Documentation ¶
Index ¶
- Constants
- type AuthorizationDetailType
- type AuthorizationDetailWithServiceDeveloperResponse
- func (m *AuthorizationDetailWithServiceDeveloperResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error
- func (m *AuthorizationDetailWithServiceDeveloperResponse) MarshalBinary() ([]byte, error)
- func (m *AuthorizationDetailWithServiceDeveloperResponse) UnmarshalBinary(b []byte) error
- func (m *AuthorizationDetailWithServiceDeveloperResponse) Validate(formats strfmt.Registry) error
- type ClientDeveloperResponse
- func (m *ClientDeveloperResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error
- func (m *ClientDeveloperResponse) MarshalBinary() ([]byte, error)
- func (m *ClientDeveloperResponse) UnmarshalBinary(b []byte) error
- func (m *ClientDeveloperResponse) Validate(formats strfmt.Registry) error
- type ClientJWK
- type ClientJWKs
- type ClientPrivacy
- type ClientTokenExchangeConfiguration
- func (m *ClientTokenExchangeConfiguration) ContextValidate(ctx context.Context, formats strfmt.Registry) error
- func (m *ClientTokenExchangeConfiguration) MarshalBinary() ([]byte, error)
- func (m *ClientTokenExchangeConfiguration) UnmarshalBinary(b []byte) error
- func (m *ClientTokenExchangeConfiguration) Validate(formats strfmt.Registry) error
- type ClientsForDeveloper
- type CreateClientDeveloperRequest
- func (m *CreateClientDeveloperRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error
- func (m *CreateClientDeveloperRequest) MarshalBinary() ([]byte, error)
- func (m *CreateClientDeveloperRequest) UnmarshalBinary(b []byte) error
- func (m *CreateClientDeveloperRequest) Validate(formats strfmt.Registry) error
- type DeveloperEnvironment
- type Error
- type GetServerDeveloperResponse
- func (m *GetServerDeveloperResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error
- func (m *GetServerDeveloperResponse) MarshalBinary() ([]byte, error)
- func (m *GetServerDeveloperResponse) UnmarshalBinary(b []byte) error
- func (m *GetServerDeveloperResponse) Validate(formats strfmt.Registry) error
- type GetServerWithScopesDeveloperResponse
- func (m *GetServerWithScopesDeveloperResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error
- func (m *GetServerWithScopesDeveloperResponse) MarshalBinary() ([]byte, error)
- func (m *GetServerWithScopesDeveloperResponse) UnmarshalBinary(b []byte) error
- func (m *GetServerWithScopesDeveloperResponse) Validate(formats strfmt.Registry) error
- type ListServersDeveloperResponse
- func (m *ListServersDeveloperResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error
- func (m *ListServersDeveloperResponse) MarshalBinary() ([]byte, error)
- func (m *ListServersDeveloperResponse) UnmarshalBinary(b []byte) error
- func (m *ListServersDeveloperResponse) Validate(formats strfmt.Registry) error
- type PIICategory
- type RedirectURIs
- type ResponseTypes
- type RotateClientSecretDeveloperResponse
- func (m *RotateClientSecretDeveloperResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error
- func (m *RotateClientSecretDeveloperResponse) MarshalBinary() ([]byte, error)
- func (m *RotateClientSecretDeveloperResponse) UnmarshalBinary(b []byte) error
- func (m *RotateClientSecretDeveloperResponse) Validate(formats strfmt.Registry) error
- type ScopePrivacyInformation
- func (m *ScopePrivacyInformation) ContextValidate(ctx context.Context, formats strfmt.Registry) error
- func (m *ScopePrivacyInformation) MarshalBinary() ([]byte, error)
- func (m *ScopePrivacyInformation) UnmarshalBinary(b []byte) error
- func (m *ScopePrivacyInformation) Validate(formats strfmt.Registry) error
- type ScopeWithServiceDeveloperResponse
- func (m *ScopeWithServiceDeveloperResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error
- func (m *ScopeWithServiceDeveloperResponse) MarshalBinary() ([]byte, error)
- func (m *ScopeWithServiceDeveloperResponse) UnmarshalBinary(b []byte) error
- func (m *ScopeWithServiceDeveloperResponse) Validate(formats strfmt.Registry) error
- type SupportedJSONSchema
- type UpdateClientDeveloperRequest
- func (m *UpdateClientDeveloperRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error
- func (m *UpdateClientDeveloperRequest) MarshalBinary() ([]byte, error)
- func (m *UpdateClientDeveloperRequest) UnmarshalBinary(b []byte) error
- func (m *UpdateClientDeveloperRequest) Validate(formats strfmt.Registry) error
Constants ¶
const ( // ClientDeveloperResponseAuthorizationEncryptedResponseAlgRSADashOAEP captures enum value "RSA-OAEP" ClientDeveloperResponseAuthorizationEncryptedResponseAlgRSADashOAEP string = "RSA-OAEP" // ClientDeveloperResponseAuthorizationEncryptedResponseAlgRSADashOAEPDash256 captures enum value "RSA-OAEP-256" ClientDeveloperResponseAuthorizationEncryptedResponseAlgRSADashOAEPDash256 string = "RSA-OAEP-256" )
const ( // ClientDeveloperResponseAuthorizationEncryptedResponseEncA256GCM captures enum value "A256GCM" ClientDeveloperResponseAuthorizationEncryptedResponseEncA256GCM string = "A256GCM" // ClientDeveloperResponseAuthorizationEncryptedResponseEncA128CBCDashHS256 captures enum value "A128CBC-HS256" ClientDeveloperResponseAuthorizationEncryptedResponseEncA128CBCDashHS256 string = "A128CBC-HS256" )
const ( // ClientDeveloperResponseIDTokenEncryptedResponseAlgRSADashOAEP captures enum value "RSA-OAEP" ClientDeveloperResponseIDTokenEncryptedResponseAlgRSADashOAEP string = "RSA-OAEP" // ClientDeveloperResponseIDTokenEncryptedResponseAlgRSADashOAEPDash256 captures enum value "RSA-OAEP-256" ClientDeveloperResponseIDTokenEncryptedResponseAlgRSADashOAEPDash256 string = "RSA-OAEP-256" )
const ( // ClientDeveloperResponseIDTokenEncryptedResponseEncA256GCM captures enum value "A256GCM" ClientDeveloperResponseIDTokenEncryptedResponseEncA256GCM string = "A256GCM" // ClientDeveloperResponseIDTokenEncryptedResponseEncA128CBCDashHS256 captures enum value "A128CBC-HS256" ClientDeveloperResponseIDTokenEncryptedResponseEncA128CBCDashHS256 string = "A128CBC-HS256" )
const ( // ClientDeveloperResponseIDTokenSignedResponseAlgRS256 captures enum value "RS256" ClientDeveloperResponseIDTokenSignedResponseAlgRS256 string = "RS256" // ClientDeveloperResponseIDTokenSignedResponseAlgES256 captures enum value "ES256" ClientDeveloperResponseIDTokenSignedResponseAlgES256 string = "ES256" // ClientDeveloperResponseIDTokenSignedResponseAlgPS256 captures enum value "PS256" ClientDeveloperResponseIDTokenSignedResponseAlgPS256 string = "PS256" )
const ( // ClientDeveloperResponseIntrospectionEndpointAuthMethodClientSecretBasic captures enum value "client_secret_basic" ClientDeveloperResponseIntrospectionEndpointAuthMethodClientSecretBasic string = "client_secret_basic" // ClientDeveloperResponseIntrospectionEndpointAuthMethodClientSecretPost captures enum value "client_secret_post" ClientDeveloperResponseIntrospectionEndpointAuthMethodClientSecretPost string = "client_secret_post" // ClientDeveloperResponseIntrospectionEndpointAuthMethodClientSecretJwt captures enum value "client_secret_jwt" ClientDeveloperResponseIntrospectionEndpointAuthMethodClientSecretJwt string = "client_secret_jwt" // ClientDeveloperResponseIntrospectionEndpointAuthMethodPrivateKeyJwt captures enum value "private_key_jwt" ClientDeveloperResponseIntrospectionEndpointAuthMethodPrivateKeyJwt string = "private_key_jwt" // ClientDeveloperResponseIntrospectionEndpointAuthMethodSelfSignedTLSClientAuth captures enum value "self_signed_tls_client_auth" ClientDeveloperResponseIntrospectionEndpointAuthMethodSelfSignedTLSClientAuth string = "self_signed_tls_client_auth" // ClientDeveloperResponseIntrospectionEndpointAuthMethodTLSClientAuth captures enum value "tls_client_auth" ClientDeveloperResponseIntrospectionEndpointAuthMethodTLSClientAuth string = "tls_client_auth" // ClientDeveloperResponseIntrospectionEndpointAuthMethodNone captures enum value "none" ClientDeveloperResponseIntrospectionEndpointAuthMethodNone string = "none" )
const ( // ClientDeveloperResponseRequestObjectEncryptionAlgRSADashOAEP captures enum value "RSA-OAEP" ClientDeveloperResponseRequestObjectEncryptionAlgRSADashOAEP string = "RSA-OAEP" // ClientDeveloperResponseRequestObjectEncryptionAlgRSADashOAEPDash256 captures enum value "RSA-OAEP-256" ClientDeveloperResponseRequestObjectEncryptionAlgRSADashOAEPDash256 string = "RSA-OAEP-256" )
const ( // ClientDeveloperResponseRequestObjectEncryptionEncA256GCM captures enum value "A256GCM" ClientDeveloperResponseRequestObjectEncryptionEncA256GCM string = "A256GCM" // ClientDeveloperResponseRequestObjectEncryptionEncA128CBCDashHS256 captures enum value "A128CBC-HS256" ClientDeveloperResponseRequestObjectEncryptionEncA128CBCDashHS256 string = "A128CBC-HS256" )
const ( // ClientDeveloperResponseRequestObjectSigningAlgAny captures enum value "any" ClientDeveloperResponseRequestObjectSigningAlgAny string = "any" // ClientDeveloperResponseRequestObjectSigningAlgNone captures enum value "none" ClientDeveloperResponseRequestObjectSigningAlgNone string = "none" // ClientDeveloperResponseRequestObjectSigningAlgRS256 captures enum value "RS256" ClientDeveloperResponseRequestObjectSigningAlgRS256 string = "RS256" // ClientDeveloperResponseRequestObjectSigningAlgES256 captures enum value "ES256" ClientDeveloperResponseRequestObjectSigningAlgES256 string = "ES256" // ClientDeveloperResponseRequestObjectSigningAlgPS256 captures enum value "PS256" ClientDeveloperResponseRequestObjectSigningAlgPS256 string = "PS256" )
const ( // ClientDeveloperResponseRevocationEndpointAuthMethodClientSecretBasic captures enum value "client_secret_basic" ClientDeveloperResponseRevocationEndpointAuthMethodClientSecretBasic string = "client_secret_basic" // ClientDeveloperResponseRevocationEndpointAuthMethodClientSecretPost captures enum value "client_secret_post" ClientDeveloperResponseRevocationEndpointAuthMethodClientSecretPost string = "client_secret_post" // ClientDeveloperResponseRevocationEndpointAuthMethodClientSecretJwt captures enum value "client_secret_jwt" ClientDeveloperResponseRevocationEndpointAuthMethodClientSecretJwt string = "client_secret_jwt" // ClientDeveloperResponseRevocationEndpointAuthMethodPrivateKeyJwt captures enum value "private_key_jwt" ClientDeveloperResponseRevocationEndpointAuthMethodPrivateKeyJwt string = "private_key_jwt" // ClientDeveloperResponseRevocationEndpointAuthMethodSelfSignedTLSClientAuth captures enum value "self_signed_tls_client_auth" ClientDeveloperResponseRevocationEndpointAuthMethodSelfSignedTLSClientAuth string = "self_signed_tls_client_auth" // ClientDeveloperResponseRevocationEndpointAuthMethodTLSClientAuth captures enum value "tls_client_auth" ClientDeveloperResponseRevocationEndpointAuthMethodTLSClientAuth string = "tls_client_auth" // ClientDeveloperResponseRevocationEndpointAuthMethodNone captures enum value "none" ClientDeveloperResponseRevocationEndpointAuthMethodNone string = "none" )
const ( // ClientDeveloperResponseSubjectTypePublic captures enum value "public" ClientDeveloperResponseSubjectTypePublic string = "public" // ClientDeveloperResponseSubjectTypePairwise captures enum value "pairwise" ClientDeveloperResponseSubjectTypePairwise string = "pairwise" )
