM71zDCgmvq_hPueKnbNTZdQ3TQdzEuSwxbWEHu16v5MbF7QtNzvFSFlllhgwqI2ccEljDbs18j3DUS2B1VTTAr_DLR3SVyCYbKBbRQ", "e": "AQAB" } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/jwks.readonly delete: tags: - Configuration – JWK - JSON Web Key (JWK) summary: Delete a JSON Web Key based on kid description: Delete a JSON Web Key based on kid operationId: delete-config-jwk-kid parameters: - name: kid in: path description: The unique identifier for the key required: true schema: type: string responses: "204": description: No Content "401": description: Unauthorized "406": description: Not Acceptable "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/jwks.delete patch: tags: - Configuration – JWK - JSON Web Key (JWK) summary: Patch a specific JSON Web Key based on kid description: Patch a specific JSON Web Key based on kid operationId: patch-config-jwk-kid parameters: - name: kid in: path description: The unique identifier for the key required: true schema: type: string requestBody: description: JsonPatch object content: application/json-patch+json: schema: type: array items: $ref: '#/components/schemas/JsonPatch' examples: Request json example: description: Request json example value: "[\n { \"op\": \"replace\", \"path\": \"/use\", \"value\"\ :\"enc\"},\n { \"op\": \"replace\", \"path\": \"/e\", \"value\"\ :\"Updated_XYZ\"}\n] \n" responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/JSONWebKey' examples: Response json example: description: Response json example value: | { "kid": "1230bfb-276a-44aa-a97d-667b57587108_sig_rs256", "kty": "RSA", "use": "enc", "alg": "RS256", "exp": 1599751946863, "x5c": [ "A0GCSqGSIb3DQEBCwUAMCExHzAdBgNVBAMMFm94QXV0aCBDQSBDZXJ0aWZpY2F0ZXMwHhcNMjAwOTA4MTUzMjE3WhcNMjAwOTEwMTUzMjI2WjAhMR8wHQYDVQQDDBZveEF1dGggQ0EgQ2VydGlmaWNhdGVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzj1NEHyGk/ywG25py2s/zVVrRggzRO0jE6VOUvqUzsEJwt1aszQ4onFu6vgtjNwq2ZmEFZbw1Jw7dlz4Xrdj12pQlLVuEhyVaTziQp3LvspqxyACHQb8XSKFdKZaa1eBF8PGN5zDN/d+tIrAZYnQS2gH8BoPIuB3Z9AoCLTzifnPvmOwW/e+/Wags/ApZiEfF2Po0InV5NeJAyoIpaGhlwjqqOWXm/GpCASAk9ZD8Ebnmy9RM71zDCgmvq/hPueKnbNTZdQ3TQdzEuSwxbWEHu16v5MbF7QtNzvFSFlllhgwqI2ccEljDbs18j3DUS2B1VTTAr/DLR3SVyCYbKBbRQIDAQABoycwJTAjBgNVHSUEHDAaBggrBgEFBQcDAQYIKwYBBQUHAwIGBFUdJQAwDQYJKoZIhvcNAQELBQADggEBADaqrfVH1FX0FLp99TG9fHOiOMD12vsIPANb9QbIADineFrSvUI3zIX56PpvMT+EApaLPcIYSwG1YziWT1oGDGkfyinofSRGl4JcC63slChUBfjlBZlXTIlc7CJA7CfzO6BW3SvO0GPF0NStCUD9Ou4oOVaIc3XrPzhIAp71cF9iLFnQUK1hiD9NhQUm5v2Nq+sQdjAxSlqigXnc+rB9+V8snCkr9x9q1cysq1ZyCRT55psa53Irqtc50T2PHA6kyzEVW51+yFaZa8z+WMoofr6ndx2DFI7n5+8jFGs9WoP+/zV8E/XK61iy+EdXVjXQYVcArjEzeIahn8QOd/hUcfo=" ], "n": "EFZbw1Jw7dlz4Xrdj12pQlLVuEhyVaTziQp3LvspqxyACHQb8XSKFdKZaa1eBF8PGN5zDN_d-tIrAZYnQS2gH8BoPIuB3Z9AoCLTzifnPvmOwW_e-_Wags_ApZiEfF2Po0InV5NeJAyoIpaGhlwjqqOWXm_GpCASAk9ZD8Ebnmy9RM71zDCgmvq_hPueKnbNTZdQ3TQdzEuSwxbWEHu16v5MbF7QtNzvFSFlllhgwqI2ccEljDbs18j3DUS2B1VTTAr_DLR3SVyCYbKBbRQ", "e": "Updated_XYZ" } "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/jwks.write /api/v1/config/jwks: get: tags: - Configuration – JWK - JSON Web Key (JWK) summary: Gets list of JSON Web Key (JWK) used by server description: Gets list of JSON Web Key (JWK) used by server operationId: get-config-jwks responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/WebKeysConfiguration' examples: Response json example: description: Response json example value: "{\n \"keys\": [\n {\n \"descr\": \"\ Signature Key: RSA RSASSA-PKCS1-v1_5 using SHA-256\",\n \ \ \"kty\": \"RSA\",\n \"e\": \"AQAB\",\n \ \ \"use\": \"sig\",\n \"kid\": \"abc3a91b-dd1b-47b0-b7e7-aaf2ec3b9d5e_sig_rs256\"\ ,\n \"x5c\": [\n \"E3+Z7Ie9FVpDIqeBo/xI8/q7CCDxCHTtiTQjGS5j/XV4VcPt7i9mrQsajbndCAmynVw==\"\ \n ],\n \"name\": \"id_token RS256 Sign\ \ Key\",\n \"exp\": 1666775666429,\n \"\ alg\": \"RS256\",\n \"n\": \"qzu2jRl6UoTnnUJS6zg7ghavupiUQ3Ux4fAH6H7DCXF-cuOgelBjUj_GLPqz5FeOCnQ\"\ \n },\n\t\t{\n \"descr\": \"Encryption Key:\ \ Elliptic Curve Diffie-Hellman Ephemeral Static key agreement\ \ using Concat KDF\",\n \"kty\": \"EC\",\n \ \ \"use\": \"enc\",\n \"crv\": \"P-256\",\n \ \ \"kid\": \"0870a2b9-1200-42a2-9b12-e2fa89ce3bd0_enc_ecdh-es\"\ ,\n \"x5c\": [\n \"tE24Ofz3eFhtBAIhAINgdWN86TOOEAUXUr2ijmaAPBgn7mGoeg4c7FfyZTxn\"\ \n ],\n \"name\": \"id_token ECDH-ES Encryption\ \ Key\",\n \"x\": \"NBJAtpZ-jWGjaXDFYgt38\",\n \ \ \"y\": \"7n6oS9y5vN2XrTKMKilo\",\n \"exp\"\ : 1666775666429,\n \"alg\": \"ECDH-ES\"\n }\n\ \ ]\n}\n" "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/jwks.readonly put: tags: - Configuration – JWK - JSON Web Key (JWK) summary: Replaces JSON Web Keys description: Replaces JSON Web Keys operationId: put-config-jwks requestBody: description: JSON Web Keys object content: application/json: schema: $ref: '#/components/schemas/WebKeysConfiguration' examples: Request json example: description: Request json example value: "{\n \"keys\": [\n {\n \"descr\": \"Signature\ \ Key: RSA RSASSA-PKCS1-v1_5 using SHA-256\",\n \"kty\"\ : \"RSA\",\n \"e\": \"AQAB\",\n \"use\": \"\ sig\",\n \"kid\": \"abc3a91b-dd1b-47b0-b7e7-aaf2ec3b9d5e_sig_rs256\"\ ,\n \"x5c\": [\n \"E3+Z7Ie9FVpDIqeBo/xI8/q7CCDxCHTtiTQjGS5j/XV4VcPt7i9mrQsajbndCAmynVw==\"\ \n ],\n \"name\": \"id_token RS256 Sign Key\"\ ,\n \"exp\": 1666775666429,\n \"alg\": \"\ RS256\",\n \"n\": \"qzu2jRl6UoTnnUJS6zg7ghavupiUQ3Ux4fAH6H7DCXF-cuOgelBjUj_GLPqz5FeOCnQ\"\ \n },\n\t\t{\n \"descr\": \"Encryption Key: Elliptic\ \ Curve Diffie-Hellman Ephemeral Static key agreement using Concat\ \ KDF\",\n \"kty\": \"EC\",\n \"use\": \"\ enc\",\n \"crv\": \"P-256\",\n \"kid\": \"\ 0870a2b9-1200-42a2-9b12-e2fa89ce3bd0_enc_ecdh-es\",\n \ \ \"x5c\": [\n \"tE24Ofz3eFhtBAIhAINgdWN86TOOEAUXUr2ijmaAPBgn7mGoeg4c7FfyZTxn\"\ \n ],\n \"name\": \"id_token ECDH-ES Encryption\ \ Key\",\n \"x\": \"NBJAtpZ-jWGjaXDFYgt38\",\n \ \ \"y\": \"7n6oS9y5vN2XrTKMKilo\",\n \"exp\": 1666775666429,\n\ \ \"alg\": \"ECDH-ES\"\n }\n ]\n}\n" responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/WebKeysConfiguration' examples: Response json example: description: Response json example value: "{\n \"keys\": [\n {\n \"descr\": \"\ Signature Key: RSA RSASSA-PKCS1-v1_5 using SHA-256\",\n \ \ \"kty\": \"RSA\",\n \"e\": \"AQAB\",\n \ \ \"use\": \"sig\",\n \"kid\": \"abc3a91b-dd1b-47b0-b7e7-aaf2ec3b9d5e_sig_rs256\"\ ,\n \"x5c\": [\n \"E3+Z7Ie9FVpDIqeBo/xI8/q7CCDxCHTtiTQjGS5j/XV4VcPt7i9mrQsajbndCAmynVw==\"\ \n ],\n \"name\": \"id_token RS256 Sign\ \ Key\",\n \"exp\": 1666775666429,\n \"\ alg\": \"RS256\",\n \"n\": \"qzu2jRl6UoTnnUJS6zg7ghavupiUQ3Ux4fAH6H7DCXF-cuOgelBjUj_GLPqz5FeOCnQ\"\ \n },\n\t\t{\n \"descr\": \"Encryption Key:\ \ Elliptic Curve Diffie-Hellman Ephemeral Static key agreement\ \ using Concat KDF\",\n \"kty\": \"EC\",\n \ \ \"use\": \"enc\",\n \"crv\": \"P-256\",\n \ \ \"kid\": \"0870a2b9-1200-42a2-9b12-e2fa89ce3bd0_enc_ecdh-es\"\ ,\n \"x5c\": [\n \"tE24Ofz3eFhtBAIhAINgdWN86TOOEAUXUr2ijmaAPBgn7mGoeg4c7FfyZTxn\"\ \n ],\n \"name\": \"id_token ECDH-ES Encryption\ \ Key\",\n \"x\": \"NBJAtpZ-jWGjaXDFYgt38\",\n \ \ \"y\": \"7n6oS9y5vN2XrTKMKilo\",\n \"exp\"\ : 1666775666429,\n \"alg\": \"ECDH-ES\"\n }\n\ \ ]\n}\n" "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/jwks.write patch: tags: - Configuration – JWK - JSON Web Key (JWK) summary: Patches JSON Web Keys description: Patches JSON Web Keys operationId: patch-config-jwks requestBody: description: JsonPatch object content: application/json-patch+json: schema: type: array items: $ref: '#/components/schemas/JsonPatch' examples: Request json example: description: Request json example value: "[\n\t{ \"op\": \"add\", \"path\": \"/keys/1\", \"value\":{\n\ \ \"descr\": \"Test Key\",\n \"kty\": \"EC\"\ ,\n \"use\": \"enc\",\n \"crv\": \"P-256\"\ ,\n \"kid\": \"1234a2b9-1200-42a2-9b12-e2fa89ce3bd0_enc_ecdh-es\"\ ,\n \"x5c\": [\n \"tE24Ofz3eFhtBAIhAINgdWN86TOOEAUXUr2ijmaAPBgn7mGoeg4c7FfyZTxn\"\ \n ],\n \"name\": \"test-key\",\n \ \ \"x\": \"NBJAtpZ-jWGjaXDFYgt38\",\n \"y\": \"7n6oS9y5vN2XrTKMKilo\"\ ,\n \"exp\": 1666775666429,\n \"alg\": \"\ ECDH-ES\"\n }\n\t}\n] \n" responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/WebKeysConfiguration' examples: Response json example: description: Response json example value: "{\n \"keys\": [\n {\n \"descr\": \"\ Signature Key: RSA RSASSA-PKCS1-v1_5 using SHA-256\",\n \ \ \"kty\": \"RSA\",\n \"e\": \"AQAB\",\n \ \ \"use\": \"sig\",\n \"kid\": \"abc3a91b-dd1b-47b0-b7e7-aaf2ec3b9d5e_sig_rs256\"\ ,\n \"x5c\": [\n \"E3+Z7Ie9FVpDIqeBo/xI8/q7CCDxCHTtiTQjGS5j/XV4VcPt7i9mrQsajbndCAmynVw==\"\ \n ],\n \"name\": \"id_token RS256 Sign\ \ Key\",\n \"exp\": 1666775666429,\n \"\ alg\": \"RS256\",\n \"n\": \"qzu2jRl6UoTnnUJS6zg7ghavupiUQ3Ux4fAH6H7DCXF-cuOgelBjUj_GLPqz5FeOCnQ\"\ \n },\n\t\t{\n \"descr\": \"Encryption Key:\ \ Elliptic Curve Diffie-Hellman Ephemeral Static key agreement\ \ using Concat KDF\",\n \"kty\": \"EC\",\n \ \ \"use\": \"enc\",\n \"crv\": \"P-256\",\n \ \ \"kid\": \"0870a2b9-1200-42a2-9b12-e2fa89ce3bd0_enc_ecdh-es\"\ ,\n \"x5c\": [\n \"tE24Ofz3eFhtBAIhAINgdWN86TOOEAUXUr2ijmaAPBgn7mGoeg4c7FfyZTxn\"\ \n ],\n \"name\": \"id_token ECDH-ES Encryption\ \ Key\",\n \"x\": \"NBJAtpZ-jWGjaXDFYgt38\",\n \ \ \"y\": \"7n6oS9y5vN2XrTKMKilo\",\n \"exp\"\ : 1666775666429,\n \"alg\": \"ECDH-ES\"\n }\n\ \ ]\n}\n" "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/jwks.write /api/v1/config/jwks/key: post: tags: - Configuration – JWK - JSON Web Key (JWK) summary: Configuration – JWK - JSON Web Key (JWK) description: Configuration – JWK - JSON Web Key (JWK) operationId: post-config-jwks-key requestBody: description: JSONWebKey object content: application/json: schema: $ref: '#/components/schemas/JSONWebKey' examples: Request json example: description: Request json example value: | { "kty": "RSA", "e": "AQAB", "use": "sig", "crv": "", "kid": "1230bfb-276a-44aa-a97d-667b57587108_sig_rs256", "x5c": [ "A0GCSqGSIb3DQEBCwUAMCExHzAdBgNVBAMMFm94QXV0aCBDQSBDZXJ0aWZpY2F0ZXMwHhcNMjAwOTA4MTUzMjE3WhcNMjAwOTEwMTUzMjI2WjAhMR8wHQYDVQQDDBZveEF1dGggQ0EgQ2VydGlmaWNhdGVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzj1NEHyGk/ywG25py2s/zVVrRggzRO0jE6VOUvqUzsEJwt1aszQ4onFu6vgtjNwq2ZmEFZbw1Jw7dlz4Xrdj12pQlLVuEhyVaTziQp3LvspqxyACHQb8XSKFdKZaa1eBF8PGN5zDN/d+tIrAZYnQS2gH8BoPIuB3Z9AoCLTzifnPvmOwW/e+/Wags/ApZiEfF2Po0InV5NeJAyoIpaGhlwjqqOWXm/GpCASAk9ZD8Ebnmy9RM71zDCgmvq/hPueKnbNTZdQ3TQdzEuSwxbWEHu16v5MbF7QtNzvFSFlllhgwqI2ccEljDbs18j3DUS2B1VTTAr/DLR3SVyCYbKBbRQIDAQABoycwJTAjBgNVHSUEHDAaBggrBgEFBQcDAQYIKwYBBQUHAwIGBFUdJQAwDQYJKoZIhvcNAQELBQADggEBADaqrfVH1FX0FLp99TG9fHOiOMD12vsIPANb9QbIADineFrSvUI3zIX56PpvMT+EApaLPcIYSwG1YziWT1oGDGkfyinofSRGl4JcC63slChUBfjlBZlXTIlc7CJA7CfzO6BW3SvO0GPF0NStCUD9Ou4oOVaIc3XrPzhIAp71cF9iLFnQUK1hiD9NhQUm5v2Nq+sQdjAxSlqigXnc+rB9+V8snCkr9x9q1cysq1ZyCRT55psa53Irqtc50T2PHA6kyzEVW51+yFaZa8z+WMoofr6ndx2DFI7n5+8jFGs9WoP+/zV8E/XK61iy+EdXVjXQYVcArjEzeIahn8QOd/hUcfo=" ], "exp": 1599751946863, "alg": "RS256", "n": "EFZbw1Jw7dlz4Xrdj12pQlLVuEhyVaTziQp3LvspqxyACHQb8XSKFdKZaa1eBF8PGN5zDN_d-tIrAZYnQS2gH8BoPIuB3Z9AoCLTzifnPvmOwW_e-_Wags_ApZiEfF2Po0InV5NeJAyoIpaGhlwjqqOWXm_GpCASAk9ZD8Ebnmy9RM71zDCgmvq_hPueKnbNTZdQ3TQdzEuSwxbWEHu16v5MbF7QtNzvFSFlllhgwqI2ccEljDbs18j3DUS2B1VTTAr_DLR3SVyCYbKBbRQ" } responses: "201": description: Created content: application/json: schema: $ref: '#/components/schemas/JSONWebKey' examples: Response json example: description: Response json example value: | { "kid": "1230bfb-276a-44aa-a97d-667b57587108_sig_rs256", "kty": "RSA", "use": "sig", "alg": "RS256", "exp": 1599751946863, "x5c": [ "A0GCSqGSIb3DQEBCwUAMCExHzAdBgNVBAMMFm94QXV0aCBDQSBDZXJ0aWZpY2F0ZXMwHhcNMjAwOTA4MTUzMjE3WhcNMjAwOTEwMTUzMjI2WjAhMR8wHQYDVQQDDBZveEF1dGggQ0EgQ2VydGlmaWNhdGVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzj1NEHyGk/ywG25py2s/zVVrRggzRO0jE6VOUvqUzsEJwt1aszQ4onFu6vgtjNwq2ZmEFZbw1Jw7dlz4Xrdj12pQlLVuEhyVaTziQp3LvspqxyACHQb8XSKFdKZaa1eBF8PGN5zDN/d+tIrAZYnQS2gH8BoPIuB3Z9AoCLTzifnPvmOwW/e+/Wags/ApZiEfF2Po0InV5NeJAyoIpaGhlwjqqOWXm/GpCASAk9ZD8Ebnmy9RM71zDCgmvq/hPueKnbNTZdQ3TQdzEuSwxbWEHu16v5MbF7QtNzvFSFlllhgwqI2ccEljDbs18j3DUS2B1VTTAr/DLR3SVyCYbKBbRQIDAQABoycwJTAjBgNVHSUEHDAaBggrBgEFBQcDAQYIKwYBBQUHAwIGBFUdJQAwDQYJKoZIhvcNAQELBQADggEBADaqrfVH1FX0FLp99TG9fHOiOMD12vsIPANb9QbIADineFrSvUI3zIX56PpvMT+EApaLPcIYSwG1YziWT1oGDGkfyinofSRGl4JcC63slChUBfjlBZlXTIlc7CJA7CfzO6BW3SvO0GPF0NStCUD9Ou4oOVaIc3XrPzhIAp71cF9iLFnQUK1hiD9NhQUm5v2Nq+sQdjAxSlqigXnc+rB9+V8snCkr9x9q1cysq1ZyCRT55psa53Irqtc50T2PHA6kyzEVW51+yFaZa8z+WMoofr6ndx2DFI7n5+8jFGs9WoP+/zV8E/XK61iy+EdXVjXQYVcArjEzeIahn8QOd/hUcfo=" ], "n": "EFZbw1Jw7dlz4Xrdj12pQlLVuEhyVaTziQp3LvspqxyACHQb8XSKFdKZaa1eBF8PGN5zDN_d-tIrAZYnQS2gH8BoPIuB3Z9AoCLTzifnPvmOwW_e-_Wags_ApZiEfF2Po0InV5NeJAyoIpaGhlwjqqOWXm_GpCASAk9ZD8Ebnmy9RM71zDCgmvq_hPueKnbNTZdQ3TQdzEuSwxbWEHu16v5MbF7QtNzvFSFlllhgwqI2ccEljDbs18j3DUS2B1VTTAr_DLR3SVyCYbKBbRQ", "e": "AQAB" } "401": description: Unauthorized "406": description: Not Acceptable "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/jwks.write /api/v1/config/database/ldap: get: tags: - Database - LDAP configuration summary: Gets list of existing LDAP configurations. description: Gets list of existing LDAP configurations. operationId: get-config-database-ldap responses: "200": description: Ok content: application/json: schema: type: array items: $ref: '#/components/schemas/GluuLdapConfiguration' examples: Response json example: description: Response json example value: | [ { "configId": "auth_ldap_server", "bindDN": "cn=directory manager", "bindPassword": "password==", "servers": [ "jans.server:1636" ], "maxConnections": 1000, "useSSL": true, "baseDNs": [ "ou=people,o=jans" ], "primaryKey": "uid", "localPrimaryKey": "uid", "useAnonymousBind": false, "enabled": false, "version": 0, "level": 0 } ] "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/database/ldap.readonly put: tags: - Database - LDAP configuration summary: Updates LDAP configuration description: Updates LDAP configuration operationId: put-config-database-ldap requestBody: description: GluuLdapConfiguration object content: application/json: schema: $ref: '#/components/schemas/GluuLdapConfiguration' examples: Request json example: description: Request json example value: | { "configId": "auth_ldap_server", "bindDN": "cn=directory manager", "bindPassword": "axby+nlegh9DhpQ==", "servers": [ "jans.server2:1636" ], "maxConnections": 1000, "useSSL": true, "baseDNs": [ "ou=people,o=jans" ], "primaryKey": "uid", "localPrimaryKey": "uid", "useAnonymousBind": false, "enabled": false, "version": 0, "level": 0 } responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/GluuLdapConfiguration' examples: Response json example: description: Response json example value: | { "configId": "auth_ldap_server", "bindDN": "cn=directory manager", "bindPassword": "axby+nlegh9DhpQ==", "servers": [ "jans.server2:1636" ], "maxConnections": 1000, "useSSL": true, "baseDNs": [ "ou=people,o=jans" ], "primaryKey": "uid", "localPrimaryKey": "uid", "useAnonymousBind": false, "enabled": false, "version": 