const ( // ClientDeveloperResponseTokenEndpointAuthMethodClientSecretBasic captures enum value "client_secret_basic" ClientDeveloperResponseTokenEndpointAuthMethodClientSecretBasic string = "client_secret_basic" // ClientDeveloperResponseTokenEndpointAuthMethodClientSecretPost captures enum value "client_secret_post" ClientDeveloperResponseTokenEndpointAuthMethodClientSecretPost string = "client_secret_post" // ClientDeveloperResponseTokenEndpointAuthMethodClientSecretJwt captures enum value "client_secret_jwt" ClientDeveloperResponseTokenEndpointAuthMethodClientSecretJwt string = "client_secret_jwt" // ClientDeveloperResponseTokenEndpointAuthMethodPrivateKeyJwt captures enum value "private_key_jwt" ClientDeveloperResponseTokenEndpointAuthMethodPrivateKeyJwt string = "private_key_jwt" // ClientDeveloperResponseTokenEndpointAuthMethodSelfSignedTLSClientAuth captures enum value "self_signed_tls_client_auth" ClientDeveloperResponseTokenEndpointAuthMethodSelfSignedTLSClientAuth string = "self_signed_tls_client_auth" // ClientDeveloperResponseTokenEndpointAuthMethodTLSClientAuth captures enum value "tls_client_auth" ClientDeveloperResponseTokenEndpointAuthMethodTLSClientAuth string = "tls_client_auth" // ClientDeveloperResponseTokenEndpointAuthMethodNone captures enum value "none" ClientDeveloperResponseTokenEndpointAuthMethodNone string = "none" )
const ( // ClientDeveloperResponseTokenEndpointAuthSigningAlgRS256 captures enum value "RS256" ClientDeveloperResponseTokenEndpointAuthSigningAlgRS256 string = "RS256" // ClientDeveloperResponseTokenEndpointAuthSigningAlgES256 captures enum value "ES256" ClientDeveloperResponseTokenEndpointAuthSigningAlgES256 string = "ES256" // ClientDeveloperResponseTokenEndpointAuthSigningAlgPS256 captures enum value "PS256" ClientDeveloperResponseTokenEndpointAuthSigningAlgPS256 string = "PS256" // ClientDeveloperResponseTokenEndpointAuthSigningAlgHS256 captures enum value "HS256" ClientDeveloperResponseTokenEndpointAuthSigningAlgHS256 string = "HS256" // ClientDeveloperResponseTokenEndpointAuthSigningAlgEmpty captures enum value "" ClientDeveloperResponseTokenEndpointAuthSigningAlgEmpty string = "" )
const ( // ClientDeveloperResponseUserinfoSignedResponseAlgNone captures enum value "none" ClientDeveloperResponseUserinfoSignedResponseAlgNone string = "none" // ClientDeveloperResponseUserinfoSignedResponseAlgRS256 captures enum value "RS256" ClientDeveloperResponseUserinfoSignedResponseAlgRS256 string = "RS256" // ClientDeveloperResponseUserinfoSignedResponseAlgES256 captures enum value "ES256" ClientDeveloperResponseUserinfoSignedResponseAlgES256 string = "ES256" )
const ( // CreateClientDeveloperRequestAuthorizationEncryptedResponseAlgRSADashOAEP captures enum value "RSA-OAEP" CreateClientDeveloperRequestAuthorizationEncryptedResponseAlgRSADashOAEP string = "RSA-OAEP" // CreateClientDeveloperRequestAuthorizationEncryptedResponseAlgRSADashOAEPDash256 captures enum value "RSA-OAEP-256" CreateClientDeveloperRequestAuthorizationEncryptedResponseAlgRSADashOAEPDash256 string = "RSA-OAEP-256" )
const ( // CreateClientDeveloperRequestAuthorizationEncryptedResponseEncA256GCM captures enum value "A256GCM" CreateClientDeveloperRequestAuthorizationEncryptedResponseEncA256GCM string = "A256GCM" // CreateClientDeveloperRequestAuthorizationEncryptedResponseEncA128CBCDashHS256 captures enum value "A128CBC-HS256" CreateClientDeveloperRequestAuthorizationEncryptedResponseEncA128CBCDashHS256 string = "A128CBC-HS256" )
const ( // CreateClientDeveloperRequestIDTokenEncryptedResponseAlgRSADashOAEP captures enum value "RSA-OAEP" CreateClientDeveloperRequestIDTokenEncryptedResponseAlgRSADashOAEP string = "RSA-OAEP" // CreateClientDeveloperRequestIDTokenEncryptedResponseAlgRSADashOAEPDash256 captures enum value "RSA-OAEP-256" CreateClientDeveloperRequestIDTokenEncryptedResponseAlgRSADashOAEPDash256 string = "RSA-OAEP-256" )
const ( // CreateClientDeveloperRequestIDTokenEncryptedResponseEncA256GCM captures enum value "A256GCM" CreateClientDeveloperRequestIDTokenEncryptedResponseEncA256GCM string = "A256GCM" // CreateClientDeveloperRequestIDTokenEncryptedResponseEncA128CBCDashHS256 captures enum value "A128CBC-HS256" CreateClientDeveloperRequestIDTokenEncryptedResponseEncA128CBCDashHS256 string = "A128CBC-HS256" )
const ( // CreateClientDeveloperRequestIDTokenSignedResponseAlgRS256 captures enum value "RS256" CreateClientDeveloperRequestIDTokenSignedResponseAlgRS256 string = "RS256" // CreateClientDeveloperRequestIDTokenSignedResponseAlgES256 captures enum value "ES256" CreateClientDeveloperRequestIDTokenSignedResponseAlgES256 string = "ES256" // CreateClientDeveloperRequestIDTokenSignedResponseAlgPS256 captures enum value "PS256" CreateClientDeveloperRequestIDTokenSignedResponseAlgPS256 string = "PS256" )
const ( // CreateClientDeveloperRequestIntrospectionEndpointAuthMethodClientSecretBasic captures enum value "client_secret_basic" CreateClientDeveloperRequestIntrospectionEndpointAuthMethodClientSecretBasic string = "client_secret_basic" // CreateClientDeveloperRequestIntrospectionEndpointAuthMethodClientSecretPost captures enum value "client_secret_post" CreateClientDeveloperRequestIntrospectionEndpointAuthMethodClientSecretPost string = "client_secret_post" // CreateClientDeveloperRequestIntrospectionEndpointAuthMethodClientSecretJwt captures enum value "client_secret_jwt" CreateClientDeveloperRequestIntrospectionEndpointAuthMethodClientSecretJwt string = "client_secret_jwt" // CreateClientDeveloperRequestIntrospectionEndpointAuthMethodPrivateKeyJwt captures enum value "private_key_jwt" CreateClientDeveloperRequestIntrospectionEndpointAuthMethodPrivateKeyJwt string = "private_key_jwt" // CreateClientDeveloperRequestIntrospectionEndpointAuthMethodSelfSignedTLSClientAuth captures enum value "self_signed_tls_client_auth" CreateClientDeveloperRequestIntrospectionEndpointAuthMethodSelfSignedTLSClientAuth string = "self_signed_tls_client_auth" // CreateClientDeveloperRequestIntrospectionEndpointAuthMethodTLSClientAuth captures enum value "tls_client_auth" CreateClientDeveloperRequestIntrospectionEndpointAuthMethodTLSClientAuth string = "tls_client_auth" // CreateClientDeveloperRequestIntrospectionEndpointAuthMethodNone captures enum value "none" CreateClientDeveloperRequestIntrospectionEndpointAuthMethodNone string = "none" )
const ( // CreateClientDeveloperRequestRequestObjectEncryptionAlgRSADashOAEP captures enum value "RSA-OAEP" CreateClientDeveloperRequestRequestObjectEncryptionAlgRSADashOAEP string = "RSA-OAEP" // CreateClientDeveloperRequestRequestObjectEncryptionAlgRSADashOAEPDash256 captures enum value "RSA-OAEP-256" CreateClientDeveloperRequestRequestObjectEncryptionAlgRSADashOAEPDash256 string = "RSA-OAEP-256" )
const ( // CreateClientDeveloperRequestRequestObjectEncryptionEncA256GCM captures enum value "A256GCM" CreateClientDeveloperRequestRequestObjectEncryptionEncA256GCM string = "A256GCM" // CreateClientDeveloperRequestRequestObjectEncryptionEncA128CBCDashHS256 captures enum value "A128CBC-HS256" CreateClientDeveloperRequestRequestObjectEncryptionEncA128CBCDashHS256 string = "A128CBC-HS256" )
const ( // CreateClientDeveloperRequestRequestObjectSigningAlgAny captures enum value "any" CreateClientDeveloperRequestRequestObjectSigningAlgAny string = "any" // CreateClientDeveloperRequestRequestObjectSigningAlgNone captures enum value "none" CreateClientDeveloperRequestRequestObjectSigningAlgNone string = "none" // CreateClientDeveloperRequestRequestObjectSigningAlgRS256 captures enum value "RS256" CreateClientDeveloperRequestRequestObjectSigningAlgRS256 string = "RS256" // CreateClientDeveloperRequestRequestObjectSigningAlgES256 captures enum value "ES256" CreateClientDeveloperRequestRequestObjectSigningAlgES256 string = "ES256" // CreateClientDeveloperRequestRequestObjectSigningAlgPS256 captures enum value "PS256" CreateClientDeveloperRequestRequestObjectSigningAlgPS256 string = "PS256" )
const ( // CreateClientDeveloperRequestRevocationEndpointAuthMethodClientSecretBasic captures enum value "client_secret_basic" CreateClientDeveloperRequestRevocationEndpointAuthMethodClientSecretBasic string = "client_secret_basic" // CreateClientDeveloperRequestRevocationEndpointAuthMethodClientSecretPost captures enum value "client_secret_post" CreateClientDeveloperRequestRevocationEndpointAuthMethodClientSecretPost string = "client_secret_post" // CreateClientDeveloperRequestRevocationEndpointAuthMethodClientSecretJwt captures enum value "client_secret_jwt" CreateClientDeveloperRequestRevocationEndpointAuthMethodClientSecretJwt string = "client_secret_jwt" // CreateClientDeveloperRequestRevocationEndpointAuthMethodPrivateKeyJwt captures enum value "private_key_jwt" CreateClientDeveloperRequestRevocationEndpointAuthMethodPrivateKeyJwt string = "private_key_jwt" // CreateClientDeveloperRequestRevocationEndpointAuthMethodSelfSignedTLSClientAuth captures enum value "self_signed_tls_client_auth" CreateClientDeveloperRequestRevocationEndpointAuthMethodSelfSignedTLSClientAuth string = "self_signed_tls_client_auth" // CreateClientDeveloperRequestRevocationEndpointAuthMethodTLSClientAuth captures enum value "tls_client_auth" CreateClientDeveloperRequestRevocationEndpointAuthMethodTLSClientAuth string = "tls_client_auth" // CreateClientDeveloperRequestRevocationEndpointAuthMethodNone captures enum value "none" CreateClientDeveloperRequestRevocationEndpointAuthMethodNone string = "none" )
const ( // CreateClientDeveloperRequestSubjectTypePublic captures enum value "public" CreateClientDeveloperRequestSubjectTypePublic string = "public" // CreateClientDeveloperRequestSubjectTypePairwise captures enum value "pairwise" CreateClientDeveloperRequestSubjectTypePairwise string = "pairwise" )
const ( // CreateClientDeveloperRequestTokenEndpointAuthMethodClientSecretBasic captures enum value "client_secret_basic" CreateClientDeveloperRequestTokenEndpointAuthMethodClientSecretBasic string = "client_secret_basic" // CreateClientDeveloperRequestTokenEndpointAuthMethodClientSecretPost captures enum value "client_secret_post" CreateClientDeveloperRequestTokenEndpointAuthMethodClientSecretPost string = "client_secret_post" // CreateClientDeveloperRequestTokenEndpointAuthMethodClientSecretJwt captures enum value "client_secret_jwt" CreateClientDeveloperRequestTokenEndpointAuthMethodClientSecretJwt string = "client_secret_jwt" // CreateClientDeveloperRequestTokenEndpointAuthMethodPrivateKeyJwt captures enum value "private_key_jwt" CreateClientDeveloperRequestTokenEndpointAuthMethodPrivateKeyJwt string = "private_key_jwt" // CreateClientDeveloperRequestTokenEndpointAuthMethodSelfSignedTLSClientAuth captures enum value "self_signed_tls_client_auth" CreateClientDeveloperRequestTokenEndpointAuthMethodSelfSignedTLSClientAuth string = "self_signed_tls_client_auth" // CreateClientDeveloperRequestTokenEndpointAuthMethodTLSClientAuth captures enum value "tls_client_auth" CreateClientDeveloperRequestTokenEndpointAuthMethodTLSClientAuth string = "tls_client_auth" // CreateClientDeveloperRequestTokenEndpointAuthMethodNone captures enum value "none" CreateClientDeveloperRequestTokenEndpointAuthMethodNone string = "none" )
const ( // CreateClientDeveloperRequestTokenEndpointAuthSigningAlgRS256 captures enum value "RS256" CreateClientDeveloperRequestTokenEndpointAuthSigningAlgRS256 string = "RS256" // CreateClientDeveloperRequestTokenEndpointAuthSigningAlgES256 captures enum value "ES256" CreateClientDeveloperRequestTokenEndpointAuthSigningAlgES256 string = "ES256" // CreateClientDeveloperRequestTokenEndpointAuthSigningAlgPS256 captures enum value "PS256" CreateClientDeveloperRequestTokenEndpointAuthSigningAlgPS256 string = "PS256" // CreateClientDeveloperRequestTokenEndpointAuthSigningAlgHS256 captures enum value "HS256" CreateClientDeveloperRequestTokenEndpointAuthSigningAlgHS256 string = "HS256" // CreateClientDeveloperRequestTokenEndpointAuthSigningAlgEmpty captures enum value "" CreateClientDeveloperRequestTokenEndpointAuthSigningAlgEmpty string = "" )
const ( // CreateClientDeveloperRequestUserinfoSignedResponseAlgNone captures enum value "none" CreateClientDeveloperRequestUserinfoSignedResponseAlgNone string = "none" // CreateClientDeveloperRequestUserinfoSignedResponseAlgRS256 captures enum value "RS256" CreateClientDeveloperRequestUserinfoSignedResponseAlgRS256 string = "RS256" // CreateClientDeveloperRequestUserinfoSignedResponseAlgES256 captures enum value "ES256" CreateClientDeveloperRequestUserinfoSignedResponseAlgES256 string = "ES256" )
const ( // UpdateClientDeveloperRequestAuthorizationEncryptedResponseAlgRSADashOAEP captures enum value "RSA-OAEP" UpdateClientDeveloperRequestAuthorizationEncryptedResponseAlgRSADashOAEP string = "RSA-OAEP" // UpdateClientDeveloperRequestAuthorizationEncryptedResponseAlgRSADashOAEPDash256 captures enum value "RSA-OAEP-256" UpdateClientDeveloperRequestAuthorizationEncryptedResponseAlgRSADashOAEPDash256 string = "RSA-OAEP-256" )
const ( // UpdateClientDeveloperRequestAuthorizationEncryptedResponseEncA256GCM captures enum value "A256GCM" UpdateClientDeveloperRequestAuthorizationEncryptedResponseEncA256GCM string = "A256GCM" // UpdateClientDeveloperRequestAuthorizationEncryptedResponseEncA128CBCDashHS256 captures enum value "A128CBC-HS256" UpdateClientDeveloperRequestAuthorizationEncryptedResponseEncA128CBCDashHS256 string = "A128CBC-HS256" )
const ( // UpdateClientDeveloperRequestIDTokenEncryptedResponseAlgRSADashOAEP captures enum value "RSA-OAEP" UpdateClientDeveloperRequestIDTokenEncryptedResponseAlgRSADashOAEP string = "RSA-OAEP" // UpdateClientDeveloperRequestIDTokenEncryptedResponseAlgRSADashOAEPDash256 captures enum value "RSA-OAEP-256" UpdateClientDeveloperRequestIDTokenEncryptedResponseAlgRSADashOAEPDash256 string = "RSA-OAEP-256" )
const ( // UpdateClientDeveloperRequestIDTokenEncryptedResponseEncA256GCM captures enum value "A256GCM" UpdateClientDeveloperRequestIDTokenEncryptedResponseEncA256GCM string = "A256GCM" // UpdateClientDeveloperRequestIDTokenEncryptedResponseEncA128CBCDashHS256 captures enum value "A128CBC-HS256" UpdateClientDeveloperRequestIDTokenEncryptedResponseEncA128CBCDashHS256 string = "A128CBC-HS256" )
const ( // UpdateClientDeveloperRequestIDTokenSignedResponseAlgRS256 captures enum value "RS256" UpdateClientDeveloperRequestIDTokenSignedResponseAlgRS256 string = "RS256" // UpdateClientDeveloperRequestIDTokenSignedResponseAlgES256 captures enum value "ES256" UpdateClientDeveloperRequestIDTokenSignedResponseAlgES256 string = "ES256" // UpdateClientDeveloperRequestIDTokenSignedResponseAlgPS256 captures enum value "PS256" UpdateClientDeveloperRequestIDTokenSignedResponseAlgPS256 string = "PS256" )
const ( // UpdateClientDeveloperRequestIntrospectionEndpointAuthMethodClientSecretBasic captures enum value "client_secret_basic" UpdateClientDeveloperRequestIntrospectionEndpointAuthMethodClientSecretBasic string = "client_secret_basic" // UpdateClientDeveloperRequestIntrospectionEndpointAuthMethodClientSecretPost captures enum value "client_secret_post" UpdateClientDeveloperRequestIntrospectionEndpointAuthMethodClientSecretPost string = "client_secret_post" // UpdateClientDeveloperRequestIntrospectionEndpointAuthMethodClientSecretJwt captures enum value "client_secret_jwt" UpdateClientDeveloperRequestIntrospectionEndpointAuthMethodClientSecretJwt string = "client_secret_jwt" // UpdateClientDeveloperRequestIntrospectionEndpointAuthMethodPrivateKeyJwt captures enum value "private_key_jwt" UpdateClientDeveloperRequestIntrospectionEndpointAuthMethodPrivateKeyJwt string = "private_key_jwt" // UpdateClientDeveloperRequestIntrospectionEndpointAuthMethodSelfSignedTLSClientAuth captures enum value "self_signed_tls_client_auth" UpdateClientDeveloperRequestIntrospectionEndpointAuthMethodSelfSignedTLSClientAuth string = "self_signed_tls_client_auth" // UpdateClientDeveloperRequestIntrospectionEndpointAuthMethodTLSClientAuth captures enum value "tls_client_auth" UpdateClientDeveloperRequestIntrospectionEndpointAuthMethodTLSClientAuth string = "tls_client_auth" // UpdateClientDeveloperRequestIntrospectionEndpointAuthMethodNone captures enum value "none" UpdateClientDeveloperRequestIntrospectionEndpointAuthMethodNone string = "none" )
const ( // UpdateClientDeveloperRequestRequestObjectEncryptionAlgRSADashOAEP captures enum value "RSA-OAEP" UpdateClientDeveloperRequestRequestObjectEncryptionAlgRSADashOAEP string = "RSA-OAEP" // UpdateClientDeveloperRequestRequestObjectEncryptionAlgRSADashOAEPDash256 captures enum value "RSA-OAEP-256" UpdateClientDeveloperRequestRequestObjectEncryptionAlgRSADashOAEPDash256 string = "RSA-OAEP-256" )
const ( // UpdateClientDeveloperRequestRequestObjectEncryptionEncA256GCM captures enum value "A256GCM" UpdateClientDeveloperRequestRequestObjectEncryptionEncA256GCM string = "A256GCM" // UpdateClientDeveloperRequestRequestObjectEncryptionEncA128CBCDashHS256 captures enum value "A128CBC-HS256" UpdateClientDeveloperRequestRequestObjectEncryptionEncA128CBCDashHS256 string = "A128CBC-HS256" )
const ( // UpdateClientDeveloperRequestRequestObjectSigningAlgAny captures enum value "any" UpdateClientDeveloperRequestRequestObjectSigningAlgAny string = "any" // UpdateClientDeveloperRequestRequestObjectSigningAlgNone captures enum value "none" UpdateClientDeveloperRequestRequestObjectSigningAlgNone string = "none" // UpdateClientDeveloperRequestRequestObjectSigningAlgRS256 captures enum value "RS256" UpdateClientDeveloperRequestRequestObjectSigningAlgRS256 string = "RS256" // UpdateClientDeveloperRequestRequestObjectSigningAlgES256 captures enum value "ES256" UpdateClientDeveloperRequestRequestObjectSigningAlgES256 string = "ES256" // UpdateClientDeveloperRequestRequestObjectSigningAlgPS256 captures enum value "PS256" UpdateClientDeveloperRequestRequestObjectSigningAlgPS256 string = "PS256" )
const ( // UpdateClientDeveloperRequestRevocationEndpointAuthMethodClientSecretBasic captures enum value "client_secret_basic" UpdateClientDeveloperRequestRevocationEndpointAuthMethodClientSecretBasic string = "client_secret_basic" // UpdateClientDeveloperRequestRevocationEndpointAuthMethodClientSecretPost captures enum value "client_secret_post" UpdateClientDeveloperRequestRevocationEndpointAuthMethodClientSecretPost string = "client_secret_post" // UpdateClientDeveloperRequestRevocationEndpointAuthMethodClientSecretJwt captures enum value "client_secret_jwt" UpdateClientDeveloperRequestRevocationEndpointAuthMethodClientSecretJwt string = "client_secret_jwt" // UpdateClientDeveloperRequestRevocationEndpointAuthMethodPrivateKeyJwt captures enum value "private_key_jwt" UpdateClientDeveloperRequestRevocationEndpointAuthMethodPrivateKeyJwt string = "private_key_jwt" // UpdateClientDeveloperRequestRevocationEndpointAuthMethodSelfSignedTLSClientAuth captures enum value "self_signed_tls_client_auth" UpdateClientDeveloperRequestRevocationEndpointAuthMethodSelfSignedTLSClientAuth string = "self_signed_tls_client_auth" // UpdateClientDeveloperRequestRevocationEndpointAuthMethodTLSClientAuth captures enum value "tls_client_auth" UpdateClientDeveloperRequestRevocationEndpointAuthMethodTLSClientAuth string = "tls_client_auth" // UpdateClientDeveloperRequestRevocationEndpointAuthMethodNone captures enum value "none" UpdateClientDeveloperRequestRevocationEndpointAuthMethodNone string = "none" )
const ( // UpdateClientDeveloperRequestSubjectTypePublic captures enum value "public" UpdateClientDeveloperRequestSubjectTypePublic string = "public" // UpdateClientDeveloperRequestSubjectTypePairwise captures enum value "pairwise" UpdateClientDeveloperRequestSubjectTypePairwise string = "pairwise" )
const ( // UpdateClientDeveloperRequestTokenEndpointAuthMethodClientSecretBasic captures enum value "client_secret_basic" UpdateClientDeveloperRequestTokenEndpointAuthMethodClientSecretBasic string = "client_secret_basic" // UpdateClientDeveloperRequestTokenEndpointAuthMethodClientSecretPost captures enum value "client_secret_post" UpdateClientDeveloperRequestTokenEndpointAuthMethodClientSecretPost string = "client_secret_post" // UpdateClientDeveloperRequestTokenEndpointAuthMethodClientSecretJwt captures enum value "client_secret_jwt" UpdateClientDeveloperRequestTokenEndpointAuthMethodClientSecretJwt string = "client_secret_jwt" // UpdateClientDeveloperRequestTokenEndpointAuthMethodPrivateKeyJwt captures enum value "private_key_jwt" UpdateClientDeveloperRequestTokenEndpointAuthMethodPrivateKeyJwt string = "private_key_jwt" // UpdateClientDeveloperRequestTokenEndpointAuthMethodSelfSignedTLSClientAuth captures enum value "self_signed_tls_client_auth" UpdateClientDeveloperRequestTokenEndpointAuthMethodSelfSignedTLSClientAuth string = "self_signed_tls_client_auth" // UpdateClientDeveloperRequestTokenEndpointAuthMethodTLSClientAuth captures enum value "tls_client_auth" UpdateClientDeveloperRequestTokenEndpointAuthMethodTLSClientAuth string = "tls_client_auth" // UpdateClientDeveloperRequestTokenEndpointAuthMethodNone captures enum value "none" UpdateClientDeveloperRequestTokenEndpointAuthMethodNone string = "none" )
const ( // UpdateClientDeveloperRequestTokenEndpointAuthSigningAlgRS256 captures enum value "RS256" UpdateClientDeveloperRequestTokenEndpointAuthSigningAlgRS256 string = "RS256" // UpdateClientDeveloperRequestTokenEndpointAuthSigningAlgES256 captures enum value "ES256" UpdateClientDeveloperRequestTokenEndpointAuthSigningAlgES256 string = "ES256" // UpdateClientDeveloperRequestTokenEndpointAuthSigningAlgPS256 captures enum value "PS256" UpdateClientDeveloperRequestTokenEndpointAuthSigningAlgPS256 string = "PS256" // UpdateClientDeveloperRequestTokenEndpointAuthSigningAlgHS256 captures enum value "HS256" UpdateClientDeveloperRequestTokenEndpointAuthSigningAlgHS256 string = "HS256" // UpdateClientDeveloperRequestTokenEndpointAuthSigningAlgEmpty captures enum value "" UpdateClientDeveloperRequestTokenEndpointAuthSigningAlgEmpty string = "" )
const ( // UpdateClientDeveloperRequestUserinfoSignedResponseAlgNone captures enum value "none" UpdateClientDeveloperRequestUserinfoSignedResponseAlgNone string = "none" // UpdateClientDeveloperRequestUserinfoSignedResponseAlgRS256 captures enum value "RS256" UpdateClientDeveloperRequestUserinfoSignedResponseAlgRS256 string = "RS256" // UpdateClientDeveloperRequestUserinfoSignedResponseAlgES256 captures enum value "ES256" UpdateClientDeveloperRequestUserinfoSignedResponseAlgES256 string = "ES256" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthorizationDetailType ¶
type AuthorizationDetailType string
AuthorizationDetailType authorization detail type
swagger:model AuthorizationDetailType
func (AuthorizationDetailType) ContextValidate ¶
func (m AuthorizationDetailType) ContextValidate(ctx context.Context, formats strfmt.Registry) error
ContextValidate validates this authorization detail type based on context it is used
type AuthorizationDetailWithServiceDeveloperResponse ¶
type AuthorizationDetailWithServiceDeveloperResponse struct { // Description // Example: Authorization detail for payment initiation Description string `json:"description,omitempty" yaml:"description,omitempty"` // Display name // Example: Payment Initiation Name string `json:"name,omitempty" yaml:"name,omitempty"` // schema Schema *SupportedJSONSchema `json:"schema,omitempty" yaml:"schema,omitempty"` // service description // Example: service description ServiceDescription string `json:"service_description,omitempty" yaml:"service_description,omitempty"` // service id // Example: 1 ServiceID string `json:"service_id,omitempty" yaml:"service_id,omitempty"` // service name // Example: service ServiceName string `json:"service_name,omitempty" yaml:"service_name,omitempty"` // Authorization detail type as defined in RFC: https://datatracker.ietf.org/doc/html/rfc9396 // Must be unique within the authorization server. // Example: payment_initiation // Required: true Type string `json:"type" yaml:"type"` }
AuthorizationDetailWithServiceDeveloperResponse authorization detail with service developer response
swagger:model AuthorizationDetailWithServiceDeveloperResponse
func (*AuthorizationDetailWithServiceDeveloperResponse) ContextValidate ¶