0, "level": 0 } "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/database/ldap.write post: tags: - Database - LDAP configuration summary: Adds a new LDAP configuration description: Adds a new LDAP configuration operationId: post-config-database-ldap requestBody: description: GluuLdapConfiguration object content: application/json: schema: $ref: '#/components/schemas/GluuLdapConfiguration' examples: Request json example: description: Request json example value: | { "configId": "auth_ldap_server", "bindDN": "cn=directory manager", "bindPassword": "axby+nlegh9DhpQ==", "servers": [ "jans.server2:1636" ], "maxConnections": 1000, "useSSL": true, "baseDNs": [ "ou=people,o=jans" ], "primaryKey": "uid", "localPrimaryKey": "uid", "useAnonymousBind": false, "enabled": false, "version": 0, "level": 0 } responses: "201": description: Created content: application/json: schema: $ref: '#/components/schemas/GluuLdapConfiguration' examples: Response json example: description: Response json example value: | { "configId": "auth_ldap_server", "bindDN": "cn=directory manager", "bindPassword": "axby+nlegh9DhpQ==", "servers": [ "jans.server2:1636" ], "maxConnections": 1000, "useSSL": true, "baseDNs": [ "ou=people,o=jans" ], "primaryKey": "uid", "localPrimaryKey": "uid", "useAnonymousBind": false, "enabled": false, "version": 0, "level": 0 } "401": description: Unauthorized "406": description: Not Acceptable "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/database/ldap.write /api/v1/config/database/ldap/{name}: get: tags: - Database - LDAP configuration summary: Gets an LDAP configuration by name. description: Gets an LDAP configuration by name. operationId: get-config-database-ldap-by-name parameters: - name: name in: path description: Name of LDAP configuration required: true schema: type: string responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/GluuLdapConfiguration' examples: Response json example: description: Response json example value: | { "configId": "auth_ldap_server", "bindDN": "cn=directory manager", "bindPassword": "axby+nlegh9DhpQ==", "servers": [ "jans.server2:1636" ], "maxConnections": 1000, "useSSL": true, "baseDNs": [ "ou=people,o=jans" ], "primaryKey": "uid", "localPrimaryKey": "uid", "useAnonymousBind": false, "enabled": false, "version": 0, "level": 0 } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/database/ldap.readonly delete: tags: - Database - LDAP configuration summary: Deletes an LDAP configuration description: Deletes an LDAP configuration operationId: delete-config-database-ldap-by-name parameters: - name: name in: path required: true schema: type: string responses: "204": description: No Content content: application/json: schema: $ref: '#/components/schemas/GluuLdapConfiguration' "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/database/ldap.delete patch: tags: - Database - LDAP configuration summary: Patches a LDAP configuration by name description: Patches a LDAP configuration by name operationId: patch-config-database-ldap-by-name parameters: - name: name in: path description: Name of LDAP configuration required: true schema: type: string requestBody: description: JsonPatch object content: application/json-patch+json: schema: type: array items: $ref: '#/components/schemas/JsonPatch' examples: Request json example: description: Request json example value: example/auth/database/ldap/ldap-patch responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/GluuLdapConfiguration' examples: Response json example: description: Response json example value: | { "configId": "auth_ldap_server", "bindDN": "cn=directory manager", "bindPassword": "axby+nlegh9DhpQ==", "servers": [ "jans.server2:1636" ], "maxConnections": 1000, "useSSL": true, "baseDNs": [ "ou=people,o=jans" ], "primaryKey": "uid", "localPrimaryKey": "uid", "useAnonymousBind": false, "enabled": false, "version": 0, "level": 0 } "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/database/ldap.write /api/v1/config/database/ldap/test: post: tags: - Database - LDAP configuration summary: Tests an LDAP configuration description: Tests an LDAP configuration operationId: post-config-database-ldap-test requestBody: description: GluuLdapConfiguration object content: application/json: schema: $ref: '#/components/schemas/GluuLdapConfiguration' examples: Request json example: description: Request json example value: "[{ \"op\": \"replace\", \"path\": \"/maxConnections\", \"\ value\":800}] \n" responses: "200": description: Ok content: application/json: schema: type: boolean description: boolean value true if successful "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/database/ldap.readonly /api/v1/logging: get: tags: - Configuration – Logging summary: Returns Jans Authorization Server logging settings description: Returns Jans Authorization Server logging settings operationId: get-config-logging responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/Logging' examples: Response json example: description: Response json example value: | { "loggingLevel": "TRACE", "loggingLayout": "text", "httpLoggingEnabled": false, "disableJdkLogger": true, "enabledOAuthAuditLogging": false } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/logging.readonly put: tags: - Configuration – Logging summary: Updates Jans Authorization Server logging settings description: Updates Jans Authorization Server logging settings operationId: put-config-logging requestBody: description: Logging object content: application/json: schema: $ref: '#/components/schemas/Logging' examples: Request json example: description: Request json example value: | { "loggingLevel": "TRACE", "loggingLayout": "text", "httpLoggingEnabled": false, "disableJdkLogger": true, "enabledOAuthAuditLogging": false } responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/Logging' examples: Response json example: description: Response json example value: | { "loggingLevel": "TRACE", "loggingLayout": "text", "httpLoggingEnabled": false, "disableJdkLogger": true, "enabledOAuthAuditLogging": false } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/logging.write /api/v1/config/message: get: tags: - Message Configuration summary: Returns message configuration. description: Returns message configuration. operationId: get-config-message responses: "200": description: Message configuration details content: application/json: schema: $ref: '#/components/schemas/MessageConfiguration' examples: Response json example: description: Response json example value: "" "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/message.readonly patch: tags: - Message Configuration summary: Patch message configuration. description: Patch message configuration operationId: patch-config-message requestBody: description: String representing patch-document. content: application/json-patch+json: schema: type: array items: $ref: '#/components/schemas/JsonPatch' examples: Request json example: description: Request json example value: "" responses: "200": description: Message configuration details content: application/json: schema: $ref: '#/components/schemas/MessageConfiguration' examples: Response json example: description: Response json example value: "" "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/message.write /api/v1/config/message/postgres: get: tags: - Message Configuration – Postgres summary: Returns Postgres message configuration. description: Returns Postgres message configuration. operationId: get-config-message-postgres responses: "200": description: Native persistence configuration details content: application/json: schema: $ref: '#/components/schemas/PostgresMessageConfiguration' examples: Response json example: description: Response json example value: "" "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/message.readonly put: tags: - Message Configuration – Postgres summary: Updates Postgres message configuration. description: Updates Postgres message configuration operationId: put-config-message-postgres requestBody: description: PostgresMessageConfiguration object content: application/json: schema: $ref: '#/components/schemas/PostgresMessageConfiguration' examples: Request json example: description: Request json example value: "" responses: "200": description: Native persistence message configuration details content: application/json: schema: $ref: '#/components/schemas/PostgresMessageConfiguration' examples: Response json example: description: Response json example value: "" "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/message.write patch: tags: - Message Configuration – Postgres summary: Patch Postgres message configuration. description: Patch Postgres message configuration operationId: patch-config-message-postgres requestBody: description: String representing patch-document. content: application/json-patch+json: schema: type: array items: $ref: '#/components/schemas/JsonPatch' examples: Request json example: description: Request json example value: "" responses: "200": description: Native persistence message configuration details content: application/json: schema: $ref: '#/components/schemas/PostgresMessageConfiguration' examples: Response json example: description: Response json example value: "" "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/message.write /api/v1/config/message/redis: get: tags: - Message Configuration – Redis summary: Returns Redis message configuration. description: Returns Redis message configuration operationId: get-config-message-redis responses: "200": description: Redis message configuration details content: application/json: schema: $ref: '#/components/schemas/RedisMessageConfiguration' examples: Response json example: description: Response json example value: "" "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/message.readonly put: tags: - Message Configuration – Redis summary: Updates Redis message configuration. description: Updates Redis message configuration operationId: put-config-message-redis requestBody: description: RedisMessageConfiguration object content: application/json: schema: $ref: '#/components/schemas/RedisMessageConfiguration' examples: Request json example: description: Request json example value: "" responses: "200": description: Redis message configuration details content: application/json: schema: $ref: '#/components/schemas/RedisMessageConfiguration' examples: Response json example: description: Response json example value: "" "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/message.write patch: tags: - Message Configuration – Redis summary: Patch Redis message configuration. description: Patch Redis message configuration operationId: patch-config-message-redis requestBody: description: String representing patch-document. content: application/json-patch+json: schema: type: array items: $ref: '#/components/schemas/JsonPatch' examples: Request json example: description: Request json example value: "" responses: "200": description: Redis message configuration details content: application/json: schema: $ref: '#/components/schemas/RedisMessageConfiguration' examples: Response json example: description: Response json example value: "" "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/message.write /api/v1/org: get: tags: - Organization Configuration summary: Retrieves organization configuration description: Retrieves organization configuration operationId: get-organization-config responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/GluuOrganization' examples: Response json example: description: Response json example value: | { "dn": "o=jans", "displayName": "Jans Server", "description": "Welcome to oxTrust!", "organization": "jans", "managerGroup": "inum=60B7,ou=groups,o=jans", "themeColor": "166309", "shortName": "Jans Server", "organizationTitle": "Gluu", "baseDn": "o=jans" } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/organization.readonly patch: tags: - Organization Configuration summary: Patch organization configuration description: Patch organization configuration operationId: patch-organization-config requestBody: description: String representing JsonPatch request. content: application/json-patch+json: schema: type: array items: $ref: '#/components/schemas/JsonPatch' examples: Request json example: description: Request json example value: "[\n { \"op\": \"add\", \"path\": \"/customMessages\", \"\ value\": [\"customMessages1\",\"customMessages2\"] },\n { \"\ op\": \"add\", \"path\": \"/jsFaviconPath\", \"value\": \"/opt/jans/jetty/jans-auth/custom/static\"\ \ }\n] \n" responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/GluuOrganization' examples: Response json example: description: Response json example value: | { "dn": "o=jans", "displayName": "Jans Server", "description": "Welcome to oxTrust!", "organization": "jans", "managerGroup": "inum=60B7,ou=groups,o=jans", "themeColor": "166309", "shortName": "Jans Server", "customMessages": [ "customMessages1", "customMessages2" ], "jsFaviconPath": "/opt/jans/jetty/jans-auth/custom/static", "organizationTitle": "Gluu", "baseDn": "o=jans" } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/organization.write /api/v1/plugin: get: tags: - Plugins summary: Gets list of Plugins description: Gets list of Plugins operationId: get-plugins responses: "200": description: Ok content: application/json: schema: type: array items: $ref: '#/components/schemas/PluginConf' examples: Response example: description: Response example value: | [ { "name": "fido2", "description": "fido2 plugin" }, { "name": "scim", "description": "scim plugin" }, { "name": "user-management", "description": "user-management plugin" } ] "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/plugin.readonly /api/v1/plugin/{pluginName}: get: tags: - Plugins summary: Get plugin by name description: Get plugin by name operationId: get-plugin-by-name parameters: - name: pluginName in: path description: Plugin name required: true schema: type: string responses: "200": description: Ok content: application/json: schema: type: boolean "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/plugin.readonly /api/v1/scopes: get: tags: - OAuth - Scopes summary: Gets list of Scopes description: Gets list of Scopes operationId: get-oauth-scopes parameters: - name: type in: query description: Scope type schema: type: string default: "" - name: limit in: query description: Search size - max size of the results to return schema: type: integer format: int32 default: 50 - name: pattern in: query description: Search pattern schema: type: string default: "" - name: startIndex in: query description: The 1-based index of the first query result schema: type: integer format: int32 default: 0 - name: sortBy in: query description: Attribute whose value will