func (m *AuthorizationDetailWithServiceDeveloperResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error
ContextValidate validate this authorization detail with service developer response based on the context it is used
func (*AuthorizationDetailWithServiceDeveloperResponse) MarshalBinary ¶
func (m *AuthorizationDetailWithServiceDeveloperResponse) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*AuthorizationDetailWithServiceDeveloperResponse) UnmarshalBinary ¶
func (m *AuthorizationDetailWithServiceDeveloperResponse) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type ClientDeveloperResponse ¶
type ClientDeveloperResponse struct { // The client application type. // // Client applications can be either of a `web` or `native` types. // // Web applications include clients like server web applications or service apps. // // Native applications include single-page applications (SPAs) and mobile or desktop // applications. // // Apply security measures according to the type of your application. // Example: web ApplicationType string `json:"application_type,omitempty" yaml:"application_type,omitempty"` // An array of dynamically calculated application types that can be used for filtering // Example: ["single_page","server_web","mobile_desktop","service","legacy","dcr"] // Read Only: true ApplicationTypes []string `json:"application_types" yaml:"application_types"` // Identity of the intended recipients (the audience). // // Typically, the audience is a single resource server or a list of resource servers. // // It is considered a good practice to limit the audience of the token for security purposes. Audience []string `json:"audience" yaml:"audience"` // Authorization details types // // Indicates what authorization details types the client can use. AuthorizationDetailsTypes []AuthorizationDetailType `json:"authorization_details_types" yaml:"authorization_details_types"` // Algorithm used for encrypting authorization responses. // // If both signing and encryption are requested, the response is first signed, and then encrypted. // As a result, a Nested JWT is obtained, as defined in JWT [RFC7519]. // // If omitted, no encryption is applied by default. // Example: RSA-OAEP-256 // Enum: [RSA-OAEP RSA-OAEP-256] AuthorizationEncryptedResponseAlg string `json:"authorization_encrypted_response_alg,omitempty" yaml:"authorization_encrypted_response_alg,omitempty"` // Algorithm used for encrypting authorization responses. // // With `authorization_encrypted_response_alg` specified, the default value is `A128CBC-HS256`. // When `authorization_encrypted_response_enc` is included, `authorization_encrypted_response_alg` // MUST also be provided in a request. // Example: A128CBC-HS256 // Enum: [A256GCM A128CBC-HS256] AuthorizationEncryptedResponseEnc string `json:"authorization_encrypted_response_enc,omitempty" yaml:"authorization_encrypted_response_enc,omitempty"` // An authorization server (workspace) identifier holding the client application. // Example: default // Required: true AuthorizationServerID string `json:"authorization_server_id" yaml:"authorization_server_id"` // Algorithm used for signing authorization responses. // // With this parameter specified, the response is signed using JWS and according to the configured algorithm. // // `none` isn't allowed. // Example: RS256 AuthorizationSignedResponseAlg string `json:"authorization_signed_response_alg,omitempty" yaml:"authorization_signed_response_alg,omitempty"` // OPTIONAL. The JWS alg algorithm value used by the client application to sign authentication requests. // // When omitted, the client application doesn't send signed authentication requests. BackchannelAuthenticationRequestSigningAlg string `` /* 127-byte string literal not displayed */ // REQUIRED for requests when the client application uses CIBA as an authorization grant type, and the token // delivery mode is set to `ping` or `push`. // // This parameter is the endpoint where an OP (OpenID Provider) posts a notification after end-user authentication. // // Input: an HTTPS URL. BackchannelClientNotificationEndpoint string `json:"backchannel_client_notification_endpoint,omitempty" yaml:"backchannel_client_notification_endpoint,omitempty"` // REQUIRED for requests when the client application uses CIBA as an authorization grant type. // // Input: `poll`, `ping`, or `push`. BackchannelTokenDeliveryMode string `json:"backchannel_token_delivery_mode,omitempty" yaml:"backchannel_token_delivery_mode,omitempty"` // OPTIONAL. A boolean value indicating the `user_code` parameter support by the client application. // // If omitted, the default value is `false`. // // This applies only when the `backchannel_user_code_parameter_supported` OP parameter is `true`. BackchannelUserCodeParameter bool `json:"backchannel_user_code_parameter,omitempty" yaml:"backchannel_user_code_parameter,omitempty"` // OAuth client application identifier // // If not provided, a random client ID is generated. ClientID string `json:"client_id,omitempty" yaml:"client_id,omitempty"` // The client identifier time of issue. // // The value is the number of seconds between 1970-01-01T00:00:00Z (UTC) and the date/time of issue. ClientIDIssuedAt int64 `json:"client_id_issued_at,omitempty" yaml:"client_id_issued_at,omitempty"` // Human-readable name of a client application. // Example: My app ClientName string `json:"client_name,omitempty" yaml:"client_name,omitempty"` // OAuth client secret // // If not provided, a random client secret is generated. // Min Length: 32 ClientSecret string `json:"client_secret,omitempty" yaml:"client_secret,omitempty"` // The client secret expiration time. // // If the client secret does not expire, `client_secret_expires_at` = `0`. ClientSecretExpiresAt int64 `json:"client_secret_expires_at,omitempty" yaml:"client_secret_expires_at,omitempty"` // URI of a client application. ClientURI string `json:"client_uri,omitempty" yaml:"client_uri,omitempty"` // Date when the client application was created. // Example: 2022-04-07T19:17:31.323187Z // Format: date-time CreatedAt strfmt.DateTime `json:"created_at,omitempty" yaml:"created_at,omitempty"` // Description of the client application. Description string `json:"description,omitempty" yaml:"description,omitempty"` // Boolean value specifying whether the client always uses DPoP for token requests // If true, the authorization server will reject token requests from this client that do not contain the DPoP header. DpopBoundAccessTokens bool `json:"dpop_bound_access_tokens,omitempty" yaml:"dpop_bound_access_tokens,omitempty"` // An array of allowed OAuth client grant types. // // The `grantTypes` array stores OAuth flows that are allowed for a given client application. // // [Read more](https://cloudentity.com/developers/basics/oauth-grant-types/grant-types-overview/) about grant types. // Example: ["password","refresh_token","client_credentials","implicit","authorization_code"] GrantTypes []string `json:"grant_types" yaml:"grant_types"` // An array of hashed rotated client secrets HashedRotatedSecrets []string `json:"hashed_rotated_secrets" yaml:"hashed_rotated_secrets"` // Hashed client secret // // Hashing client secrets provides additional security for your secrets storage as it hides // plaintext secrets from being viewed both in the UI and the database. HashedSecret string `json:"hashed_secret,omitempty" yaml:"hashed_secret,omitempty"` // JWE alg algorithm for encrypting the ID token issued to this client application. // Enum: [RSA-OAEP RSA-OAEP-256] IDTokenEncryptedResponseAlg string `json:"id_token_encrypted_response_alg,omitempty" yaml:"id_token_encrypted_response_alg,omitempty"` // JWE enc algorithm for encrypting the ID token issued to this client application. // Enum: [A256GCM A128CBC-HS256] IDTokenEncryptedResponseEnc string `json:"id_token_encrypted_response_enc,omitempty" yaml:"id_token_encrypted_response_enc,omitempty"` // Algorithm for signing ID tokens issued for a client application. // // The default value depends on authorization server configuration. // Example: ES256 // Enum: [RS256 ES256 PS256] IDTokenSignedResponseAlg string `json:"id_token_signed_response_alg,omitempty" yaml:"id_token_signed_response_alg,omitempty"` // An introspection endpoint authentication method configured for the client application (read-only). // // If empty, the `token_endpoint_auth_method` is used. // // Cloudentity supports the following client authentication methods: // `client_secret_basic`, `client_secret_post`, `client_secret_jwt`, `private_key_jwt`, // `self_signed_tls_client_auth`, `tls_client_auth`, `none`. // // [Read more](https://cloudentity.com/developers/basics/oauth-client-authentication/client-authentication-overview/) about client authentication. // Example: client_secret_basic // Enum: [client_secret_basic client_secret_post client_secret_jwt private_key_jwt self_signed_tls_client_auth tls_client_auth none] IntrospectionEndpointAuthMethod string `json:"introspection_endpoint_auth_method,omitempty" yaml:"introspection_endpoint_auth_method,omitempty"` // jwks Jwks *ClientJWKs `json:"jwks,omitempty" yaml:"jwks,omitempty"` // A URL of JSON Web Key Set with the public keys used by a client application to authenticate to Cloudentity. JwksURI string `json:"jwks_uri,omitempty" yaml:"jwks_uri,omitempty"` // Logo URI. LogoURI string `json:"logo_uri,omitempty" yaml:"logo_uri,omitempty"` // External organization identifier. It is a unique string assigned by the CDR Register to identify an Accredited // Data Recipient Brand. // // The value obtained is used as the `aud` claim for message signing, for example, when a JSON Web Token (JWT) is // required for authorization, and represents the audience(s) the JWT is intended for. // Example: 5647fe90-f6bc-11eb-9a03-0242ac130003 OrganisationID string `json:"organisation_id,omitempty" yaml:"organisation_id,omitempty"` // Policy URL to read about how the profile data is used. PolicyURI string `json:"policy_uri,omitempty" yaml:"policy_uri,omitempty"` // Array of URLs to which a relying party may request that the user be redirected after a logout has been performed. PostLogoutRedirectUris []string `json:"post_logout_redirect_uris" yaml:"post_logout_redirect_uris"` // privacy Privacy *ClientPrivacy `json:"privacy,omitempty" yaml:"privacy,omitempty"` // redirect uris RedirectUris RedirectURIs `json:"redirect_uris,omitempty" yaml:"redirect_uris,omitempty"` // Optional JWE alg algorithm the client is declaring that it may use for encrypting Request Objects // Example: RSA-OAEP // Enum: [RSA-OAEP RSA-OAEP-256] RequestObjectEncryptionAlg string `json:"request_object_encryption_alg,omitempty" yaml:"request_object_encryption_alg,omitempty"` // Optional JWE enc algorithm the client is declaring that it may use for encrypting Request Objects // When `request_object_encryption_enc` is included, `request_object_encryption_alg` MUST also be provided. // Example: A256GCM // Enum: [A256GCM A128CBC-HS256] RequestObjectEncryptionEnc string `json:"request_object_encryption_enc,omitempty" yaml:"request_object_encryption_enc,omitempty"` // Request object signing algorithm for the token endpoint // // Cloudentity supports signing tokens with the RS256, ES256, and PS256 algorithms. If you do not want // to use a signing algorithm, set the value of this parameter to `none`. // Example: none // Enum: [any none RS256 ES256 PS256] RequestObjectSigningAlg string `json:"request_object_signing_alg,omitempty" yaml:"request_object_signing_alg,omitempty"` // Array of absolute URIs that points to the Request Object that holds authorization request parameters. RequestUris []string `json:"request_uris" yaml:"request_uris"` // Boolean parameter indicating whether the only means of initiating an authorization request the client is allowed to use is PAR. RequirePushedAuthorizationRequests bool `json:"require_pushed_authorization_requests,omitempty" yaml:"require_pushed_authorization_requests,omitempty"` // response types ResponseTypes ResponseTypes `json:"response_types,omitempty" yaml:"response_types,omitempty"` // A revocation endpoint authentication method configured for the client application (read-only). // If empty, the `token_endpoint_auth_method` is used. // // Cloudentity supports the following client authentication methods: // `client_secret_basic`, `client_secret_post`, `client_secret_jwt`, `private_key_jwt`, // `self_signed_tls_client_auth`, `tls_client_auth`, `none`. // // [Read more](https://cloudentity.com/developers/basics/oauth-client-authentication/client-authentication-overview/) about client authentication. // Example: client_secret_basic // Enum: [client_secret_basic client_secret_post client_secret_jwt private_key_jwt self_signed_tls_client_auth tls_client_auth none] RevocationEndpointAuthMethod string `json:"revocation_endpoint_auth_method,omitempty" yaml:"revocation_endpoint_auth_method,omitempty"` // An array of rotated OAuth client secrets RotatedSecrets []string `json:"rotated_secrets" yaml:"rotated_secrets"` // Space-separated list of scopes for compatibility with the OAuth specification. // Example: email offline_access openid Scope string `json:"scope,omitempty" yaml:"scope,omitempty"` // An array of string represented scopes assigned to a client application // Example: ["email","offline_access","openid"] Scopes []string `json:"scopes" yaml:"scopes"` // OPTIONAL. [A URL using the HTTPS scheme](https://openid.net/specs/openid-connect-registration-1_0.html#SectorIdentifierValidation). // It must reference a JSON file with the array of `redirect_uri` values. // // Pass this parameter when you use multiple domains in your `redirect_uris` or need a mechanism to allow changes in // domain without affecting consumer consent. // // [Read more](https://openid.net/specs/openid-connect-core-1_0.html) SectorIdentifierURI string `json:"sector_identifier_uri,omitempty" yaml:"sector_identifier_uri,omitempty"` // Subject identifier type // // Stores information if the subject identifier is of the `public` or the `pairwise` type. // // Subject identifiers identify an end-user. They are locally unique and never reassigned within the Issuer, // and are intended to be consumed by client applications. There are two types // of subject identifiers: `public` and `pairwise`. // // For the `public` type, the value of the `sub` (subject) token claim is the same for all clients. // // For the `pairwise` type, a different `sub` (subject) token claim is provided for each client. // Using the `pairwise` subject identifier makes it impossible for client applications to correlate the end-user's // activity without their permission. // Example: public // Enum: [public pairwise] SubjectType string `json:"subject_type,omitempty" yaml:"subject_type,omitempty"` // ID of a tenant where the client application is added // Example: default // Required: true TenantID string `json:"tenant_id" yaml:"tenant_id"` // A string containing the value of an expected dNSName SAN entry in the certificate. TLSClientAuthSanDNS string `json:"tls_client_auth_san_dns,omitempty" yaml:"tls_client_auth_san_dns,omitempty"` // A string containing the value of an expected rfc822Name SAN entry in the certificate. TLSClientAuthSanEmail string `json:"tls_client_auth_san_email,omitempty" yaml:"tls_client_auth_san_email,omitempty"` // A string representation of an IP address in either dotted decimal notation (for IPv4) or colon-delimited hexadecimal (for IPv6, as defined in [RFC5952]) that is expected to be present as an iPAddress SAN entry in the certificate. TLSClientAuthSanIP string `json:"tls_client_auth_san_ip,omitempty" yaml:"tls_client_auth_san_ip,omitempty"` // A string containing the value of an expected uniformResourceIdentifier SAN entry in the certificate. TLSClientAuthSanURI string `json:"tls_client_auth_san_uri,omitempty" yaml:"tls_client_auth_san_uri,omitempty"` // An [RFC4514] string representation of the expected subject distinguished name of the certificate. TLSClientAuthSubjectDn string `json:"tls_client_auth_subject_dn,omitempty" yaml:"tls_client_auth_subject_dn,omitempty"` // Boolean value indicating server support for mutual TLS client certificate-bound access tokens. If omitted, the default value is "false". TLSClientCertificateBoundAccessTokens bool `json:"tls_client_certificate_bound_access_tokens,omitempty" yaml:"tls_client_certificate_bound_access_tokens,omitempty"` // Token endpoint authentication method configured for a client application // // Cloudentity supports the following client authentication methods: // `client_secret_basic`, `client_secret_post`, `client_secret_jwt`, `private_key_jwt`, // `self_signed_tls_client_auth`, `tls_client_auth`, `none`. // // To learn more, go to the Authorization Basics > Client Authentication section of this guide. // Example: client_secret_basic // Enum: [client_secret_basic client_secret_post client_secret_jwt private_key_jwt self_signed_tls_client_auth tls_client_auth none] TokenEndpointAuthMethod string `json:"token_endpoint_auth_method,omitempty" yaml:"token_endpoint_auth_method,omitempty"` // Signing algorithm for the token endpoint // // This field is optional. If empty, a client can use any algorithm supported by the server (see `token_endpoint_auth_signing_alg_values_supported` in the well-known endpoing). // // If provided, depending on the server configuration, client can use of one: HS256, RS256, ES256, PS256 algorithms. // // If your token endpoint authentication is set to the `private_key_jwt` method, the // `token_endpoint_auth_signing_alg` parameter must be either RS256, ES256, or PS256. // // If your token endpoint authentication is set to the `client_secret_jwt` method, // the `token_endpoint_auth_signing_alg` parameter must be HS256. // Example: ES256 // Enum: [RS256 ES256 PS256 HS256 ] TokenEndpointAuthSigningAlg string `json:"token_endpoint_auth_signing_alg,omitempty" yaml:"token_endpoint_auth_signing_alg,omitempty"` // token exchange TokenExchange *ClientTokenExchangeConfiguration `json:"token_exchange,omitempty" yaml:"token_exchange,omitempty"` // Terms of Service URL. TosURI string `json:"tos_uri,omitempty" yaml:"tos_uri,omitempty"` // Date when the client application was updated. // Example: 2022-05-08T01:11:51.1262916Z // Format: date-time UpdatedAt strfmt.DateTime `json:"updated_at,omitempty" yaml:"updated_at,omitempty"` // JWS alg algorithm REQUIRED for signing UserInfo Responses. // // If specified, the response is a JWT serialized and signed with JWS. // // If omitted, then by default, UserInfo Response returns the Claims // as an UTF-8 encoded JSON object using the application/json content-type. // Example: none // Enum: [none RS256 ES256] UserinfoSignedResponseAlg string `json:"userinfo_signed_response_alg,omitempty" yaml:"userinfo_signed_response_alg,omitempty"` }
ClientDeveloperResponse client developer response
swagger:model ClientDeveloperResponse
func (*ClientDeveloperResponse) ContextValidate ¶
func (m *ClientDeveloperResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error
ContextValidate validate this client developer response based on the context it is used
func (*ClientDeveloperResponse) MarshalBinary ¶
func (m *ClientDeveloperResponse) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*ClientDeveloperResponse) UnmarshalBinary ¶
func (m *ClientDeveloperResponse) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type ClientJWK ¶
type ClientJWK struct { // The "alg" (algorithm) parameter identifies the algorithm intended for // use with the key. The values used should either be registered in the // IANA "JSON Web Signature and Encryption Algorithms" registry // established by [JWA] or be a value that contains a Collision- // Resistant Name. // Example: RS256 Alg string `json:"alg,omitempty" yaml:"alg,omitempty"` // crv // Example: P-256 Crv string `json:"crv,omitempty" yaml:"crv,omitempty"` // d // Example: T_N8I-6He3M8a7X1vWt6TGIx4xB_GP3Mb4SsZSA4v-orvJzzRiQhLlRR81naWYxfQAYt5isDI6_C2L9bdWo4FFPjGQFvNoRX-_sBJyBI_rl-TBgsZYoUlAj3J92WmY2inbA-PwyJfsaIIDceYBC-eX-xiCu6qMqkZi3MwQAFL6bMdPEM0z4JBcwFT3VdiWAIRUuACWQwrXMq672x7fMuaIaHi7XDGgt1ith23CLfaREmJku9PQcchbt_uEY-hqrFY6ntTtS4paWWQj86xLL94S-Tf6v6xkL918PfLSOTq6XCzxvlFwzBJqApnAhbwqLjpPhgUG04EDRrqrSBc5Y1BLevn6Ip5h1AhessBp3wLkQgz_roeckt-ybvzKTjESMuagnpqLvOT7Y9veIug2MwPJZI2VjczRc1vzMs25XrFQ8DpUy-bNdp89TmvAXwctUMiJdgHloJw23Cv03gIUAkDnsTqZmkpbIf-crpgNKFmQP_EDKoe8p_PXZZgfbRri3NoEVGP7Mk6yEu8LjJhClhZaBNjuWw2-KlBfOA3g79mhfBnkInee5KO9mGR50qPk1V-MorUYNTFMZIm0kFE6eYVWFBwJHLKYhHU34DoiK1VP-svZpC2uAMFNA_UJEwM9CQ2b8qe4-5e9aywMvwcuArRkAB5mBIfOaOJao3mfukKAE D string `json:"d,omitempty" yaml:"d,omitempty"` // dp // Example: G4sPXkc6Ya9y8oJW9_ILj4xuppu0lzi_H7VTkS8xj5SdX3coE0oimYwxIi2emTAue0UOa5dpgFGyBJ4c8tQ2VF402XRugKDTP8akYhFo5tAA77Qe_NmtuYZc3C3m3I24G2GvR5sSDxUyAN2zq8Lfn9EUms6rY3Ob8YeiKkTiBj0 Dp string `json:"dp,omitempty" yaml:"dp,omitempty"` // dq // Example: s9lAH9fggBsoFR8Oac2R_E2gw282rT2kGOAhvIllETE1efrA6huUUvMfBcMpn8lqeW6vzznYY5SSQF7pMdC_agI3nG8Ibp1BUb0JUiraRNqUfLhcQb_d9GF4Dh7e74WbRsobRonujTYN1xCaP6TO61jvWrX-L18txXw494Q_cgk Dq string `json:"dq,omitempty" yaml:"dq,omitempty"` // e // Example: AQAB E string `json:"e,omitempty" yaml:"e,omitempty"` // k // Example: GawgguFyGrWKav7AX4VKUg K string `json:"k,omitempty" yaml:"k,omitempty"` // The "kid" (key ID) parameter is used to match a specific key. This // is used, for instance, to choose among a set of keys within a JWK Set // during key rollover. The structure of the "kid" value is // unspecified. When "kid" values are used within a JWK Set, different // keys within the JWK Set SHOULD use distinct "kid" values. (One // example in which different keys might use the same "kid" value is if // they have different "kty" (key type) values but are considered to be // equivalent alternatives by the application using them.) The "kid" // value is a case-sensitive string. // Example: 1603dfe0af8f4596 Kid string `json:"kid,omitempty" yaml:"kid,omitempty"` // The "kty" (key type) parameter identifies the cryptographic algorithm // family used with the key, such as "RSA" or "EC". "kty" values should // either be registered in the IANA "JSON Web Key Types" registry // established by [JWA] or be a value that contains a Collision- // Resistant Name. The "kty" value is a case-sensitive string. // Example: RSA // Required: true Kty string `json:"kty" yaml:"kty"` // n // Example: vTqrxUyQPl_20aqf5kXHwDZrel-KovIp8s7ewJod2EXHl8tWlRB3_Rem34KwBfqlKQGp1nqah-51H4Jzruqe0cFP58hPEIt6WqrvnmJCXxnNuIB53iX_uUUXXHDHBeaPCSRoNJzNysjoJ30TIUsKBiirhBa7f235PXbKiHducLevV6PcKxJ5cY8zO286qJLBWSPm-OIevwqsIsSIH44Qtm9sioFikhkbLwoqwWORGAY0nl6XvVOlhADdLjBSqSAeT1FPuCDCnXwzCDR8N9IFB_IjdStFkC-rVt2K5BYfPd0c3yFp_vHR15eRd0zJ8XQ7woBC8Vnsac6Et1pKS59pX6256DPWu8UDdEOolKAPgcd_g2NpA76cAaF_jcT80j9KrEzw8Tv0nJBGesuCjPNjGs_KzdkWTUXt23Hn9QJsdc1MZuaW0iqXBepHYfYoqNelzVte117t4BwVp0kUM6we0IqyXClaZgOI8S-WDBw2_Ovdm8e5NmhYAblEVoygcX8Y46oH6bKiaCQfKCFDMcRgChme7AoE1yZZYsPbaG_3IjPrC4LBMHQw8rM9dWjJ8ImjicvZ1pAm0dx-KHCP3y5PVKrxBDf1zSOsBRkOSjB8TPODnJMz6-jd5hTtZxpZPwPoIdCanTZ3ZD6uRBpTmDwtpRGm63UQs1m5FWPwb0T2IF0 N string `json:"n,omitempty" yaml:"n,omitempty"` // p // Example: 6NbkXwDWUhi-eR55Cgbf27FkQDDWIamOaDr0rj1q0f1fFEz1W5A_09YvG09Fiv1AO2-D8Rl8gS1Vkz2i0zCSqnyy8A025XOcRviOMK7nIxE4OH_PEsko8dtIrb3TmE2hUXvCkmzw9EsTF1LQBOGC6iusLTXepIC1x9ukCKFZQvdgtEObQ5kzd9Nhq-cdqmSeMVLoxPLd1blviVT9Vm8-y12CtYpeJHOaIDtVPLlBhJiBoPKWg3vxSm4XxIliNOefqegIlsmTIa3MpS6WWlCK3yHhat0Q-rRxDxdyiVdG_wzJvp0Iw_2wms7pe-PgNPYvUWH9JphWP5K38YqEBiJFXQ P string `json:"p,omitempty" yaml:"p,omitempty"` // q // Example: 