be used to order the returned response schema: type: string default: inum - name: sortOrder in: query description: Order in which the sortBy param is applied. Allowed values are "ascending" and "descending" schema: type: string default: ascending - name: withAssociatedClients in: query description: Boolean fag to indicate if clients associated with the scope are to be returned schema: type: boolean default: false - name: fieldValuePair in: query description: Field and value pair for seraching schema: type: string default: "" examples: Field value example: description: Field value example value: "scopeType=spontaneous,defaultScope=true" responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/PagedResult' examples: Response json example: description: Response json example value: | { "start": 0, "totalEntriesCount": 79, "entriesCount": 2, "entries": [ { "dn": "inum=F0C4,ou=scopes,o=jans", "inum": "F0C4", "displayName": "authenticate_openid_connect", "id": "openid", "description": "Authenticate using OpenID Connect.", "scopeType": "openid", "defaultScope": true, "attributes": { "showInConfigurationEndpoint": true }, "creationDate": "2022-10-27T20:51:17", "umaType": false, "baseDn": "inum=F0C4,ou=scopes,o=jans" }, { "dn": "inum=43F1,ou=scopes,o=jans", "inum": "43F1", "displayName": "view_profile", "id": "profile", "description": "View your basic profile info.", "scopeType": "openid", "claims": [ "inum=2B29,ou=attributes,o=jans", "inum=0C85,ou=attributes,o=jans", "inum=B4B0,ou=attributes,o=jans", "inum=A0E8,ou=attributes,o=jans", "inum=5EC6,ou=attributes,o=jans", "inum=B52A,ou=attributes,o=jans", "inum=64A0,ou=attributes,o=jans", "inum=EC3A,ou=attributes,o=jans", "inum=3B47,ou=attributes,o=jans", "inum=3692,ou=attributes,o=jans", "inum=98FC,ou=attributes,o=jans", "inum=A901,ou=attributes,o=jans", "inum=36D9,ou=attributes,o=jans", "inum=BE64,ou=attributes,o=jans", "inum=6493,ou=attributes,o=jans", "inum=4CF1,ou=attributes,o=jans", "inum=29DA,ou=attributes,o=jans" ], "defaultScope": true, "attributes": { "showInConfigurationEndpoint": true }, "creationDate": "2022-10-27T20:51:17", "umaType": false, "baseDn": "inum=43F1,ou=scopes,o=jans" } ] } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/scopes.readonly put: tags: - OAuth - Scopes summary: Update Scope description: Update Scope operationId: put-oauth-scopes requestBody: description: Scope object content: application/json: schema: $ref: '#/components/schemas/Scope' examples: Request json example: description: Request json example value: | { "dn": "inum=9c4c6027-86b8-4afc-a68f-6b50579e6d21,ou=scopes,o=jans", "inum": "9c4c6027-86b8-4afc-a68f-6b50579e6d21", "displayName": "Test Display Scope 5", "id": "Scope5", "iconUrl": "http://google.com", "description": "TEST Description for Scope 5", "scopeType": "spontaneous", "defaultScope": false, "umaAuthorizationPolicies": [ "inum=2DAF-F9A5,ou=scripts,o=jans", "inum=2DAF-F995,ou=scripts,o=jans" ], "attributes": { "showInConfigurationEndpoint": true }, "creatorId": "2000.99b53b02-dfa1-42cd-aaef-b940d58bb03f", "creatorType": "user", "creationDate": "2022-10-27T21:09:45", "umaType": false, "baseDn": "inum=9c4c6027-86b8-4afc-a68f-6b50579e6d21,ou=scopes,o=jans" } responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/Scope' examples: Response json example: description: Response json example value: | { "dn": "inum=9c4c6027-86b8-4afc-a68f-6b50579e6d21,ou=scopes,o=jans", "inum": "9c4c6027-86b8-4afc-a68f-6b50579e6d21", "displayName": "Test Display Scope 5", "id": "Scope5", "iconUrl": "http://google.com", "description": "TEST Description for Scope 5", "scopeType": "spontaneous", "defaultScope": false, "umaAuthorizationPolicies": [ "inum=2DAF-F9A5,ou=scripts,o=jans", "inum=2DAF-F995,ou=scripts,o=jans" ], "attributes": { "showInConfigurationEndpoint": true }, "creatorId": "2000.99b53b02-dfa1-42cd-aaef-b940d58bb03f", "creatorType": "user", "creationDate": "2022-10-27T21:09:45", "umaType": false, "baseDn": "inum=9c4c6027-86b8-4afc-a68f-6b50579e6d21,ou=scopes,o=jans" } "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/scopes.write post: tags: - OAuth - Scopes summary: Create Scope description: Create Scope operationId: post-oauth-scopes requestBody: description: Scope object content: application/json: schema: $ref: '#/components/schemas/Scope' examples: Request json example: description: Request json example value: | { "claims": [], "dynamicScopeScripts": [], "defaultScope": false, "attributes": { "spontaneousClientScopes": [], "showInConfigurationEndpoint": true }, "id": "Scope5", "displayName": "Test Display Scope 5", "description": "TEST Description for Scope 5", "scopeType": "spontaneous", "iconUrl": "http://google.com", "umaAuthorizationPolicies": [ "inum=2DAF-F9A5,ou=scripts,o=jans", "inum=2DAF-F995,ou=scripts,o=jans" ], "creatorType": "user", "creatorId": "2000.99b53b02-dfa1-42cd-aaef-b940d58bb03f" } responses: "201": description: Created content: application/json: schema: $ref: '#/components/schemas/Scope' examples: Response json example: description: Response json example value: | { "dn": "inum=9c4c6027-86b8-4afc-a68f-6b50579e6d21,ou=scopes,o=jans", "inum": "9c4c6027-86b8-4afc-a68f-6b50579e6d21", "displayName": "Test Display Scope 5", "id": "Scope5", "iconUrl": "http://google.com", "description": "TEST Description for Scope 5", "scopeType": "spontaneous", "defaultScope": false, "umaAuthorizationPolicies": [ "inum=2DAF-F9A5,ou=scripts,o=jans", "inum=2DAF-F995,ou=scripts,o=jans" ], "attributes": { "showInConfigurationEndpoint": true }, "creatorId": "2000.99b53b02-dfa1-42cd-aaef-b940d58bb03f", "creatorType": "user", "creationDate": "2022-10-27T21:09:45", "umaType": false, "baseDn": "inum=9c4c6027-86b8-4afc-a68f-6b50579e6d21,ou=scopes,o=jans" } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/scopes.write /api/v1/scopes/{inum}: get: tags: - OAuth - Scopes summary: Get Scope by Inum description: Get Scope by Inum operationId: get-oauth-scopes-by-inum parameters: - name: inum in: path description: Scope identifier required: true schema: type: string - name: withAssociatedClients in: query schema: type: boolean default: false responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/CustomScope' examples: Response json example: description: Response json example value: | { "dn": "inum=764C,ou=scopes,o=jans", "inum": "764C", "displayName": "view_email_address", "id": "email", "description": "View your email address.", "scopeType": "openid", "claims": [ "inum=8F88,ou=attributes,o=jans", "inum=CAE3,ou=attributes,o=jans" ], "defaultScope": true, "attributes": { "showInConfigurationEndpoint": true }, "creationDate": "2022-10-27T20:58:29", "clients": [ { "dn": "inum=2000.7810d591-69d3-458c-9309-4268085fe71c,ou=clients,o=jans", "deletable": false, "clientSecret": "ec0mQbx1udmSEs6flUXquA==", "frontChannelLogoutUri": "http://localhost:4100/logout", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://jans.server2/admin", "http://localhost:4100" ], "responseTypes": [ "code" ], "grantTypes": [ "authorization_code", "refresh_token", "client_credentials", "urn:ietf:params:oauth:grant-type:device_code" ], "applicationType": "web", "clientName": { "values": { "": "Jans Role Based Client" }, "value": "Jans Role Based Client", "languageTags": [ "" ] }, "logoUri": {}, "clientUri": {}, "policyUri": {}, "tosUri": {}, "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "userInfoSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "postLogoutRedirectUris": [ "http://localhost:4100", "https://jans.server2/admin" ], "scopes": [ "inum=C4F7,ou=scopes,o=jans", "inum=C4F6,ou=scopes,o=jans", "inum=43F1,ou=scopes,o=jans", "inum=764C,ou=scopes,o=jans", "inum=F0C4,ou=scopes,o=jans" ], "trustedClient": false, "persistClientAuthorizations": true, "includeClaimsInIdToken": false, "accessTokenLifetime": 2592000, "customAttributes": [ { "name": "displayName", "multiValued": false, "values": [ "Jans Role Based Client" ], "value": "Jans Role Based Client", "displayValue": "Jans Role Based Client" } ], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": true, "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": true, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "introspectionScripts": [ "inum=A44E-4F3D,ou=scripts,o=jans" ], "parLifetime": 600, "requirePar": false, "jansDefaultPromptLogin": false }, "tokenBindingSupported": false, "authenticationMethod": "client_secret_basic", "displayName": "Jans Role Based Client", "baseDn": "inum=2000.7810d591-69d3-458c-9309-4268085fe71c,ou=clients,o=jans", "inum": "2000.7810d591-69d3-458c-9309-4268085fe71c" }, { "dn": "inum=FF81-2D39,ou=clients,o=jans", "clientSecret": "n7/ZG1jOL6RMR/USOmTAsg==", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://jans.server2/jans-auth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "claimRedirectUris": [ "https://jans.server2/jans-auth/restv1/uma/gather_claims" ], "responseTypes": [ "token", "code", "id_token" ], "grantTypes": [ "authorization_code", "implicit", "refresh_token", "client_credentials" ], "applicationType": "web", "clientName": { "values": { "": "Jans Test Client (don't remove)" }, "value": "Jans Test Client (don't remove)", "languageTags": [ "" ] }, "logoUri": {}, "clientUri": {}, "policyUri": {}, "tosUri": {}, "subjectType": "public", "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ "inum=F0C4,ou=scopes,o=jans", "inum=10B2,ou=scopes,o=jans", "inum=764C,ou=scopes,o=jans", "inum=43F1,ou=scopes,o=jans", "inum=341A,ou=scopes,o=jans", "inum=6D99,ou=scopes,o=jans" ], "trustedClient": true, "persistClientAuthorizations": false, "includeClaimsInIdToken": false, "customAttributes": [ { "name": "displayName", "multiValued": false, "values": [ "Jans Test Client (don't remove)" ], "value": "Jans Test Client (don't remove)", "displayValue": "Jans Test Client (don't remove)" } ], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "jansDefaultPromptLogin": false }, "tokenBindingSupported": false, "authenticationMethod": "client_secret_basic", "displayName": "Jans Test Client (don't remove)", "baseDn": "inum=FF81-2D39,ou=clients,o=jans", "inum": "FF81-2D39" }, { "dn": "inum=b3c1d295-42e5-425e-b021-7b2fd3206437,ou=clients,o=jans", "deletable": false, "clientSecret": "5LIyGKo7kTLfWxBi0wSVAbxpB98Q70/Fr2NWMHnpEOiWHLFAQXwqNQ==", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://abc,com" ], "responseTypes": [ "code" ], "grantTypes": [ "refresh_token", "authorization_code" ], "applicationType": "web", "clientName": { "values": { "": "test1234" }, "value": "test1234", "languageTags": [ "" ] }, "logoUri": {}, "clientUri": {}, "policyUri": {}, "tosUri": {}, "subjectType": "public", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ "inum=764C,ou=scopes,o=jans", "inum=43F1,ou=scopes,o=jans", "inum=C17A,ou=scopes,o=jans" ], "trustedClient": false, "persistClientAuthorizations": false, "includeClaimsInIdToken": false, "customAttributes": [ { "name": "displayName", "multiValued": false, "values": [ "test1234" ], "value": "test1234", "displayValue": "test1234" } ], "customObjectClasses": [ "top", "jansClntCustomAttributes" ], "rptAsJwt": false, "accessTokenAsJwt": false, "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "jansDefaultPromptLogin": false }, "backchannelUserCodeParameter": false, "description": "test1234", "tokenBindingSupported": false, "authenticationMethod": "client_secret_basic", "displayName": "test1234", "baseDn": "inum=b3c1d295-42e5-425e-b021-7b2fd3206437,ou=clients,o=jans", "inum": "b3c1d295-42e5-425e-b021-7b2fd3206437" }, { "dn": "inum=1bb91a73-6899-440f-ac27-c04429671522,ou=clients,o=jans", "deletable": false, "clientSecret": "Xi1+z0Ey8UDbtxsRYL3HAeneTCIEndWVeWEzS4dB2Is0iyupSjXr1w==", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://abc,com" ], "responseTypes": [ "code" ], "grantTypes": [ "refresh_token", "authorization_code" ], "applicationType": "web", "clientName": { "values": { "": "test12345" }, "value": "test12345", "languageTags": [ "" ] }, "logoUri": {}, "clientUri": {}, "policyUri": {}, "tosUri": {}, "subjectType": "public", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ "inum=764C,ou=scopes,o=jans", "inum=43F1,ou=scopes,o=jans", "inum=C17A,ou=scopes,o=jans" ], "trustedClient": false, "persistClientAuthorizations": false, "includeClaimsInIdToken": false, "customAttributes": [ { "name": "displayName", "multiValued": false, "values": [ "test12345" ], "value": "test12345", "displayValue": "test12345" } ], "customObjectClasses": [ "top", "jansClntCustomAttributes" ], "rptAsJwt": false, "accessTokenAsJwt": false, "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "jansDefaultPromptLogin": false }, "backchannelUserCodeParameter": false, "description": "test12345", "tokenBindingSupported": false, "authenticationMethod": "client_secret_basic", "displayName": "test12345", "baseDn": "inum=1bb91a73-6899-440f-ac27-c04429671522,ou=clients,o=jans", "inum": "1bb91a73-6899-440f-ac27-c04429671522" } ], "umaType": false, "baseDn": "inum=764C,ou=scopes,o=jans" } "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/scopes.readonly delete: tags: - OAuth - Scopes summary: Delete Scope description: Delete Scope operationId: delete-oauth-scopes-by-inum parameters: - name: inum in: path description: Scope identifier required: true schema: type: string responses: "204": description: No Content "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/scopes.delete patch: tags: - OAuth - Scopes summary: Patch Scope description: Patch Scope operationId: patch-oauth-scopes-by-id parameters: - name: inum in: path description: Scope identifier required: true schema: type: string requestBody: description: String representing patch-document. content: application/json-patch+json: schema: type: array items: $ref: '#/components/schemas/JsonPatch' examples: Request json example: description: Request json example value: |2 [{ "op": "replace", "path": "/umaAuthorizationPolicies", "value": ["inum=2DAF-F995,ou=scripts,o=jans"] }] responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/Scope' examples: Response json example: description: Response json example value: | { "dn": "inum=9c4c6027-86b8-4afc-a68f-6b50579e6d21,ou=scopes,o=jans", "inum": "9c4c6027-86b8-4afc-a68f-6b50579e6d21", "displayName": "Test Display Scope 5", "id": "Scope5", "iconUrl": "http://google.com", "description": "TEST Description for Scope 5", "scopeType": "spontaneous", "defaultScope": false, "umaAuthorizationPolicies": [ "inum=2DAF-F9A5,ou=scripts,o=jans", "inum=2DAF-F995,ou=scripts,o=jans" ], "attributes": { "showInConfigurationEndpoint": true }, "creatorId": "2000.99b53b02-dfa1-42cd-aaef-b940d58bb03f", "creatorType": "user", "creationDate": "2022-10-27T21:09:45", "umaType": false, "baseDn": "inum=9c4c6027-86b8-4afc-a68f-6b50579e6d21,ou=scopes,o=jans" } "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/scopes.write /api/v1/scopes/creator/{creatorId}: get: tags: - OAuth - Scopes summary: Get Scope by creatorId description: Get Scope by creatorId operationId: get-scope-by-creator parameters: - name: creatorId in: path description: Id of the scope creator. If creator is client then client_id if user then user_id required: true schema: type: string responses: "200": description: Ok content: application/json: schema: type: array items: $ref: '#/components/schemas/CustomScope' examples: Response json example: description: Response json example value: | { "dn": "inum=764C,ou=scopes,o=jans", "inum": "764C", "displayName": "view_email_address", "id": "email", "description": "View your email address.", "scopeType": "openid", "claims": [ "inum=8F88,ou=attributes,o=jans", "inum=CAE3,ou=attributes,o=jans" ], "defaultScope": true, "attributes": { "showInConfigurationEndpoint": true }, "creationDate": "2022-10-27T20:58:29", "clients": [ { "dn": "inum=2000.7810d591-69d3-458c-9309-4268085fe71c,ou=clients,o=jans", "deletable": false, "clientSecret": "ec0mQbx1udmSEs6flUXquA==", "frontChannelLogoutUri": "http://localhost:4100/logout", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://jans.server2/admin", "http://localhost:4100" ], "responseTypes": [ "code" ], "grantTypes": [ "authorization_code", "refresh_token", "client_credentials", "urn:ietf:params:oauth:grant-type:device_code" ], "applicationType": "web", "clientName": { "values": { "": "Jans Role Based Client" }, "value": "Jans Role Based Client", "languageTags": [ "" ] }, "logoUri": {}, "clientUri": {}, "policyUri": {}, "tosUri": {}, "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "userInfoSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "postLogoutRedirectUris": [ "http://localhost:4100", "https://jans.server2/admin" ], "scopes": [ "inum=C4F7,ou=scopes,o=jans", "inum=C4F6,ou=scopes,o=jans", "inum=43F1,ou=scopes,o=jans", "inum=764C,ou=scopes,o=jans", "inum=F0C4,ou=scopes,o=jans" ], "trustedClient": false, "persistClientAuthorizations": true, "includeClaimsInIdToken": false, "accessTokenLifetime": 2592000, "customAttributes": [ { "name": "displayName", "multiValued": false, "values": [ "Jans Role Based Client" ], "value": "Jans Role Based Client", "displayValue": "Jans Role Based Client" } ], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": true, "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": true, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "introspectionScripts": [ "inum=A44E-4F3D,ou=scripts,o=jans" ], "parLifetime": 600, "requirePar": false, "jansDefaultPromptLogin": false }, "tokenBindingSupported": false, "authenticationMethod": "client_secret_basic", "displayName": "Jans Role Based Client", "baseDn": "inum=2000.7810d591-69d3-458c-9309-4268085fe71c,ou=clients,o=jans", "inum": "2000.7810d591-69d3-458c-9309-4268085fe71c" }, { "dn": "inum=FF81-2D39,ou=clients,o=jans", "clientSecret": "n7/ZG1jOL6RMR/USOmTAsg==", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://jans.server2/jans-auth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "claimRedirectUris": [ "https://jans.server2/jans-auth/restv1/uma/gather_claims" ], "responseTypes": [ "token", "code", "id_token" ], "grantTypes": [ "authorization_code", "implicit", "refresh_token", "client_credentials" ], "applicationType": "web", "clientName": { "values": { "": "Jans Test Client (don't remove)" }, "value": "Jans Test Client (don't remove)", "languageTags": [ "" ] }, "logoUri": {}, "clientUri": {}, "policyUri": {}, "tosUri": {}, "subjectType": "public", "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ "inum=F0C4,ou=scopes,o=jans", "inum=10B2,ou=scopes,o=jans", "inum=764C,ou=scopes,o=jans", "inum=43F1,ou=scopes,o=jans", "inum=341A,ou=scopes,o=jans", "inum=6D99,ou=scopes,o=jans" ], "trustedClient": true, "persistClientAuthorizations": false, "includeClaimsInIdToken": false, "customAttributes": [ { "name": "displayName", "multiValued": false, "values": [ "Jans Test Client (don't remove)" ], "value": "Jans Test Client (don't remove)", "displayValue": "Jans Test Client (don't remove)" } ], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "jansDefaultPromptLogin": false }, "tokenBindingSupported": false, "authenticationMethod": "client_secret_basic", "displayName": "Jans Test Client (don't remove)", "baseDn": "inum=FF81-2D39,ou=clients,o=jans", "inum": "FF81-2D39" }, { "dn": "inum=b3c1d295-42e5-425e-b021-7b2fd3206437,ou=clients,o=jans", "deletable": false, "clientSecret": "5LIyGKo7kTLfWxBi0wSVAbxpB98Q70/Fr2NWMHnpEOiWHLFAQXwqNQ==", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://abc,com" ], "responseTypes": [ "code" ], "grantTypes": [ "refresh_token", "authorization_code" ], "applicationType": "web", "clientName": { "values": { "": "test1234" }, "value": "test1234", "languageTags": [ "" ] }, "logoUri": {}, "clientUri": {}, "policyUri": {}, "tosUri": {}, "subjectType": "public", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ "inum=764C,ou=scopes,o=jans", "inum=43F1,ou=scopes,o=jans", "inum=C17A,ou=scopes,o=jans" ], "trustedClient": false, "persistClientAuthorizations": false, "includeClaimsInIdToken": false, "customAttributes": [ { "name": "displayName", "multiValued": false, "values": [ "test1234" ], "value": "test1234", "displayValue": "test1234" } ], "customObjectClasses": [ "top", "jansClntCustomAttributes" ], "rptAsJwt": false, "accessTokenAsJwt": false, "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "jansDefaultPromptLogin": false }, "backchannelUserCodeParameter": false, "description": "test1234", "tokenBindingSupported": false, "authenticationMethod": "client_secret_basic", "displayName": "test1234", "baseDn": "inum=b3c1d295-42e5-425e-b021-7b2fd3206437,ou=clients,o=jans", "inum": "b3c1d295-42e5-425e-b021-7b2fd3206437" }, { "dn": "inum=1bb91a73-6899-440f-ac27-c04429671522,ou=clients,o=jans", "deletable": false, "clientSecret": "Xi1+z0Ey8UDbtxsRYL3HAeneTCIEndWVeWEzS4dB2Is0iyupSjXr1w==", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://abc,com" ], "responseTypes": [ "code" ], "grantTypes": [ "refresh_token", "authorization_code" ], "applicationType": "web", "clientName": { "values": { "": "test12345" }, "value": "test12345", "languageTags": [ "" ] }, "logoUri": {}, "clientUri": {}, "policyUri": {}, "tosUri": {}, "subjectType": "public", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ "inum=764C,ou=scopes,o=jans", "inum=43F1,ou=scopes,o=jans", "inum=C17A,ou=scopes,o=jans" ], "trustedClient": false, "persistClientAuthorizations": false, "includeClaimsInIdToken": false, "customAttributes": [ { "name": "displayName", "multiValued": false, "values": [ "test12345" ], "value": "test12345", "displayValue": "test12345" } ], "customObjectClasses": [ "top", "jansClntCustomAttributes" ], "rptAsJwt": false, "accessTokenAsJwt": false, "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "jansDefaultPromptLogin": false }, "backchannelUserCodeParameter": false, "description": "test12345", "tokenBindingSupported": false, "authenticationMethod": "client_secret_basic", "displayName": "test12345", "baseDn": "inum=1bb91a73-6899-440f-ac27-c04429671522,ou=clients,o=jans", "inum": "1bb91a73-6899-440f-ac27-c04429671522" } ], "umaType": false, "baseDn": "inum=764C,ou=scopes,o=jans" } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/scopes.readonly /api/v1/scopes/type/{type}: get: tags: - OAuth - Scopes summary: Get Scope by type description: Get Scope by type operationId: get-scope-by-type parameters: - name: type in: path description: Type of the scope required: true schema: type: string responses: "200": description: Ok content: application/json: schema: type: array items: $ref: '#/components/schemas/CustomScope' examples: Response json example: description: Response json example value: | { "dn": "inum=764C,ou=scopes,o=jans", "inum": "764C", "displayName": "view_email_address", "id": "email", "description": "View your email address.", "scopeType": "openid", "claims": [ "inum=8F88,ou=attributes,o=jans", "inum=CAE3,ou=attributes,o=jans" ], "defaultScope": true, "attributes": { "showInConfigurationEndpoint": true }, "creationDate": "2022-10-27T20:58:29", "clients": [ { "dn": "inum=2000.7810d591-69d3-458c-9309-4268085fe71c,ou=clients,o=jans", "deletable": false, "clientSecret": "ec0mQbx1udmSEs6flUXquA==", "frontChannelLogoutUri": "http://localhost:4100/logout", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://jans.server2/admin", "http://localhost:4100" ], "responseTypes": [ "code" ], "grantTypes": [ "authorization_code", "refresh_token", "client_credentials", "urn:ietf:params:oauth:grant-type:device_code" ], "applicationType": "web", "clientName": { "values": { "": "Jans Role Based Client" }, "value": "Jans Role Based Client", "languageTags": [ "" ] }, "logoUri": {}, "clientUri": {}, "policyUri": {}, "tosUri": {}, "subjectType": "pairwise", "idTokenSignedResponseAlg": "RS256", "userInfoSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "postLogoutRedirectUris": [ "http://localhost:4100", "https://jans.server2/admin" ], "scopes": [ "inum=C4F7,ou=scopes,o=jans", "inum=C4F6,ou=scopes,o=jans", "inum=43F1,ou=scopes,o=jans", "inum=764C,ou=scopes,o=jans", "inum=F0C4,ou=scopes,o=jans" ], "trustedClient": false, "persistClientAuthorizations": true, "includeClaimsInIdToken": false, "accessTokenLifetime": 2592000, "customAttributes": [ { "name": "displayName", "multiValued": false, "values": [ "Jans Role Based Client" ], "value": "Jans Role Based Client", "displayValue": "Jans Role Based Client" } ], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": true, "accessTokenSigningAlg": "RS256", "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": true, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "introspectionScripts": [ "inum=A44E-4F3D,ou=scripts,o=jans" ], "parLifetime": 600, "requirePar": false, "jansDefaultPromptLogin": false }, "tokenBindingSupported": false, "authenticationMethod": "client_secret_basic", "displayName": "Jans Role Based Client", "baseDn": "inum=2000.7810d591-69d3-458c-9309-4268085fe71c,ou=clients,o=jans", "inum": "2000.7810d591-69d3-458c-9309-4268085fe71c" }, { "dn": "inum=FF81-2D39,ou=clients,o=jans", "clientSecret": "n7/ZG1jOL6RMR/USOmTAsg==", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://jans.server2/jans-auth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "claimRedirectUris": [ "https://jans.server2/jans-auth/restv1/uma/gather_claims" ], "responseTypes": [ "token", "code", "id_token" ], "grantTypes": [ "authorization_code", "implicit", "refresh_token", "client_credentials" ], "applicationType": "web", "clientName": { "values": { "": "Jans Test Client (don't remove)" }, "value": "Jans Test Client (don't remove)", "languageTags": [ "" ] }, "logoUri": {}, "clientUri": {}, "policyUri": {}, "tosUri": {}, "subjectType": "public", "idTokenSignedResponseAlg": "RS256", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ "inum=F0C4,ou=scopes,o=jans", "inum=10B2,ou=scopes,o=jans", "inum=764C,ou=scopes,o=jans", "inum=43F1,ou=scopes,o=jans", "inum=341A,ou=scopes,o=jans", "inum=6D99,ou=scopes,o=jans" ], "trustedClient": true, "persistClientAuthorizations": false, "includeClaimsInIdToken": false, "customAttributes": [ { "name": "displayName", "multiValued": false, "values": [ "Jans Test Client (don't remove)" ], "value": "Jans Test Client (don't remove)", "displayValue": "Jans Test Client (don't remove)" } ], "customObjectClasses": [ "top" ], "rptAsJwt": false, "accessTokenAsJwt": false, "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "jansDefaultPromptLogin": false }, "tokenBindingSupported": false, "authenticationMethod": "client_secret_basic", "displayName": "Jans Test Client (don't remove)", "baseDn": "inum=FF81-2D39,ou=clients,o=jans", "inum": "FF81-2D39" }, { "dn": "inum=b3c1d295-42e5-425e-b021-7b2fd3206437,ou=clients,o=jans", "deletable": false, "clientSecret": "5LIyGKo7kTLfWxBi0wSVAbxpB98Q70/Fr2NWMHnpEOiWHLFAQXwqNQ==", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://abc,com" ], "responseTypes": [ "code" ], "grantTypes": [ "refresh_token", "authorization_code" ], "applicationType": "web", "clientName": { "values": { "": "test1234" }, "value": "test1234", "languageTags": [ "" ] }, "logoUri": {}, "clientUri": {}, "policyUri": {}, "tosUri": {}, "subjectType": "public", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ "inum=764C,ou=scopes,o=jans", "inum=43F1,ou=scopes,o=jans", "inum=C17A,ou=scopes,o=jans" ], "trustedClient": false, "persistClientAuthorizations": false, "includeClaimsInIdToken": false, "customAttributes": [ { "name": "displayName", "multiValued": false, "values": [ "test1234" ], "value": "test1234", "displayValue": "test1234" } ], "customObjectClasses": [ "top", "jansClntCustomAttributes" ], "rptAsJwt": false, "accessTokenAsJwt": false, "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "jansDefaultPromptLogin": false }, "backchannelUserCodeParameter": false, "description": "test1234", "tokenBindingSupported": false, "authenticationMethod": "client_secret_basic", "displayName": "test1234", "baseDn": "inum=b3c1d295-42e5-425e-b021-7b2fd3206437,ou=clients,o=jans", "inum": "b3c1d295-42e5-425e-b021-7b2fd3206437" }, { "dn": "inum=1bb91a73-6899-440f-ac27-c04429671522,ou=clients,o=jans", "deletable": false, "clientSecret": "Xi1+z0Ey8UDbtxsRYL3HAeneTCIEndWVeWEzS4dB2Is0iyupSjXr1w==", "frontChannelLogoutSessionRequired": false, "redirectUris": [ "https://abc,com" ], "responseTypes": [ "code" ], "grantTypes": [ "refresh_token", "authorization_code" ], "applicationType": "web", "clientName": { "values": { "": "test12345" }, "value": "test12345", "languageTags": [ "" ] }, "logoUri": {}, "clientUri": {}, "policyUri": {}, "tosUri": {}, "subjectType": "public", "tokenEndpointAuthMethod": "client_secret_basic", "scopes": [ "inum=764C,ou=scopes,o=jans", "inum=43F1,ou=scopes,o=jans", "inum=C17A,ou=scopes,o=jans" ], "trustedClient": false, "persistClientAuthorizations": false, "includeClaimsInIdToken": false, "customAttributes": [ { "name": "displayName", "multiValued": false, "values": [ "test12345" ], "value": "test12345", "displayValue": "test12345" } ], "customObjectClasses": [ "top", "jansClntCustomAttributes" ], "rptAsJwt": false, "accessTokenAsJwt": false, "disabled": false, "attributes": { "runIntrospectionScriptBeforeJwtCreation": false, "keepClientAuthorizationAfterExpiration": false, "allowSpontaneousScopes": false, "backchannelLogoutSessionRequired": false, "parLifetime": 600, "requirePar": false, "jansDefaultPromptLogin": false }, "backchannelUserCodeParameter": false, "description": "test12345", "tokenBindingSupported": false, "authenticationMethod": "client_secret_basic", "displayName": "test12345", "baseDn": "inum=1bb91a73-6899-440f-ac27-c04429671522,ou=clients,o=jans", "inum": "1bb91a73-6899-440f-ac27-c04429671522" } ], "umaType": false, "baseDn": "inum=764C,ou=scopes,o=jans" } "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/scopes.readonly /api/v1/jans-auth-server/session: get: tags: - Auth - Session Management summary: Returns current session description: Returns current session operationId: get-sessions responses: "200": description: Ok content: application/json: schema: type: array items: $ref: '#/components/schemas/SessionId' "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/jans-auth-server/session.readonly - revoke_session /api/v1/jans-auth-server/session/{userDn}: post: tags: - Auth - Session Management summary: Revoke all sessions by userDn description: Revoke all sessions by userDn operationId: revoke-user-session parameters: - name: userDn in: path description: User domain name required: true schema: type: string responses: "200": description: Ok "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/jans-auth-server/session.delete - revoke_session /api/v1/stat: get: tags: - Statistics - User summary: Provides server with basic statistic description: Provides server with basic statistic operationId: get-stat parameters: - name: Authorization in: header description: Authorization code schema: type: string - name: month in: query description: Month for which the stat report is to be fetched. The parameter is mandatory if start_month and end_month parameters are not present. schema: type: string example: 202012 - name: start_month in: query description: Start-Month for which the stat report is to be fetched schema: type: string - name: end_month in: query description: End-Month for which the stat report is to be fetched schema: type: string - name: format in: query description: Report format schema: type: string responses: "200": description: Stats content: application/json: schema: type: array items: $ref: '#/components/schemas/JsonNode' "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/stats.readonly - jans_stat /api/v1/uma/resources: get: tags: - OAuth - UMA Resources summary: Gets list of UMA resources description: Gets list of UMA resources operationId: get-oauth-uma-resources parameters: - name: limit in: query description: Search size - max size of the results to return schema: type: integer format: int32 default: 50 - name: pattern in: query description: Search pattern schema: type: string default: "" - name: startIndex in: query description: The 1-based index of the first query result schema: type: integer format: int32 default: 0 - name: sortBy in: query description: Attribute whose value will be used to order the returned response schema: type: string default: inum - name: sortOrder in: query description: Order in which the sortBy param is applied. Allowed values are "ascending" and "descending" schema: type: string default: ascending - name: fieldValuePair in: query description: Field and value pair for seraching schema: type: string default: "" examples: Field value example: description: Field value example value: deletable=true responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/PagedResult' examples: Response json example: description: Response json example value: | { "start": 0, "totalEntriesCount": 3, "entriesCount": 3, "entries": [ { "dn": "jansId=55d70ecd-8572-43dd-895f-ecfaf09bf513,ou=resources,ou=uma,o=jans", "id": "55d70ecd-8572-43dd-895f-ecfaf09bf513", "name": "config-api-resource", "iconUri": "https://config-api.com", "scopes": [ "inum=ab47c599-d188-44b6-a32a-91e6b173856a,ou=scopes,o=jans" ], "clients": [ "inum=1800.e9131b86-f39f-421c-9dde-b7f90c21a2fe,ou=clients,o=jans" ], "description": "Uma resource config api", "deletable": false }, { "dn": "jansId=4754f784-e80f-4a36-a014-173bd3e6fb6f,ou=resources,ou=uma,o=jans", "id": "4754f784-e80f-4a36-a014-173bd3e6fb6f", "name": "uma-resource-1", "iconUri": "https://config-api.com", "scopes": [ "inum=ab47c599-d188-44b6-a32a-91e6b173856a,ou=scopes,o=jans" ], "clients": [ "inum=1800.768b3d38-a6e8-4be4-93d1-72df33d34fd6,ou=clients,o=jans", "inum=1201.1d010784-b5bf-4813-8f49-cfea00f50498,ou=clients,o=jans" ], "description": "Uma resource one", "deletable": false }, { "dn": "jansId=b0e7e1d7-ab67-45ec-be16-4466da70e63b,ou=resources,ou=uma,o=jans", "id": "b0e7e1d7-ab67-45ec-be16-4466da70e63b", "name": "uma-resource-2", "iconUri": "https://config-api.com", "scopes": [ "inum=ab47c599-d188-44b6-a32a-91e6b173856a,ou=scopes,o=jans" ], "clients": [ "inum=1800.768b3d38-a6e8-4be4-93d1-72df33d34fd6,ou=clients,o=jans", "inum=1201.1d010784-b5bf-4813-8f49-cfea00f50498,ou=clients,o=jans" ], "description": "Uma resource two", "deletable": false } ] } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/uma/resources.readonly put: tags: - OAuth - UMA Resources summary: Updates an UMA resource description: Updates an UMA resource operationId: put-oauth-uma-resources requestBody: description: UmaResource object content: application/json: schema: $ref: '#/components/schemas/UmaResource' examples: Request json example: description: Request json example value: | { "dn": "jansId=55d70ecd-8572-43dd-895f-ecfaf09bf513,ou=resources,ou=uma,o=jans", "id": "55d70ecd-8572-43dd-895f-ecfaf09bf513", "name": "config-api-resource", "iconUri": "https://config-api.com", "scopes": [ "inum=ab47c599-d188-44b6-a32a-91e6b173856a,ou=scopes,o=jans" ], "clients": [ "inum=1800.e9131b86-f39f-421c-9dde-b7f90c21a2fe,ou=clients,o=jans" ], "description": "Uma resource config api", "deletable": false } responses: "200": description: UmaResource content: application/json: schema: $ref: '#/components/schemas/UmaResource' examples: Response json example: description: Response json example value: | { "dn": "jansId=55d70ecd-8572-43dd-895f-ecfaf09bf513,ou=resources,ou=uma,o=jans", "id": "55d70ecd-8572-43dd-895f-ecfaf09bf513", "name": "config-api-resource", "iconUri": "https://config-api.com", "scopes": [ "inum=ab47c599-d188-44b6-a32a-91e6b173856a,ou=scopes,o=jans" ], "clients": [ "inum=1800.e9131b86-f39f-421c-9dde-b7f90c21a2fe,ou=clients,o=jans" ], "description": "Uma resource config api", "deletable": false } "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/uma/resources.write post: tags: - OAuth - UMA Resources summary: Creates an UMA resource description: Creates an UMA resource operationId: post-oauth-uma-resources requestBody: description: UmaResource object content: application/json: schema: $ref: '#/components/schemas/UmaResource' examples: Request json example: description: Request json example value: |2 { "name": "config-api-resource", "iconUri": "https://config-api.com", "clients": [ "inum=1800.e9131b86-f39f-421c-9dde-b7f90c21a2fe,ou=clients,o=jans" ], "scopes":[ "inum=ab47c599-d188-44b6-a32a-91e6b173856a,ou=scopes,o=jans" ], "description": "Uma resource config api", "deletable": false } responses: "201": description: Created content: application/json: schema: $ref: '#/components/schemas/UmaResource' examples: Response json example: description: Response json example value: | { "dn": "jansId=55d70ecd-8572-43dd-895f-ecfaf09bf513,ou=resources,ou=uma,o=jans", "id": "55d70ecd-8572-43dd-895f-ecfaf09bf513", "name": "config-api-resource", "iconUri": "https://config-api.com", "scopes": [ "inum=ab47c599-d188-44b6-a32a-91e6b173856a,ou=scopes,o=jans" ], "clients": [ "inum=1800.e9131b86-f39f-421c-9dde-b7f90c21a2fe,ou=clients,o=jans" ], "description": "Uma resource config api", "deletable": false } "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/uma/resources.write /api/v1/uma/resources/{id}: get: tags: - OAuth - UMA Resources summary: Gets an UMA resource by ID description: Gets an UMA resource by ID operationId: get-oauth-uma-resources-by-id parameters: - name: id in: path description: Resource description ID required: true schema: type: string responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/UmaResource' examples: Response json example: description: Response json example value: | { "dn": "jansId=55d70ecd-8572-43dd-895f-ecfaf09bf513,ou=resources,ou=uma,o=jans", "id": "55d70ecd-8572-43dd-895f-ecfaf09bf513", "name": "config-api-resource", "iconUri": "https://config-api.com", "scopes": [ "inum=ab47c599-d188-44b6-a32a-91e6b173856a,ou=scopes,o=jans" ], "clients": [ "inum=1800.e9131b86-f39f-421c-9dde-b7f90c21a2fe,ou=clients,o=jans" ], "description": "Uma resource config api", "deletable": false } "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/uma/resources.readonly delete: tags: - OAuth - UMA Resources summary: Deletes an UMA resource description: Deletes an UMA resource operationId: delete-oauth-uma-resources-by-id parameters: - name: id in: path description: Resource description ID required: true schema: type: string responses: "204": description: No Content "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/uma/resources.delete patch: tags: - OAuth - UMA Resources summary: Patch UMA resource description: Patch UMA resource operationId: patch-oauth-uma-resources-by-id parameters: - name: id in: path description: Resource description ID required: true schema: type: string requestBody: description: String representing patch-document. content: application/json-patch+json: schema: type: array items: $ref: '#/components/schemas/JsonPatch' examples: Request json example: description: Request json example value: example/uma/resources/uma-resources-patch responses: "200": description: Ok content: application/json: schema: $ref: '#/components/schemas/UmaResource' examples: Response json example: description: Response json example value: | { "dn": "jansId=55d70ecd-8572-43dd-895f-ecfaf09bf513,ou=resources,ou=uma,o=jans", "id": "55d70ecd-8572-43dd-895f-ecfaf09bf513", "name": "config-api-resource", "iconUri": "https://config-api.com", "scopes": [ "inum=ab47c599-d188-44b6-a32a-91e6b173856a,ou=scopes,o=jans" ], "clients": [ "inum=1800.e9131b86-f39f-421c-9dde-b7f90c21a2fe,ou=clients,o=jans" ], "description": "Uma resource config api", "deletable": false } "401": description: Unauthorized "404": description: Not Found "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/uma/resources.write /api/v1/uma/resources/clientId/{clientId}: get: tags: - OAuth - UMA Resources summary: Fetch uma resources by client id description: Fetch uma resources by client id operationId: get-oauth-uma-resources-by-clientid parameters: - name: clientId in: path description: Client ID required: true schema: type: string responses: "200": description: Ok content: application/json: schema: type: array items: $ref: '#/components/schemas/UmaResource' examples: Response json example: description: Response json example value: | [ { "dn": "jansId=b0e7e1d7-ab67-45ec-be16-4466da70e63b,ou=resources,ou=uma,o=jans", "id": "b0e7e1d7-ab67-45ec-be16-4466da70e63b", "name": "uma-resource-2", "iconUri": "https://config-api.com", "scopes": [ "inum=ab47c599-d188-44b6-a32a-91e6b173856a,ou=scopes,o=jans" ], "clients": [ "inum=1800.768b3d38-a6e8-4be4-93d1-72df33d34fd6,ou=clients,o=jans", "inum=1201.1d010784-b5bf-4813-8f49-cfea00f50498,ou=clients,o=jans" ], "description": "Uma resource two", "deletable": false }, { "dn": "jansId=4754f784-e80f-4a36-a014-173bd3e6fb6f,ou=resources,ou=uma,o=jans", "id": "4754f784-e80f-4a36-a014-173bd3e6fb6f", "name": "uma-resource-1", "iconUri": "https://config-api.com", "scopes": [ "inum=ab47c599-d188-44b6-a32a-91e6b173856a,ou=scopes,o=jans" ], "clients": [ "inum=1800.768b3d38-a6e8-4be4-93d1-72df33d34fd6,ou=clients,o=jans", "inum=1201.1d010784-b5bf-4813-8f49-cfea00f50498,ou=clients,o=jans" ], "description": "Uma resource one", "deletable": false } ] "401": description: Unauthorized "500": description: InternalServerError security: - oauth2: - https://jans.io/oauth/config/uma/resources.readonly components: schemas: JsonNode: type: object HealthStatus: type: object properties: status: type: string checks: type: array items: $ref: '#/components/schemas/Status' Status: type: object properties: name: type: string status: type: string error: type: string FacterData: type: object properties: memoryfree: type: string swapfree: type: string hostname: type: string ipaddress: type: string uptime: type: string free_disk_space: type: string load_average: type: string StatsData: type: object properties: dbType: type: string lastUpdate: type: string format: date-time facterData: $ref: '#/components/schemas/FacterData' AuthenticationMethod: type: object properties: defaultAcr: type: string Deployment: type: object properties: dn: type: string id: type: string createdAt: type: string format: date-time taskActive: type: boolean finishedAt: type: string format: date-time assets: type: string details: $ref: '#/components/schemas/DeploymentDetails' baseDn: type: string DeploymentDetails: type: object properties: folders: type: array items: type: string libs: type: array items: type: string error: type: string autoconfigure: type: boolean flowsError: type: object additionalProperties: type: string projectMetadata: $ref: '#/components/schemas/ProjectMetadata' ProjectMetadata: type: object properties: projectName: type: string author: type: string type: type: string description: type: string version: type: string configs: type: object additionalProperties: type: object additionalProperties: type: object noDirectLaunch: type: array items: type: string PagedResult: type: object properties: start: type: integer format: int32 totalEntriesCount: type: integer format: int32 entriesCount: type: integer format: int32 entries: type: array items: type: object ApiError: type: object properties: code: type: string message: type: string description: type: string AssetForm: required: - assetFile - document type: object properties: document: $ref: '#/components/schemas/Document' assetFile: type: string format: binary Document: type: object properties: dn: type: string inum: type: string displayName: type: string description: type: string document: type: string creationDate: type: string format: date-time jansModuleProperty: type: array items: type: string jansLevel: type: integer format: int32 jansRevision: type: integer format: int32 jansEnabled: type: boolean jansAlias: type: string baseDn: type: string AttributeValidation: type: object properties: minLength: type: integer format: int32 maxLength: type: integer format: int32 regexp: type: string JansAttribute: required: - dataType - description - displayName - editType - name - viewType type: object properties: dn: type: string inum: type: string sourceAttribute: type: string nameIdType: type: string name: maxLength: 30 minLength: 1 pattern: "^[a-zA-Z0-9_]+$" type: string displayName: maxLength: 60 minLength: 0 type: string description: maxLength: 4000 minLength: 0 type: string origin: type: string dataType: type: string enum: - string - numeric - boolean - binary - certificate - generalizedTime - json editType: type: array items: type: string enum: - admin - owner - manager - user - whitePages viewType: type: array items: type: string enum: - admin - owner - manager - user - whitePages usageType: type: array items: type: string enum: - openid claimName: type: string seeAlso: type: string status: type: string enum: - active - inactive - expired - register saml1Uri: type: string saml2Uri: type: string urn: type: string scimCustomAttr: type: boolean oxMultiValuedAttribute: type: boolean jansHideOnDiscovery: type: boolean custom: type: boolean requred: type: boolean attributeValidation: $ref: '#/components/schemas/AttributeValidation' tooltip: type: string selected: type: boolean whitePagesCanView: type: boolean adminCanView: type: boolean adminCanEdit: type: boolean userCanEdit: type: boolean userCanView: type: boolean userCanAccess: type: boolean adminCanAccess: type: boolean baseDn: type: string PatchRequest: type: object properties: op: type: string path: type: string value: type: string AppConfiguration: type: object properties: issuer: type: string baseEndpoint: type: string authorizationEndpoint: type: string authorizationChallengeEndpoint: type: string tokenEndpoint: type: string tokenRevocationEndpoint: type: string userInfoEndpoint: type: string clientInfoEndpoint: type: string checkSessionIFrame: type: string endSessionEndpoint: type: string jwksUri: type: string archivedJwksUri: type: string registrationEndpoint: type: string openIdDiscoveryEndpoint: type: string openIdConfigurationEndpoint: type: string idGenerationEndpoint: type: string introspectionEndpoint: type: string parEndpoint: type: string requirePar: type: boolean deviceAuthzEndpoint: type: string mtlsAuthorizationEndpoint: type: string mtlsAuthorizationChallengeEndpoint: type: string mtlsTokenEndpoint: type: string mtlsTokenRevocationEndpoint: type: string mtlsUserInfoEndpoint: type: string mtlsClientInfoEndpoint: type: string mtlsCheckSessionIFrame: type: string mtlsEndSessionEndpoint: type: string mtlsJwksUri: type: string mtlsRegistrationEndpoint: type: string mtlsIdGenerationEndpoint: type: string mtlsIntrospectionEndpoint: type: string mtlsParEndpoint: type: string mtlsDeviceAuthzEndpoint: type: string requireRequestObjectEncryption: type: boolean requirePkce: type: boolean allowAllValueForRevokeEndpoint: type: boolean allowRevokeForOtherClients: type: boolean sectorIdentifierCacheLifetimeInMinutes: type: integer format: int32 archivedJwkLifetimeInSeconds: type: integer format: int32 umaConfigurationEndpoint: type: string umaRptAsJwt: type: boolean umaRptLifetime: type: integer format: int32 umaTicketLifetime: type: integer format: int32 umaPctLifetime: type: integer format: int32 umaResourceLifetime: type: integer format: int32 umaAddScopesAutomatically: type: boolean umaValidateClaimToken: type: boolean umaGrantAccessIfNoPolicies: type: boolean umaRestrictResourceToAssociatedClient: type: boolean statTimerIntervalInSeconds: type: integer format: int32 statAuthorizationScope: type: string allowSpontaneousScopes: type: boolean spontaneousScopeLifetime: type: integer format: int32 openidSubAttribute: type: string publicSubjectIdentifierPerClientEnabled: type: boolean subjectIdentifiersPerClientSupported: type: array items: type: string responseTypesSupported: uniqueItems: true type: array items: uniqueItems: true type: array items: type: string enum: - code - token - id_token responseModesSupported: uniqueItems: true type: array items: type: string enum: - query - fragment - form_post - query.jwt - fragment.jwt - form_post.jwt - jwt grantTypesSupported: uniqueItems: true type: array items: type: string enum: - none - authorization_code - implicit - password - client_credentials - refresh_token - tx_token - urn:ietf:params:oauth:grant-type:uma-ticket - urn:ietf:params:oauth:grant-type:token-exchange - urn:openid:params:grant-type:ciba - urn:ietf:params:oauth:grant-type:device_code subjectTypesSupported: type: array items: type: string defaultSubjectType: type: string authorizationSigningAlgValuesSupported: type: array items: type: string authorizationEncryptionAlgValuesSupported: type: array items: type: string authorizationEncryptionEncValuesSupported: type: array items: type: string userInfoSigningAlgValuesSupported: type: array items: type: string userInfoEncryptionAlgValuesSupported: type: array items: type: string userInfoEncryptionEncValuesSupported: type: array items: type: string introspectionSigningAlgValuesSupported: type: array items: type: string introspectionEncryptionAlgValuesSupported: type: array items: type: string introspectionEncryptionEncValuesSupported: type: array items: type: string txTokenSigningAlgValuesSupported: type: array items: type: string txTokenEncryptionAlgValuesSupported: type: array items: type: string txTokenEncryptionEncValuesSupported: type: array items: type: string idTokenSigningAlgValuesSupported: type: array items: type: string idTokenEncryptionAlgValuesSupported: type: array items: type: string idTokenEncryptionEncValuesSupported: type: array items: type: string accessTokenSigningAlgValuesSupported: type: array items: type: string forceSignedRequestObject: type: boolean requestObjectSigningAlgValuesSupported: type: array items: type: string requestObjectEncryptionAlgValuesSupported: type: array items: type: string requestObjectEncryptionEncValuesSupported: type: array items: type: string tokenEndpointAuthMethodsSupported: type: array items: type: string tokenEndpointAuthSigningAlgValuesSupported: type: array items: type: string dynamicRegistrationCustomAttributes: type: array items: type: string dynamicRegistrationDefaultCustomAttributes: $ref: '#/components/schemas/JsonNode' displayValuesSupported: type: array items: type: string claimTypesSupported: type: array items: type: string jwksAlgorithmsSupported: type: array items: type: string serviceDocumentation: type: string claimsLocalesSupported: type: array items: type: string idTokenTokenBindingCnfValuesSupported: type: array items: type: string uiLocalesSupported: type: array items: type: string claimsParameterSupported: type: boolean requestParameterSupported: type: boolean requestUriParameterSupported: type: boolean requestUriHashVerificationEnabled: type: boolean requireRequestUriRegistration: type: boolean requestUriBlockList: type: array items: type: string opPolicyUri: type: string opTosUri: type: string cleanUpInactiveClientAfterHoursOfInactivity: type: integer format: int32 clientPeriodicUpdateTimerInterval: type: integer format: int32 authorizationCodeLifetime: type: integer format: int32 refreshTokenLifetime: type: integer format: int32 txTokenLifetime: type: integer format: int32 idTokenLifetime: type: integer format: int32 idTokenFilterClaimsBasedOnAccessToken: type: boolean saveTokensInCache: type: boolean saveTokensInCacheAndDontSaveInPersistence: type: boolean accessTokenLifetime: type: integer format: int32 cleanServiceInterval: type: integer format: int32 cleanServiceBatchChunkSize: type: integer format: int32 keyRegenerationEnabled: type: boolean keyRegenerationInterval: type: integer format: int32 defaultSignatureAlgorithm: type: string jansOpenIdConnectVersion: type: string jansId: type: string dynamicRegistrationExpirationTime: type: integer format: int32 dynamicRegistrationPersistClientAuthorizations: type: boolean trustedClientEnabled: type: boolean skipAuthorizationForOpenIdScopeAndPairwiseId: type: boolean dynamicRegistrationScopesParamEnabled: type: boolean dynamicRegistrationPasswordGrantTypeEnabled: type: boolean dynamicRegistrationAllowedPasswordGrantScopes: type: array items: type: string dynamicRegistrationCustomObjectClass: type: string personCustomObjectClassList: type: array items: type: string persistIdToken: type: boolean persistRefreshToken: type: boolean allowPostLogoutRedirectWithoutValidation: type: boolean invalidateSessionCookiesAfterAuthorizationFlow: type: boolean returnClientSecretOnRead: type: boolean rotateClientRegistrationAccessTokenOnUsage: type: boolean rejectJwtWithNoneAlg: type: boolean expirationNotificatorEnabled: type: boolean useNestedJwtDuringEncryption: type: boolean expirationNotificatorMapSizeLimit: type: integer format: int32 expirationNotificatorIntervalInSeconds: type: integer format: int32 redirectUrisRegexEnabled: type: boolean useHighestLevelScriptIfAcrScriptNotFound: type: boolean acrMappings: type: object additionalProperties: type: string authenticationFiltersEnabled: type: boolean clientAuthenticationFiltersEnabled: type: boolean clientRegDefaultToCodeFlowWithRefresh: type: boolean grantTypesAndResponseTypesAutofixEnabled: type: boolean authenticationFilters: type: array items: $ref: '#/components/schemas/AuthenticationFilter' clientAuthenticationFilters: type: array items: $ref: '#/components/schemas/ClientAuthenticationFilter' corsConfigurationFilters: type: array items: $ref: '#/components/schemas/CorsConfigurationFilter' sessionIdUnusedLifetime: type: integer format: int32 sessionIdUnauthenticatedUnusedLifetime: type: integer format: int32 sessionIdPersistOnPromptNone: type: boolean sessionIdRequestParameterEnabled: type: boolean changeSessionIdOnAuthentication: type: boolean sessionIdPersistInCache: type: boolean includeSidInResponse: type: boolean disablePromptLogin: type: boolean disablePromptConsent: type: boolean sessionIdCookieLifetime: type: integer format: int32 sessionIdLifetime: type: integer format: int32 activeSessionAuthorizationScope: type: string configurationUpdateInterval: type: integer format: int32 logNotFoundEntityAsError: type: boolean enableClientGrantTypeUpdate: type: boolean grantTypesSupportedByDynamicRegistration: uniqueItems: true type: array items: type: string enum: - none - authorization_code - implicit - password - client_credentials - refresh_token - tx_token - urn:ietf:params:oauth:grant-type:uma-ticket - urn:ietf:params:oauth:grant-type:token-exchange - urn:openid:params:grant-type:ciba - urn:ietf:params:oauth:grant-type:device_code cssLocation: type: string jsLocation: type: string imgLocation: type: string metricReporterInterval: type: integer format: int32 metricReporterKeepDataDays: type: integer format: int32 pairwiseIdType: type: string pairwiseCalculationKey: type: string pairwiseCalculationSalt: type: string shareSubjectIdBetweenClientsWithSameSectorId: type: boolean webKeysStorage: type: string enum: - keystore - pkcs11 dnName: type: string keyStoreFile: type: string keyStoreSecret: type: string keySelectionStrategy: type: string enum: - OLDER - NEWER - FIRST keyAlgsAllowedForGeneration: type: array items: type: string keySignWithSameKeyButDiffAlg: type: boolean staticKid: type: string staticDecryptionKid: type: string introspectionAccessTokenMustHaveUmaProtectionScope: type: boolean introspectionAccessTokenMustHaveIntrospectionScope: type: boolean introspectionSkipAuthorization: type: boolean introspectionRestrictBasicAuthnToOwnTokens: type: boolean endSessionWithAccessToken: type: boolean disablePromptCreate: type: boolean cookieDomain: type: string enabledOAuthAuditLogging: type: boolean jmsBrokerURISet: uniqueItems: true type: array items: type: string jmsUserName: type: string jmsPassword: type: string externalUriWhiteList: type: array items: type: string clientWhiteList: type: array items: type: string clientBlackList: type: array items: type: string legacyIdTokenClaims: type: boolean customHeadersWithAuthorizationResponse: type: boolean frontChannelLogoutSessionSupported: type: boolean loggingLevel: type: string loggingLayout: type: string updateUserLastLogonTime: type: boolean updateClientAccessTime: type: boolean logClientIdOnClientAuthentication: type: boolean logClientNameOnClientAuthentication: type: boolean disableJdkLogger: type: boolean authorizationRequestCustomAllowedParameters: uniqueItems: true type: array items: $ref: '#/components/schemas/AuthorizationRequestCustomParameter' openidScopeBackwardCompatibility: type: boolean disableU2fEndpoint: type: boolean rotateDeviceSecret: type: boolean returnDeviceSecretFromAuthzEndpoint: type: boolean dcrForbidExpirationTimeInRequest: type: boolean dcrSignatureValidationEnabled: type: boolean dcrSignatureValidationSharedSecret: type: string dcrSignatureValidationSoftwareStatementJwksURIClaim: type: string dcrSignatureValidationSoftwareStatementJwksClaim: type: string dcrSignatureValidationJwks: type: string dcrSignatureValidationJwksUri: type: string dcrAuthorizationWithClientCredentials: type: boolean dcrAuthorizationWithMTLS: type: boolean dcrAttestationEvidenceRequired: type: boolean trustedSsaIssuers: type: object additionalProperties: $ref: '#/components/schemas/TrustedIssuerConfig' useLocalCache: type: boolean fapiCompatibility: type: boolean forceIdTokenHintPrecense: type: boolean rejectEndSessionIfIdTokenExpired: type: boolean allowEndSessionWithUnmatchedSid: type: boolean forceOfflineAccessScopeToEnableRefreshToken: type: boolean errorReasonEnabled: type: boolean removeRefreshTokensForClientOnLogout: type: boolean skipRefreshTokenDuringRefreshing: type: boolean refreshTokenExtendLifetimeOnRotation: type: boolean allowBlankValuesInDiscoveryResponse: type: boolean checkUserPresenceOnRefreshToken: type: boolean consentGatheringScriptBackwardCompatibility: type: boolean introspectionScriptBackwardCompatibility: type: boolean introspectionResponseScopesBackwardCompatibility: type: boolean softwareStatementValidationType: type: string softwareStatementValidationClaimName: type: string authenticationProtectionConfiguration: $ref: '#/components/schemas/AuthenticationProtectionConfiguration' errorHandlingMethod: type: string enum: - internal - remote disableAuthnForMaxAgeZero: type: boolean keepAuthenticatorAttributesOnAcrChange: type: boolean deviceAuthzRequestExpiresIn: type: integer format: int32 deviceAuthzTokenPollInterval: type: integer format: int32 deviceAuthzResponseTypeToProcessAuthz: type: string deviceAuthzAcr: type: string backchannelClientId: type: string backchannelRedirectUri: type: string backchannelAuthenticationEndpoint: type: string backchannelDeviceRegistrationEndpoint: type: string backchannelTokenDeliveryModesSupported: type: array items: type: string backchannelAuthenticationRequestSigningAlgValuesSupported: type: array items: type: string backchannelUserCodeParameterSupported: type: boolean backchannelBindingMessagePattern: type: string backchannelAuthenticationResponseExpiresIn: type: integer format: int32 backchannelAuthenticationResponseInterval: type: integer format: int32 backchannelLoginHintClaims: type: array items: type: string cibaEndUserNotificationConfig: $ref: '#/components/schemas/CIBAEndUserNotificationConfig' backchannelRequestsProcessorJobIntervalSec: type: integer format: int32 backchannelRequestsProcessorJobChunkSize: type: integer format: int32 cibaGrantLifeExtraTimeSec: type: integer format: int32 cibaMaxExpirationTimeAllowedSec: type: integer format: int32 dpopSigningAlgValuesSupported: type: array items: type: string dpopTimeframe: type: integer format: int32 dpopJtiCacheTime: type: integer format: int32 dpopUseNonce: type: boolean dpopNonceCacheTime: type: integer format: int32 dpopJktForceForAuthorizationCode: type: boolean allowIdTokenWithoutImplicitGrantType: type: boolean forceRopcInAuthorizationEndpoint: type: boolean discoveryCacheLifetimeInMinutes: type: integer format: int32 discoveryAllowedKeys: type: array items: type: string discoveryDenyKeys: type: array items: type: string featureFlags: type: array items: type: string enum: - UNKNOWN - HEALTH_CHECK - USERINFO - CLIENTINFO - ID_GENERATION - REGISTRATION - INTROSPECTION - REVOKE_TOKEN - REVOKE_SESSION - ACTIVE_SESSION - END_SESSION - STATUS_SESSION - JANS_CONFIGURATION - CIBA - UMA - U2F - DEVICE_AUTHZ - METRIC - STAT - PAR - SSA httpLoggingEnabled: type: boolean httpLoggingExcludePaths: uniqueItems: true type: array items: type: string externalLoggerConfiguration: type: string agamaConfiguration: $ref: '#/components/schemas/EngineConfig' dcrSsaValidationConfigs: type: array items: $ref: '#/components/schemas/SsaValidationConfig' ssaConfiguration: $ref: '#/components/schemas/SsaConfiguration' blockWebviewAuthorizationEnabled: type: boolean authorizationChallengeDefaultAcr: type: string authorizationChallengeShouldGenerateSession: type: boolean dateFormatterPatterns: type: object additionalProperties: type: string httpLoggingResponseBodyContent: type: boolean skipAuthenticationFilterOptionsMethod: type: boolean lockMessageConfig: $ref: '#/components/schemas/LockMessageConfig' fapi: type: boolean allResponseTypesSupported: uniqueItems: true type: array items: type: string enum: - code - token - id_token AuthenticationFilter: required: - baseDn - filter type: object properties: filter: type: string bind: type: boolean bindPasswordAttribute: type: string xml: name: bind-password-attribute baseDn: type: string xml: name: base-dn AuthenticationProtectionConfiguration: type: object properties: attemptExpiration: type: integer format: int32 maximumAllowedAttemptsWithoutDelay: type: integer format: int32 delayTime: type: integer format: int32 bruteForceProtectionEnabled: type: boolean AuthorizationRequestCustomParameter: type: object properties: paramName: type: string returnInResponse: type: boolean CIBAEndUserNotificationConfig: type: object properties: apiKey: type: string authDomain: type: string databaseURL: type: string projectId: type: string storageBucket: type: string messagingSenderId: type: string appId: type: string notificationUrl: type: string notificationKey: type: string publicVapidKey: type: string ClientAuthenticationFilter: required: - baseDn - filter type: object properties: filter: type: string bind: type: boolean bindPasswordAttribute: type: string xml: name: bind-password-attribute baseDn: type: string xml: name: base-dn CorsConfigurationFilter: type: object properties: filterName: type: string corsEnabled: type: boolean corsAllowedOrigins: type: string corsAllowedMethods: type: string corsAllowedHeaders: type: string corsExposedHeaders: type: string corsSupportCredentials: type: boolean corsLoggingEnabled: type: boolean corsPreflightMaxAge: type: integer format: int32 corsRequestDecorate: type: boolean EngineConfig: type: object properties: enabled: type: boolean rootDir: type: string templatesPath: type: string scriptsPath: type: string maxItemsLoggedInCollections: type: integer format: int32 disableTCHV: type: boolean pageMismatchErrorPage: type: string interruptionErrorPage: type: string crashErrorPage: type: string finishedFlowPage: type: string bridgeScriptPage: type: string serializeRules: type: object additionalProperties: type: array items: type: string defaultResponseHeaders: type: object additionalProperties: type: string LockMessageConfig: type: object properties: enableTokenMessages: type: boolean tokenMessagesChannel: type: string SsaConfiguration: type: object properties: ssaEndpoint: type: string ssaCustomAttributes: type: array items: type: string ssaSigningAlg: type: string ssaExpirationInDays: type: integer format: int32 SsaValidationConfig: type: object properties: id: type: string type: type: string enum: - NONE - SSA - DCR displayName: type: string description: type: string scopes: type: array items: type: string allowedClaims: type: array items: type: string jwks: type: string jwksUri: type: string issuers: type: array items: type: string configurationEndpoint: type: string configurationEndpointClaim: type: string sharedSecret: type: string TrustedIssuerConfig: type: object properties: automaticallyGrantedScopes: type: array items: type: string PersistenceConfiguration: type: object properties: persistenceType: type: string JsonPatch: type: object CacheConfiguration: type: object properties: cacheProviderType: type: string enum: - IN_MEMORY - MEMCACHED - REDIS - NATIVE_PERSISTENCE memcachedConfiguration: $ref: '#/components/schemas/MemcachedConfiguration' inMemoryConfiguration: $ref: '#/components/schemas/InMemoryConfiguration' redisConfiguration: $ref: '#/components/schemas/RedisConfiguration' nativePersistenceConfiguration: $ref: '#/components/schemas/NativePersistenceConfiguration' InMemoryConfiguration: type: object properties: defaultPutExpiration: type: integer format: int32 MemcachedConfiguration: type: object properties: servers: type: string maxOperationQueueLength: type: integer format: int32 bufferSize: type: integer format: int32 defaultPutExpiration: type: integer format: int32 connectionFactoryType: type: string enum: - DEFAULT - BINARY NativePersistenceConfiguration: type: object properties: defaultPutExpiration: type: integer format: int32 defaultCleanupBatchSize: type: integer format: int32 deleteExpiredOnGetRequest: type: boolean disableAttemptUpdateBeforeInsert: type: boolean RedisConfiguration: type: object properties: redisProviderType: type: string enum: - STANDALONE - CLUSTER - SHARDED - SENTINEL servers: type: string defaultPutExpiration: type: integer format: int32 sentinelMasterGroupName: type: string password: type: string useSSL: type: boolean sslTrustStoreFilePath: type: string sslTrustStorePassword: type: string sslKeyStoreFilePath: type: string sslKeyStorePassword: type: string maxIdleConnections: type: integer format: int32 maxTotalConnections: type: integer format: int32 connectionTimeout: type: integer format: int32 soTimeout: type: integer format: int32 maxRetryAttempts: type: integer format: int32 ClientAuth: type: object properties: clientAuths: type: object additionalProperties: uniqueItems: true type: array items: $ref: '#/components/schemas/Scope' Scope: type: object properties: dn: type: string expirationDate: type: string format: date-time deletable: type: boolean inum: type: string displayName: type: string id: type: string iconUrl: type: string description: type: string scopeType: type: string enum: - openid - dynamic - uma - spontaneous - oauth claims: type: array items: type: string defaultScope: type: boolean groupClaims: type: boolean dynamicScopeScripts: type: array items: type: string umaAuthorizationPolicies: type: array items: type: string attributes: $ref: '#/components/schemas/ScopeAttributes' creatorId: type: string creatorType: type: string enum: - none - client - user - auto creationDate: type: string format: date-time creatorAttributes: type: object additionalProperties: type: string umaType: type: boolean baseDn: type: string ScopeAttributes: type: object properties: spontaneousClientScopes: type: array items: type: string showInConfigurationEndpoint: type: boolean Client: type: object properties: dn: type: string expirationDate: type: string format: date-time deletable: type: boolean clientSecret: type: string frontChannelLogoutUri: type: string frontChannelLogoutSessionRequired: type: boolean registrationAccessToken: type: string clientIdIssuedAt: type: string format: date-time clientSecretExpiresAt: type: string format: date-time redirectUris: type: array items: type: string claimRedirectUris: type: array items: type: string responseTypes: type: array items: type: string enum: - code - token - id_token grantTypes: type: array items: type: string enum: - none - authorization_code - implicit - password - client_credentials - refresh_token - tx_token - urn:ietf:params:oauth:grant-type:uma-ticket - urn:ietf:params:oauth:grant-type:token-exchange - urn:openid:params:grant-type:ciba - urn:ietf:params:oauth:grant-type:device_code applicationType: type: string enum: - native - web contacts: type: array items: type: string idTokenTokenBindingCnf: type: string clientName: type: string logoUri: type: string clientUri: type: string policyUri: type: string tosUri: type: string clientNameLocalized: $ref: '#/components/schemas/LocalizedString' logoUriLocalized: $ref: '#/components/schemas/LocalizedString' clientUriLocalized: $ref: '#/components/schemas/LocalizedString' policyUriLocalized: $ref: '#/components/schemas/LocalizedString' tosUriLocalized: $ref: '#/components/schemas/LocalizedString' jwksUri: type: string jwks: type: string sectorIdentifierUri: type: string subjectType: type: string enum: - pairwise - public idTokenSignedResponseAlg: type: string idTokenEncryptedResponseAlg: type: string idTokenEncryptedResponseEnc: type: string userInfoSignedResponseAlg: type: string userInfoEncryptedResponseAlg: type: string userInfoEncryptedResponseEnc: type: string requestObjectSigningAlg: type: string requestObjectEncryptionAlg: type: string requestObjectEncryptionEnc: type: string tokenEndpointAuthMethod: type: string format: enum enum: - client_secret_basic - client_secret_post - client_secret_jwt - private_key_jwt - access_token - tls_client_auth - self_signed_tls_client_auth - none tokenEndpointAuthSigningAlg: type: string defaultMaxAge: type: integer format: int32 defaultAcrValues: type: array items: type: string initiateLoginUri: type: string postLogoutRedirectUris: type: array items: type: string requestUris: type: array items: type: string scopes: type: array items: type: string claims: type: array items: type: string trustedClient: type: boolean lastAccessTime: type: string format: date-time lastLogonTime: type: string format: date-time persistClientAuthorizations: type: boolean includeClaimsInIdToken: type: boolean refreshTokenLifetime: type: integer format: int32 accessTokenLifetime: type: integer format: int32 customAttributes: type: array items: $ref: '#/components/schemas/CustomObjectAttribute' customObjectClasses: type: array items: type: string rptAsJwt: type: boolean accessTokenAsJwt: type: boolean accessTokenSigningAlg: type: string disabled: type: boolean authorizedOrigins: type: array items: type: string softwareId: type: string softwareVersion: type: string softwareStatement: type: string attributes: $ref: '#/components/schemas/ClientAttributes' backchannelTokenDeliveryMode: type: string enum: - poll - ping - push backchannelClientNotificationEndpoint: type: string backchannelAuthenticationRequestSigningAlg: type: string enum: - RS256 - RS384 - RS512 - ES256 - ES384 - ES512 - PS256 - PS384 - PS512 backchannelUserCodeParameter: type: boolean description: type: string organization: type: string groups: type: array items: type: string ttl: type: integer format: int32 displayName: type: string baseDn: type: string inum: type: string ClientAttributes: type: object properties: tlsClientAuthSubjectDn: type: string runIntrospectionScriptBeforeJwtCreation: type: boolean keepClientAuthorizationAfterExpiration: type: boolean allowSpontaneousScopes: type: boolean spontaneousScopes: type: array items: type: string spontaneousScopeScriptDns: type: array items: type: string updateTokenScriptDns: type: array items: type: string backchannelLogoutUri: type: array items: type: string backchannelLogoutSessionRequired: type: boolean additionalAudience: type: array items: type: string postAuthnScripts: type: array items: type: string consentGatheringScripts: type: array items: type: string introspectionScripts: type: array items: type: string rptClaimsScripts: type: array items: type: string ropcScripts: type: array items: type: string parLifetime: type: integer format: int32 requirePar: type: boolean dpopBoundAccessToken: type: boolean jansAuthSignedRespAlg: type: string jansAuthEncRespAlg: type: string jansAuthEncRespEnc: type: string jansSubAttr: type: string redirectUrisRegex: type: string jansAuthorizedAcr: type: array items: type: string jansDefaultPromptLogin: type: boolean txTokenLifetime: type: integer format: int32 idTokenLifetime: type: integer format: int32 allowOfflineAccessWithoutConsent: type: boolean minimumAcrLevel: type: integer format: int32 minimumAcrLevelAutoresolve: type: boolean additionalTokenEndpointAuthMethods: type: array items: type: string minimumAcrPriorityList: type: array items: type: string requestedLifetime: type: integer format: int32 evidence: type: string introspectionSignedResponseAlg: type: string introspectionEncryptedResponseAlg: type: string introspectionEncryptedResponseEnc: type: string txTokenSignedResponseAlg: type: string txTokenEncryptedResponseAlg: type: string txTokenEncryptedResponseEnc: type: string authorizationDetailsTypes: type: array items: type: string CustomObjectAttribute: type: object properties: name: type: string multiValued: type: boolean values: type: array items: type: object value: type: object displayValue: type: string LocalizedString: type: object properties: values: type: object additionalProperties: type: string AgamaConfiguration: type: object properties: mandatoryAttributes: type: array items: type: string optionalAttributes: type: array items: type: string ApiAppConfiguration: type: object properties: configOauthEnabled: type: boolean disableLoggerTimer: type: boolean disableAuditLogger: type: boolean customAttributeValidationEnabled: type: boolean apiApprovedIssuer: type: array items: type: string apiProtectionType: type: string apiClientId: type: string apiClientPassword: type: string endpointInjectionEnabled: type: boolean authIssuerUrl: type: string authOpenidConfigurationUrl: type: string authOpenidIntrospectionUrl: type: string authOpenidTokenUrl: type: string authOpenidRevokeUrl: type: string exclusiveAuthScopes: type: array items: type: string corsConfigurationFilters: type: array items: $ref: '#/components/schemas/CorsConfigurationFilter' loggingLevel: type: string loggingLayout: type: string externalLoggerConfiguration: type: string disableJdkLogger: type: boolean maxCount: type: integer format: int32 userExclusionAttributes: type: array items: type: string userMandatoryAttributes: type: array items: type: string agamaConfiguration: $ref: '#/components/schemas/AgamaConfiguration' auditLogConf: $ref: '#/components/schemas/AuditLogConf' dataFormatConversionConf: $ref: '#/components/schemas/DataFormatConversionConf' plugins: type: array items: $ref: '#/components/schemas/PluginConf' assetMgtConfiguration: $ref: '#/components/schemas/AssetMgtConfiguration' AssetDirMapping: type: object properties: directory: type: string type: type: array items: type: string description: type: string AssetMgtConfiguration: type: object properties: assetMgtEnabled: type: boolean assetServerUploadEnabled: type: boolean assetBaseDirectory: type: string assetDirMapping: type: array items: $ref: '#/components/schemas/AssetDirMapping' AuditLogConf: type: object properties: enabled: type: boolean ignoreHttpMethod: type: array items: type: string headerAttributes: type: array items: type: string DataFormatConversionConf: type: object properties: enabled: type: boolean ignoreHttpMethod: type: array items: type: string PluginConf: type: object properties: name: type: string description: type: string className: type: string SmtpConfiguration: type: object properties: valid: type: boolean host: type: string port: type: integer format: int32 connect_protection: type: string enum: - None - StartTls - SslTls trust_host: type: boolean from_name: type: string from_email_address: type: string requires_authentication: type: boolean smtp_authentication_account_username: type: string smtp_authentication_account_password: type: string key_store: type: string key_store_password: type: string key_store_alias: type: string signing_algorithm: type: string SmtpTest: type: object properties: sign: type: boolean subject: type: string message: type: string CustomScript: type: object properties: dn: type: string inum: type: string name: maxLength: 60 minLength: 2 pattern: "^[a-zA-Z0-9_\\-\\:\\/\\.]