0A1FmpOWR91_RAWpqreWSavNaZb9nXeKiBo0DQGBz32DbqKqQ8S4aBJmbRhJcctjCLjain-ivut477tAUMmzJwVJDDq2MZFwC9Q-4VYZmFU4HJityQuSzHYe64RjN-E_NQ02TWhG3QGW6roq6c57c99rrUsETwJJiwS8M5p15Miuz53DaOjv-uqqFAFfywN5WkxHbraBcjHtMiQuyQbQqkCFh-oanHkwYNeytsNhTu2mQmwR5DR2roZ2nPiFjC6nsdk-A7E3S3wMzYYFw7jvbWWoYWo9vB40_MY2Y0FYQSqcDzcBIcq_0tnnasf3VW4Fdx6m80RzOb2Fsnln7vKXAQ Q string `json:"q,omitempty" yaml:"q,omitempty"` // qi // Example: GyM_p6JrXySiz1toFgKbWV-JdI3jQ4ypu9rbMWx3rQJBfmt0FoYzgUIZEVFEcOqwemRN81zoDAaa-Bk0KWNGDjJHZDdDmFhW3AN7lI-puxk_mHZGJ11rxyR8O55XLSe3SPmRfKwZI6yU24ZxvQKFYItdldUKGzO6Ia6zTKhAVRU Qi string `json:"qi,omitempty" yaml:"qi,omitempty"` // Use ("public key use") identifies the intended use of // the public key. The "use" parameter is employed to indicate whether // a public key is used for encrypting data or verifying the signature // on data. Values are commonly "sig" (signature) or "enc" (encryption). // Example: sig Use string `json:"use,omitempty" yaml:"use,omitempty"` // x // Example: f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU X string `json:"x,omitempty" yaml:"x,omitempty"` // The "x5c" (X.509 certificate chain) parameter contains a chain of one // or more PKIX certificates [RFC5280]. The certificate chain is // represented as a JSON array of certificate value strings. Each // string in the array is a base64-encoded (Section 4 of [RFC4648] -- // not base64url-encoded) DER [ITU.X690.1994] PKIX certificate value. // The PKIX certificate containing the key value MUST be the first // certificate. X5c []string `json:"x5c" yaml:"x5c"` // x5t // Example: GawgguFyGrWKav7AX4VKUg X5t string `json:"x5t,omitempty" yaml:"x5t,omitempty"` // x5t s256 // Example: GawgguFyGrWKav7AX4VKUg X5tS256 string `json:"x5t#S256,omitempty" yaml:"x5t#S256,omitempty"` // y // Example: x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0 Y string `json:"y,omitempty" yaml:"y,omitempty"` }
ClientJWK client j w k
swagger:model ClientJWK
func (*ClientJWK) ContextValidate ¶
ContextValidate validates this client j w k based on context it is used
func (*ClientJWK) MarshalBinary ¶
MarshalBinary interface implementation
func (*ClientJWK) UnmarshalBinary ¶
UnmarshalBinary interface implementation
type ClientJWKs ¶
type ClientJWKs struct { // keys // Example: [] Keys []*ClientJWK `json:"keys" yaml:"keys"` }
ClientJWKs client j w ks
swagger:model ClientJWKs
func (*ClientJWKs) ContextValidate ¶
ContextValidate validate this client j w ks based on the context it is used
func (*ClientJWKs) MarshalBinary ¶
func (m *ClientJWKs) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*ClientJWKs) UnmarshalBinary ¶
func (m *ClientJWKs) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type ClientPrivacy ¶
type ClientPrivacy struct { // optional privacy information mapping for scopes Scopes map[string]ScopePrivacyInformation `json:"scopes,omitempty" yaml:"scopes,omitempty"` }
ClientPrivacy client privacy
swagger:model ClientPrivacy
func (*ClientPrivacy) ContextValidate ¶
ContextValidate validate this client privacy based on the context it is used
func (*ClientPrivacy) MarshalBinary ¶
func (m *ClientPrivacy) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*ClientPrivacy) UnmarshalBinary ¶
func (m *ClientPrivacy) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type ClientTokenExchangeConfiguration ¶
type ClientTokenExchangeConfiguration struct { // Additional actor token claims // // Claims from the actor token that will be injected into the exchanged token under the `act` claim. // // Applies for the token exchange delegation flow only. ActorClaims []string `json:"actor_claims" yaml:"actor_claims"` }
ClientTokenExchangeConfiguration client token exchange configuration
swagger:model ClientTokenExchangeConfiguration
func (*ClientTokenExchangeConfiguration) ContextValidate ¶
func (m *ClientTokenExchangeConfiguration) ContextValidate(ctx context.Context, formats strfmt.Registry) error
ContextValidate validates this client token exchange configuration based on context it is used
func (*ClientTokenExchangeConfiguration) MarshalBinary ¶
func (m *ClientTokenExchangeConfiguration) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*ClientTokenExchangeConfiguration) UnmarshalBinary ¶
func (m *ClientTokenExchangeConfiguration) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type ClientsForDeveloper ¶
type ClientsForDeveloper struct { // clients Clients []*ClientDeveloperResponse `json:"clients" yaml:"clients"` }
ClientsForDeveloper OAuth clients owned by developer
swagger:model ClientsForDeveloper
func (*ClientsForDeveloper) ContextValidate ¶
ContextValidate validate this clients for developer based on the context it is used
func (*ClientsForDeveloper) MarshalBinary ¶
func (m *ClientsForDeveloper) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*ClientsForDeveloper) UnmarshalBinary ¶
func (m *ClientsForDeveloper) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type CreateClientDeveloperRequest ¶
type CreateClientDeveloperRequest struct { // The client application type. // // Client applications can be either of a `web` or `native` types. // // Web applications include clients like server web applications or service apps. // // Native applications include single-page applications (SPAs) and mobile or desktop // applications. // // Apply security measures according to the type of your application. // Example: web ApplicationType string `json:"application_type,omitempty" yaml:"application_type,omitempty"` // An array of dynamically calculated application types that can be used for filtering // Example: ["single_page","server_web","mobile_desktop","service","legacy","dcr"] // Read Only: true ApplicationTypes []string `json:"application_types" yaml:"application_types"` // Identity of the intended recipients (the audience). // // Typically, the audience is a single resource server or a list of resource servers. // // It is considered a good practice to limit the audience of the token for security purposes. Audience []string `json:"audience" yaml:"audience"` // Authorization details types // // Indicates what authorization details types the client can use. AuthorizationDetailsTypes []AuthorizationDetailType `json:"authorization_details_types" yaml:"authorization_details_types"` // Algorithm used for encrypting authorization responses. // // If both signing and encryption are requested, the response is first signed, and then encrypted. // As a result, a Nested JWT is obtained, as defined in JWT [RFC7519]. // // If omitted, no encryption is applied by default. // Example: RSA-OAEP-256 // Enum: [RSA-OAEP RSA-OAEP-256] AuthorizationEncryptedResponseAlg string `json:"authorization_encrypted_response_alg,omitempty" yaml:"authorization_encrypted_response_alg,omitempty"` // Algorithm used for encrypting authorization responses. // // With `authorization_encrypted_response_alg` specified, the default value is `A128CBC-HS256`. // When `authorization_encrypted_response_enc` is included, `authorization_encrypted_response_alg` // MUST also be provided in a request. // Example: A128CBC-HS256 // Enum: [A256GCM A128CBC-HS256] AuthorizationEncryptedResponseEnc string `json:"authorization_encrypted_response_enc,omitempty" yaml:"authorization_encrypted_response_enc,omitempty"` // An authorization server (workspace) identifier holding the client application. // Example: default // Required: true AuthorizationServerID string `json:"authorization_server_id" yaml:"authorization_server_id"` // Algorithm used for signing authorization responses. // // With this parameter specified, the response is signed using JWS and according to the configured algorithm. // // `none` isn't allowed. // Example: RS256 AuthorizationSignedResponseAlg string `json:"authorization_signed_response_alg,omitempty" yaml:"authorization_signed_response_alg,omitempty"` // OPTIONAL. The JWS alg algorithm value used by the client application to sign authentication requests. // // When omitted, the client application doesn't send signed authentication requests. BackchannelAuthenticationRequestSigningAlg string `` /* 127-byte string literal not displayed */ // REQUIRED for requests when the client application uses CIBA as an authorization grant type, and the token // delivery mode is set to `ping` or `push`. // // This parameter is the endpoint where an OP (OpenID Provider) posts a notification after end-user authentication. // // Input: an HTTPS URL. BackchannelClientNotificationEndpoint string `json:"backchannel_client_notification_endpoint,omitempty" yaml:"backchannel_client_notification_endpoint,omitempty"` // REQUIRED for requests when the client application uses CIBA as an authorization grant type. // // Input: `poll`, `ping`, or `push`. BackchannelTokenDeliveryMode string `json:"backchannel_token_delivery_mode,omitempty" yaml:"backchannel_token_delivery_mode,omitempty"` // OPTIONAL. A boolean value indicating the `user_code` parameter support by the client application. // // If omitted, the default value is `false`. // // This applies only when the `backchannel_user_code_parameter_supported` OP parameter is `true`. BackchannelUserCodeParameter bool `json:"backchannel_user_code_parameter,omitempty" yaml:"backchannel_user_code_parameter,omitempty"` // The client identifier time of issue. // // The value is the number of seconds between 1970-01-01T00:00:00Z (UTC) and the date/time of issue. ClientIDIssuedAt int64 `json:"client_id_issued_at,omitempty" yaml:"client_id_issued_at,omitempty"` // Human-readable name of a client application. // Example: My app ClientName string `json:"client_name,omitempty" yaml:"client_name,omitempty"` // The client secret expiration time. // // If the client secret does not expire, `client_secret_expires_at` = `0`. ClientSecretExpiresAt int64 `json:"client_secret_expires_at,omitempty" yaml:"client_secret_expires_at,omitempty"` // URI of a client application. ClientURI string `json:"client_uri,omitempty" yaml:"client_uri,omitempty"` // Date when the client application was created. // Example: 2022-04-07T19:17:31.323187Z // Format: date-time CreatedAt strfmt.DateTime `json:"created_at,omitempty" yaml:"created_at,omitempty"` // Description of the client application. Description string `json:"description,omitempty" yaml:"description,omitempty"` // Boolean value specifying whether the client always uses DPoP for token requests // If true, the authorization server will reject token requests from this client that do not contain the DPoP header. DpopBoundAccessTokens bool `json:"dpop_bound_access_tokens,omitempty" yaml:"dpop_bound_access_tokens,omitempty"` // An array of allowed OAuth client grant types. // // The `grantTypes` array stores OAuth flows that are allowed for a given client application. // // [Read more](https://cloudentity.com/developers/basics/oauth-grant-types/grant-types-overview/) about grant types. // Example: ["password","refresh_token","client_credentials","implicit","authorization_code"] GrantTypes []string `json:"grant_types" yaml:"grant_types"` // JWE alg algorithm for encrypting the ID token issued to this client application. // Enum: [RSA-OAEP RSA-OAEP-256] IDTokenEncryptedResponseAlg string `json:"id_token_encrypted_response_alg,omitempty" yaml:"id_token_encrypted_response_alg,omitempty"` // JWE enc algorithm for encrypting the ID token issued to this client application. // Enum: [A256GCM A128CBC-HS256] IDTokenEncryptedResponseEnc string `json:"id_token_encrypted_response_enc,omitempty" yaml:"id_token_encrypted_response_enc,omitempty"` // Algorithm for signing ID tokens issued for a client application. // // The default value depends on authorization server configuration. // Example: ES256 // Enum: [RS256 ES256 PS256] IDTokenSignedResponseAlg string `json:"id_token_signed_response_alg,omitempty" yaml:"id_token_signed_response_alg,omitempty"` // An introspection endpoint authentication method configured for the client application (read-only). // // If empty, the `token_endpoint_auth_method` is used. // // Cloudentity supports the following client authentication methods: // `client_secret_basic`, `client_secret_post`, `client_secret_jwt`, `private_key_jwt`, // `self_signed_tls_client_auth`, `tls_client_auth`, `none`. // // [Read more](https://cloudentity.com/developers/basics/oauth-client-authentication/client-authentication-overview/) about client authentication. // Example: client_secret_basic // Enum: [client_secret_basic client_secret_post client_secret_jwt private_key_jwt self_signed_tls_client_auth tls_client_auth none] IntrospectionEndpointAuthMethod string `json:"introspection_endpoint_auth_method,omitempty" yaml:"introspection_endpoint_auth_method,omitempty"` // jwks Jwks *ClientJWKs `json:"jwks,omitempty" yaml:"jwks,omitempty"` // A URL of JSON Web Key Set with the public keys used by a client application to authenticate to Cloudentity. JwksURI string `json:"jwks_uri,omitempty" yaml:"jwks_uri,omitempty"` // Logo URI. LogoURI string `json:"logo_uri,omitempty" yaml:"logo_uri,omitempty"` // External organization identifier. It is a unique string assigned by the CDR Register to identify an Accredited // Data Recipient Brand. // // The value obtained is used as the `aud` claim for message signing, for example, when a JSON Web Token (JWT) is // required for authorization, and represents the audience(s) the JWT is intended for. // Example: 5647fe90-f6bc-11eb-9a03-0242ac130003 OrganisationID string `json:"organisation_id,omitempty" yaml:"organisation_id,omitempty"` // Policy URL to read about how the profile data is used. PolicyURI string `json:"policy_uri,omitempty" yaml:"policy_uri,omitempty"` // Array of URLs to which a relying party may request that the user be redirected after a logout has been performed. PostLogoutRedirectUris []string `json:"post_logout_redirect_uris" yaml:"post_logout_redirect_uris"` // privacy Privacy *ClientPrivacy `json:"privacy,omitempty" yaml:"privacy,omitempty"` // redirect uris RedirectUris RedirectURIs `json:"redirect_uris,omitempty" yaml:"redirect_uris,omitempty"` // Optional JWE alg algorithm the client is declaring that it may use for encrypting Request Objects // Example: RSA-OAEP // Enum: [RSA-OAEP RSA-OAEP-256] RequestObjectEncryptionAlg string `json:"request_object_encryption_alg,omitempty" yaml:"request_object_encryption_alg,omitempty"` // Optional JWE enc algorithm the client is declaring that it may use for encrypting Request Objects // When `request_object_encryption_enc` is included, `request_object_encryption_alg` MUST also be provided. // Example: A256GCM // Enum: [A256GCM A128CBC-HS256] RequestObjectEncryptionEnc string `json:"request_object_encryption_enc,omitempty" yaml:"request_object_encryption_enc,omitempty"` // Request object signing algorithm for the token endpoint // // Cloudentity supports signing tokens with the RS256, ES256, and PS256 algorithms. If you do not want // to use a signing algorithm, set the value of this parameter to `none`. // Example: none // Enum: [any none RS256 ES256 PS256] RequestObjectSigningAlg string `json:"request_object_signing_alg,omitempty" yaml:"request_object_signing_alg,omitempty"` // Array of absolute URIs that points to the Request Object that holds authorization request parameters. RequestUris []string `json:"request_uris" yaml:"request_uris"` // Boolean parameter indicating whether the only means of initiating an authorization request the client is allowed to use is PAR. RequirePushedAuthorizationRequests bool `json:"require_pushed_authorization_requests,omitempty" yaml:"require_pushed_authorization_requests,omitempty"` // response types ResponseTypes ResponseTypes `json:"response_types,omitempty" yaml:"response_types,omitempty"` // A revocation endpoint authentication method configured for the client application (read-only). // If empty, the `token_endpoint_auth_method` is used. // // Cloudentity supports the following client authentication methods: // `client_secret_basic`, `client_secret_post`, `client_secret_jwt`, `private_key_jwt`, // `self_signed_tls_client_auth`, `tls_client_auth`, `none`. // // [Read more](https://cloudentity.com/developers/basics/oauth-client-authentication/client-authentication-overview/) about client authentication. // Example: client_secret_basic // Enum: [client_secret_basic client_secret_post client_secret_jwt private_key_jwt self_signed_tls_client_auth tls_client_auth none] RevocationEndpointAuthMethod string `json:"revocation_endpoint_auth_method,omitempty" yaml:"revocation_endpoint_auth_method,omitempty"` // Space-separated list of scopes for compatibility with the OAuth specification. // Example: email offline_access openid Scope string `json:"scope,omitempty" yaml:"scope,omitempty"` // An array of string represented scopes assigned to a client application // Example: ["email","offline_access","openid"] Scopes []string `json:"scopes" yaml:"scopes"` // OPTIONAL. [A URL using the HTTPS scheme](https://openid.net/specs/openid-connect-registration-1_0.html#SectorIdentifierValidation). // It must reference a JSON file with the array of `redirect_uri` values. // // Pass this parameter when you use multiple domains in your `redirect_uris` or need a mechanism to allow changes in // domain without affecting consumer consent. // // [Read more](https://openid.net/specs/openid-connect-core-1_0.html) SectorIdentifierURI string `json:"sector_identifier_uri,omitempty" yaml:"sector_identifier_uri,omitempty"` // Subject identifier type // // Stores information if the subject identifier is of the `public` or the `pairwise` type. // // Subject identifiers identify an end-user. They are locally unique and never reassigned within the Issuer, // and are intended to be consumed by client applications. There are two types // of subject identifiers: `public` and `pairwise`. // // For the `public` type, the value of the `sub` (subject) token claim is the same for all clients. // // For the `pairwise` type, a different `sub` (subject) token claim is provided for each client. // Using the `pairwise` subject identifier makes it impossible for client applications to correlate the end-user's // activity without their permission. // Example: public // Enum: [public pairwise] SubjectType string `json:"subject_type,omitempty" yaml:"subject_type,omitempty"` // ID of a tenant where the client application is added // Example: default // Required: true TenantID string `json:"tenant_id" yaml:"tenant_id"` // A string containing the value of an expected dNSName SAN entry in the certificate. TLSClientAuthSanDNS string `json:"tls_client_auth_san_dns,omitempty" yaml:"tls_client_auth_san_dns,omitempty"` // A string containing the value of an expected rfc822Name SAN entry in the certificate. TLSClientAuthSanEmail string `json:"tls_client_auth_san_email,omitempty" yaml:"tls_client_auth_san_email,omitempty"` // A string representation of an IP address in either dotted decimal notation (for IPv4) or colon-delimited hexadecimal (for IPv6, as defined in [RFC5952]) that is expected to be present as an iPAddress SAN entry in the certificate. TLSClientAuthSanIP string `json:"tls_client_auth_san_ip,omitempty" yaml:"tls_client_auth_san_ip,omitempty"` // A string containing the value of an expected uniformResourceIdentifier SAN entry in the certificate. TLSClientAuthSanURI string `json:"tls_client_auth_san_uri,omitempty" yaml:"tls_client_auth_san_uri,omitempty"` // An [RFC4514] string representation of the expected subject distinguished name of the certificate. TLSClientAuthSubjectDn string `json:"tls_client_auth_subject_dn,omitempty" yaml:"tls_client_auth_subject_dn,omitempty"` // Boolean value indicating server support for mutual TLS client certificate-bound access tokens. If omitted, the default value is "false". TLSClientCertificateBoundAccessTokens bool `json:"tls_client_certificate_bound_access_tokens,omitempty" yaml:"tls_client_certificate_bound_access_tokens,omitempty"` // Token endpoint authentication method configured for a client application // // Cloudentity supports the following client authentication methods: // `client_secret_basic`, `client_secret_post`, `client_secret_jwt`, `private_key_jwt`, // `self_signed_tls_client_auth`, `tls_client_auth`, `none`. // // To learn more, go to the Authorization Basics > Client Authentication section of this guide. // Example: client_secret_basic // Enum: [client_secret_basic client_secret_post client_secret_jwt private_key_jwt self_signed_tls_client_auth tls_client_auth none] TokenEndpointAuthMethod string `json:"token_endpoint_auth_method,omitempty" yaml:"token_endpoint_auth_method,omitempty"` // Signing algorithm for the token endpoint // // This field is optional. If empty, a client can use any algorithm supported by the server (see `token_endpoint_auth_signing_alg_values_supported` in the well-known endpoing). // // If provided, depending on the server configuration, client can use of one: HS256, RS256, ES256, PS256 algorithms. // // If your token endpoint authentication is set to the `private_key_jwt` method, the // `token_endpoint_auth_signing_alg` parameter must be either RS256, ES256, or PS256. // // If your token endpoint authentication is set to the `client_secret_jwt` method, // the `token_endpoint_auth_signing_alg` parameter must be HS256. // Example: ES256 // Enum: [RS256 ES256 PS256 HS256 ] TokenEndpointAuthSigningAlg string `json:"token_endpoint_auth_signing_alg,omitempty" yaml:"token_endpoint_auth_signing_alg,omitempty"` // token exchange TokenExchange *ClientTokenExchangeConfiguration `json:"token_exchange,omitempty" yaml:"token_exchange,omitempty"` // Terms of Service URL. TosURI string `json:"tos_uri,omitempty" yaml:"tos_uri,omitempty"` // Date when the client application was updated. // Example: 2022-05-08T01:11:51.1262916Z // Format: date-time UpdatedAt strfmt.DateTime `json:"updated_at,omitempty" yaml:"updated_at,omitempty"` // JWS alg algorithm REQUIRED for signing UserInfo Responses. // // If specified, the response is a JWT serialized and signed with JWS. // // If omitted, then by default, UserInfo Response returns the Claims // as an UTF-8 encoded JSON object using the application/json content-type. // Example: none // Enum: [none RS256 ES256] UserinfoSignedResponseAlg string `json:"userinfo_signed_response_alg,omitempty" yaml:"userinfo_signed_response_alg,omitempty"` }
CreateClientDeveloperRequest create client developer request
swagger:model CreateClientDeveloperRequest
func (*CreateClientDeveloperRequest) ContextValidate ¶
func (m *CreateClientDeveloperRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error
ContextValidate validate this create client developer request based on the context it is used
func (*CreateClientDeveloperRequest) MarshalBinary ¶
func (m *CreateClientDeveloperRequest) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*CreateClientDeveloperRequest) UnmarshalBinary ¶
func (m *CreateClientDeveloperRequest) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type DeveloperEnvironment ¶
type DeveloperEnvironment struct { // store client secrets as a one way hash ClientSecretsStoredAsOneWayHash bool `json:"client_secrets_stored_as_one_way_hash,omitempty" yaml:"client_secrets_stored_as_one_way_hash,omitempty"` // Rich Authorization Requests (RAR) Rar bool `json:"rar,omitempty" yaml:"rar,omitempty"` }
DeveloperEnvironment developer environment
swagger:model DeveloperEnvironment
func (*DeveloperEnvironment) ContextValidate ¶
ContextValidate validates this developer environment based on context it is used
func (*DeveloperEnvironment) MarshalBinary ¶