+$" type: string aliases: type: array items: type: string description: type: string script: type: string scriptType: type: string enum: - person_authentication - authorization_challenge - introspection - resource_owner_password_credentials - application_session - cache_refresh - client_registration - id_generator - uma_rpt_policy - uma_rpt_claims - uma_claims_gathering - consent_gathering - dynamic_scope - spontaneous_scope - end_session - post_authn - select_account - create_user - scim - ciba_end_user_notification - revoke_token - persistence_extension - idp - discovery - health_check - authz_detail - update_token - config_api_auth - modify_ssa_response - fido2_extension - lock_extension programmingLanguage: type: string enum: - python - java moduleProperties: type: array items: $ref: '#/components/schemas/SimpleCustomProperty' configurationProperties: type: array items: $ref: '#/components/schemas/SimpleExtendedCustomProperty' level: type: integer format: int32 revision: type: integer format: int64 enabled: type: boolean scriptError: $ref: '#/components/schemas/ScriptError' modified: type: boolean internal: type: boolean locationPath: type: string locationType: type: string enum: - ldap - db - file baseDn: type: string ScriptError: type: object properties: raisedAt: type: string format: date-time stackTrace: type: string SimpleCustomProperty: type: object properties: value1: type: string value2: type: string description: type: string SimpleExtendedCustomProperty: type: object properties: value1: type: string value2: type: string hide: type: boolean description: type: string JSONWebKey: type: object properties: name: type: string descr: type: string kid: type: string kty: type: string enum: - EC - RSA - OKP - oct use: type: string enum: - sig - enc alg: type: string enum: - RS256 - RS384 - RS512 - ES256 - ES256K - ES384 - ES512 - PS256 - PS384 - PS512 - EdDSA - RSA1_5 - RSA-OAEP - RSA-OAEP-256 - ECDH-ES - ECDH-ES+A128KW - ECDH-ES+A192KW - ECDH-ES+A256KW - A128KW - A192KW - A256KW - A128GCMKW - A192GCMKW - A256GCMKW - PBES2-HS256+A128KW - PBES2-HS384+A192KW - PBES2-HS512+A256KW - dir exp: type: integer format: int64 crv: type: string enum: - P-256 - P-256K - P-384 - P-521 - Ed25519 - Ed448 x5c: type: array items: type: string "n": type: string e: type: string x: type: string "y": type: string key_ops_type: type: array items: type: string enum: - "KeyOps{value='connect'} CONNECT" - "KeyOps{value='ssa'} SSA" - "KeyOps{value='all'} ALL" WebKeysConfiguration: type: object properties: keys: type: array items: $ref: '#/components/schemas/JSONWebKey' GluuLdapConfiguration: type: object properties: configId: type: string bindDN: type: string bindPassword: type: string servers: type: array items: type: string maxConnections: type: integer format: int32 useSSL: type: boolean baseDNs: type: array items: type: string primaryKey: type: string localPrimaryKey: type: string useAnonymousBind: type: boolean enabled: type: boolean version: type: integer format: int32 level: type: integer format: int32 Logging: type: object properties: loggingLevel: type: string loggingLayout: type: string httpLoggingEnabled: type: boolean disableJdkLogger: type: boolean enabledOAuthAuditLogging: type: boolean externalLoggerConfiguration: type: string httpLoggingExcludePaths: uniqueItems: true type: array items: type: string MessageConfiguration: type: object properties: messageProviderType: type: string enum: - DISABLED - REDIS - POSTGRES redisConfiguration: $ref: '#/components/schemas/RedisMessageConfiguration' postgresConfiguration: $ref: '#/components/schemas/PostgresMessageConfiguration' PostgresMessageConfiguration: type: object properties: driverClassName: type: string dbSchemaName: type: string connectionUri: type: string authUserName: type: string authUserPassword: type: string connectionPoolMaxTotal: type: integer format: int32 connectionPoolMaxIdle: type: integer format: int32 connectionPoolMinIdle: type: integer format: int32 messageWaitMillis: type: integer format: int32 messageSleepThreadTime: type: integer format: int32 RedisMessageConfiguration: type: object properties: redisProviderType: type: string enum: - STANDALONE - CLUSTER - SHARDED - SENTINEL servers: type: string defaultPutExpiration: type: integer format: int32 sentinelMasterGroupName: type: string password: type: string useSSL: type: boolean sslTrustStoreFilePath: type: string sslTrustStorePassword: type: string sslKeyStoreFilePath: type: string sslKeyStorePassword: type: string maxIdleConnections: type: integer format: int32 maxTotalConnections: type: integer format: int32 connectionTimeout: type: integer format: int32 soTimeout: type: integer format: int32 maxRetryAttempts: type: integer format: int32 GluuOrganization: required: - description - displayName type: object properties: dn: type: string displayName: maxLength: 60 minLength: 0 type: string description: maxLength: 60 minLength: 0 type: string member: type: string countryName: type: string organization: type: string status: type: string enum: - active - inactive - expired - register managerGroup: type: string themeColor: type: string shortName: type: string customMessages: type: array items: type: string title: type: string jsLogoPath: type: string jsFaviconPath: type: string baseDn: type: string CustomScope: type: object properties: dn: type: string expirationDate: type: string format: date-time deletable: type: boolean inum: type: string displayName: type: string id: type: string iconUrl: type: string description: type: string scopeType: type: string enum: - openid - dynamic - uma - spontaneous - oauth claims: type: array items: type: string defaultScope: type: boolean groupClaims: type: boolean dynamicScopeScripts: type: array items: type: string umaAuthorizationPolicies: type: array items: type: string attributes: $ref: '#/components/schemas/ScopeAttributes' creatorId: type: string creatorType: type: string enum: - none - client - user - auto creationDate: type: string format: date-time creatorAttributes: type: object additionalProperties: type: string clients: type: array items: $ref: '#/components/schemas/Client' umaType: type: boolean baseDn: type: string SessionId: type: object properties: dn: type: string id: type: string outsideSid: type: string lastUsedAt: type: string format: date-time userDn: type: string authenticationTime: type: string format: date-time state: type: string enum: - unauthenticated - authenticated sessionState: type: string permissionGranted: type: boolean permissionGrantedMap: $ref: '#/components/schemas/SessionIdAccessMap' sessionAttributes: type: object additionalProperties: type: string deviceSecrets: type: array items: type: string expirationDate: type: string format: date-time deletable: type: boolean creationDate: type: string format: date-time user: $ref: '#/components/schemas/User' ttl: type: integer format: int32 opbrowserState: type: string persisted: type: boolean SessionIdAccessMap: type: object properties: permissionGranted: type: object additionalProperties: type: boolean xml: name: map User: type: object properties: dn: type: string userId: type: string updatedAt: type: string format: date-time createdAt: type: string format: date-time oxAuthPersistentJwt: type: array items: type: string externalUid: type: array items: type: string authenticator: $ref: '#/components/schemas/UserAuthenticatorList' status: type: string enum: - active - inactive - expired - register customAttributes: type: array items: $ref: '#/components/schemas/CustomObjectAttribute' customObjectClasses: type: array items: type: string baseDn: type: string UserAuthenticator: type: object properties: id: type: string type: type: string custom: type: object additionalProperties: type: object UserAuthenticatorList: type: object properties: authenticators: type: array items: $ref: '#/components/schemas/UserAuthenticator' UmaResource: required: - name type: object properties: dn: type: string inum: type: string id: type: string name: type: string iconUri: type: string scopes: type: array items: type: string scopeExpression: type: string clients: type: array items: type: string resources: type: array items: type: string creator: type: string description: type: string type: type: string creationDate: type: string format: date-time expirationDate: type: string format: date-time deletable: type: boolean ttl: type: integer format: int32 securitySchemes: oauth2: type: oauth2 flows: clientCredentials: tokenUrl: "https://{op-hostname}/.../token" scopes: https://jans.io/oauth/jans-auth-server/config/properties.readonly: View Auth Server properties related information https://jans.io/oauth/jans-auth-server/config/properties.write: Manage Auth Server properties related information https://jans.io/oauth/config/attributes.readonly: View attribute related information https://jans.io/oauth/config/attributes.write: Manage attribute related information https://jans.io/oauth/config/attributes.delete: Delete attribute related information https://jans.io/oauth/config/acrs.readonly: View ACRS related information https://jans.io/oauth/config/acrs.write: Manage ACRS related information https://jans.io/oauth/config/database/ldap.readonly: View LDAP database related information https://jans.io/oauth/config/database/ldap.write: Manage LDAP database related information https://jans.io/oauth/config/database/ldap.delete: Delete LDAP database related information https://jans.io/oauth/config/scripts.readonly: View cache scripts information https://jans.io/oauth/config/scripts.write: Manage scripts related information https://jans.io/oauth/config/scripts.delete: Delete scripts related information https://jans.io/oauth/config/cache.readonly: View cache related information https://jans.io/oauth/config/cache.write: Manage cache related information https://jans.io/oauth/config/smtp.readonly: View SMTP related information https://jans.io/oauth/config/smtp.write: Manage SMTP related information https://jans.io/oauth/config/smtp.delete: Delete SMTP related information https://jans.io/oauth/config/logging.readonly: View logging related information https://jans.io/oauth/config/logging.write: Manage logging related information https://jans.io/oauth/config/jwks.readonly: View JWKS related information https://jans.io/oauth/config/jwks.write: Manage JWKS related information https://jans.io/oauth/config/jwks.delete: Delete JWKS related information https://jans.io/oauth/config/openid/clients.readonly: View clients related information https://jans.io/oauth/config/openid/clients.write: Manage clients related information https://jans.io/oauth/config/openid/clients.delete: Delete clients related information https://jans.io/oauth/config/scopes.readonly: View scope related information https://jans.io/oauth/config/scopes.write: Manage scope related information https://jans.io/oauth/config/scopes.delete: Delete scope related information https://jans.io/oauth/config/uma/resources.readonly: View UMA Resource related information https://jans.io/oauth/config/uma/resources.write: Manage UMA Resource related information https://jans.io/oauth/config/uma/resources.delete: Delete UMA Resource related information https://jans.io/oauth/config/stats.readonly: View server with basic statistic https://jans.io/oauth/config/organization.readonly: View organization configuration information https://jans.io/oauth/config/organization.write: Manage organization configuration information https://jans.io/oauth/config/agama.readonly: View Agama Flow related information https://jans.io/oauth/config/agama.write: Manage Agama Flow related information https://jans.io/oauth/config/agama.delete: Delete Agama Flow related information https://jans.io/oauth/jans-auth-server/session.readonly: View Session related information https://jans.io/oauth/jans-auth-server/session.delete: Delete Session information https://jans.io/oauth/config/read-all: Admin read scope https://jans.io/oauth/config/write-all: Admin write scope https://jans.io/oauth/config/delete-all: Admin delete scope https://jans.io/oauth/config/openid-read: View OpenID functionality https://jans.io/oauth/config/openid/openid-write: Manage OpenID functionality https://jans.io/oauth/config/openid/openid-delete: Delete OpenID functionality https://jans.io/oauth/config/uma-read: View UMA functionality https://jans.io/oauth/config/uma-write: Manage UMA functionality https://jans.io/oauth/config/uma-delete: Delete UMA functionality https://jans.io/oauth/config/plugin.readonly: View Plugin information https://jans.io/oauth/config/properties.readonly: View Config-API related configuration properties https://jans.io/oauth/config/properties.write: Manage Config-API related configuration properties https://jans.io/oauth/client/authorizations.readonly: View ClientAuthorizations https://jans.io/oauth/client/authorizations.delete: Revoke ClientAuthorizations https://jans.io/oauth/config/jans_asset-read: View Jans Assets https://jans.io/oauth/config/jans_asset-write: Manage Jans Assets https://jans.io/oauth/config/jans_asset-delete: Delete Jans Assets