func (m *DeveloperEnvironment) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*DeveloperEnvironment) UnmarshalBinary ¶
func (m *DeveloperEnvironment) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type Error ¶
type Error struct { // details Details interface{} `json:"details,omitempty" yaml:"details,omitempty"` // error Error string `json:"error,omitempty" yaml:"error,omitempty"` // status code StatusCode int64 `json:"status_code,omitempty" yaml:"status_code,omitempty"` }
Error HTTP error response
swagger:model Error
func (*Error) ContextValidate ¶
ContextValidate validates this error based on context it is used
func (*Error) MarshalBinary ¶
MarshalBinary interface implementation
func (*Error) UnmarshalBinary ¶
UnmarshalBinary interface implementation
type GetServerDeveloperResponse ¶
type GetServerDeveloperResponse struct { // Color // Example: #007FFF Color string `json:"color,omitempty" yaml:"color,omitempty"` // supported grant types // Example: ["implicit","authorization_code","refresh_token"] GrantTypes []string `json:"grant_types" yaml:"grant_types"` // authorization server id // Example: default ID string `json:"id,omitempty" yaml:"id,omitempty"` // issuer URL // Example: https://example.com/default/default IssuerURL string `json:"issuer_url,omitempty" yaml:"issuer_url,omitempty"` // mtls issuer url MtlsIssuerURL string `json:"mtls_issuer_url,omitempty" yaml:"mtls_issuer_url,omitempty"` // authorizations server name // Example: ACP Name string `json:"name,omitempty" yaml:"name,omitempty"` // response types ResponseTypes ResponseTypes `json:"response_types,omitempty" yaml:"response_types,omitempty"` // supported subject identifier types // Example: ["public","pairwise"] SubjectIdentifierTypes []string `json:"subject_identifier_types" yaml:"subject_identifier_types"` // supported application purposes // Example: ["single_page","server_web","mobile_desktop","service","legacy"] SupportedApplicationPurposes []string `json:"supported_application_purposes" yaml:"supported_application_purposes"` }
GetServerDeveloperResponse get server developer response
swagger:model GetServerDeveloperResponse
func (*GetServerDeveloperResponse) ContextValidate ¶
func (m *GetServerDeveloperResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error
ContextValidate validate this get server developer response based on the context it is used
func (*GetServerDeveloperResponse) MarshalBinary ¶
func (m *GetServerDeveloperResponse) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*GetServerDeveloperResponse) UnmarshalBinary ¶
func (m *GetServerDeveloperResponse) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type GetServerWithScopesDeveloperResponse ¶
type GetServerWithScopesDeveloperResponse struct { // list of authorization details AuthorizationDetails []*AuthorizationDetailWithServiceDeveloperResponse `json:"authorization_details" yaml:"authorization_details"` // Color // Example: #007FFF Color string `json:"color,omitempty" yaml:"color,omitempty"` // supported grant types // Example: ["implicit","authorization_code","refresh_token"] GrantTypes []string `json:"grant_types" yaml:"grant_types"` // authorization server id // Example: default ID string `json:"id,omitempty" yaml:"id,omitempty"` // issuer URL // Example: https://example.com/default/default IssuerURL string `json:"issuer_url,omitempty" yaml:"issuer_url,omitempty"` // mtls issuer url MtlsIssuerURL string `json:"mtls_issuer_url,omitempty" yaml:"mtls_issuer_url,omitempty"` // authorizations server name // Example: ACP Name string `json:"name,omitempty" yaml:"name,omitempty"` // response types ResponseTypes ResponseTypes `json:"response_types,omitempty" yaml:"response_types,omitempty"` // list of scopes Scopes []*ScopeWithServiceDeveloperResponse `json:"scopes" yaml:"scopes"` // supported subject identifier types // Example: ["public","pairwise"] SubjectIdentifierTypes []string `json:"subject_identifier_types" yaml:"subject_identifier_types"` // supported application purposes // Example: ["single_page","server_web","mobile_desktop","service","legacy"] SupportedApplicationPurposes []string `json:"supported_application_purposes" yaml:"supported_application_purposes"` }
GetServerWithScopesDeveloperResponse get server with scopes developer response
swagger:model GetServerWithScopesDeveloperResponse
func (*GetServerWithScopesDeveloperResponse) ContextValidate ¶
func (m *GetServerWithScopesDeveloperResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error
ContextValidate validate this get server with scopes developer response based on the context it is used
func (*GetServerWithScopesDeveloperResponse) MarshalBinary ¶
func (m *GetServerWithScopesDeveloperResponse) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*GetServerWithScopesDeveloperResponse) UnmarshalBinary ¶
func (m *GetServerWithScopesDeveloperResponse) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type ListServersDeveloperResponse ¶
type ListServersDeveloperResponse struct { // list of authorization servers Servers []*GetServerDeveloperResponse `json:"servers" yaml:"servers"` }
ListServersDeveloperResponse list servers developer response
swagger:model ListServersDeveloperResponse
func (*ListServersDeveloperResponse) ContextValidate ¶
func (m *ListServersDeveloperResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error
ContextValidate validate this list servers developer response based on the context it is used
func (*ListServersDeveloperResponse) MarshalBinary ¶
func (m *ListServersDeveloperResponse) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*ListServersDeveloperResponse) UnmarshalBinary ¶
func (m *ListServersDeveloperResponse) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type PIICategory ¶
type PIICategory struct { // name // Example: HIPAA Name string `json:"name,omitempty" yaml:"name,omitempty"` }
PIICategory p i i category
swagger:model PIICategory
func (*PIICategory) ContextValidate ¶
ContextValidate validates this p i i category based on context it is used
func (*PIICategory) MarshalBinary ¶
func (m *PIICategory) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*PIICategory) UnmarshalBinary ¶
func (m *PIICategory) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type RedirectURIs ¶
type RedirectURIs []string
RedirectURIs OAuth-allowed redirect URIs
Cloudentity uses redirect URIs to redirect users back to the application after they authorized the application. Along with the redirection, an authorization code or access token is added to the URL.
For backward compatibility reasons, it's also acceptable to pass `redirect_uris` as a string, for example: https://example.com/callback.
example: ["https://example.com/callback"]
swagger:model RedirectURIs
func (RedirectURIs) ContextValidate ¶
ContextValidate validates this redirect u r is based on context it is used
type ResponseTypes ¶
type ResponseTypes []string
ResponseTypes An array of allowed response types
The array may consist of the following arguments:
`code` - when supplied as the value for the `response_type` parameter, a successful response includes an authorization code
`code token` - when supplied as the value for the `response_type` parameter, a successful response includes an access token, an access token type, and an authorization code
`id_token token` - when supplied as the value for the `response_type` parameter, a successful response includes an access token, an access token type, and an ID token
`code id_token token` - when supplied as the value for the `response_type` parameter, a successful response includes an authorization code, an ID token, an access token, and an access token type.
`token` - when supplied as the value for the `response_type` parameter, a successful response includes an access token and its type. This argument is used for the implicit grant flow, but is not recommended. Instead, you should use either the authorization code grant flow with PKCE or client authentication set to `none` and with the use of PKCE.
example: ["token", "id_token", "code"] default: ["code"]
swagger:model ResponseTypes
func (ResponseTypes) ContextValidate ¶
ContextValidate validates this response types based on context it is used
type RotateClientSecretDeveloperResponse ¶
type RotateClientSecretDeveloperResponse struct { // secret Secret string `json:"secret,omitempty" yaml:"secret,omitempty"` }
RotateClientSecretDeveloperResponse rotate client secret developer response
swagger:model RotateClientSecretDeveloperResponse
func (*RotateClientSecretDeveloperResponse) ContextValidate ¶
func (m *RotateClientSecretDeveloperResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error
ContextValidate validates this rotate client secret developer response based on context it is used
func (*RotateClientSecretDeveloperResponse) MarshalBinary ¶
func (m *RotateClientSecretDeveloperResponse) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*RotateClientSecretDeveloperResponse) UnmarshalBinary ¶
func (m *RotateClientSecretDeveloperResponse) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type ScopePrivacyInformation ¶
type ScopePrivacyInformation struct { // pii categories PiiCategories []*PIICategory `json:"pii_categories" yaml:"pii_categories"` // purpose Purpose string `json:"purpose,omitempty" yaml:"purpose,omitempty"` }
ScopePrivacyInformation scope privacy information
swagger:model ScopePrivacyInformation
func (*ScopePrivacyInformation) ContextValidate ¶
func (m *ScopePrivacyInformation) ContextValidate(ctx context.Context, formats strfmt.Registry) error
ContextValidate validate this scope privacy information based on the context it is used
func (*ScopePrivacyInformation) MarshalBinary ¶
func (m *ScopePrivacyInformation) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*ScopePrivacyInformation) UnmarshalBinary ¶
func (m *ScopePrivacyInformation) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type ScopeWithServiceDeveloperResponse ¶
type ScopeWithServiceDeveloperResponse struct { // scope description // Example: This scope value requests offline access using refresh token ScopeDescription string `json:"scope_description,omitempty" yaml:"scope_description,omitempty"` // scope display name // Example: Offline access ScopeDisplayName string `json:"scope_display_name,omitempty" yaml:"scope_display_name,omitempty"` // scope id // Example: 1 ScopeID string `json:"scope_id,omitempty" yaml:"scope_id,omitempty"` // scope name // Example: offline_access ScopeName string `json:"scope_name,omitempty" yaml:"scope_name,omitempty"` // service description // Example: service description ServiceDescription string `json:"service_description,omitempty" yaml:"service_description,omitempty"` // service id // Example: 1 ServiceID string `json:"service_id,omitempty" yaml:"service_id,omitempty"` // service name // Example: service ServiceName string `json:"service_name,omitempty" yaml:"service_name,omitempty"` // is scope assigned to a service // Example: false WithService bool `json:"with_service,omitempty" yaml:"with_service,omitempty"` }
ScopeWithServiceDeveloperResponse scope with service developer response
swagger:model ScopeWithServiceDeveloperResponse
func (*ScopeWithServiceDeveloperResponse) ContextValidate ¶
func (m *ScopeWithServiceDeveloperResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error
ContextValidate validates this scope with service developer response based on context it is used
func (*ScopeWithServiceDeveloperResponse) MarshalBinary ¶
func (m *ScopeWithServiceDeveloperResponse) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*ScopeWithServiceDeveloperResponse) UnmarshalBinary ¶
func (m *ScopeWithServiceDeveloperResponse) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type SupportedJSONSchema ¶
type SupportedJSONSchema struct { // additional properties AdditionalProperties bool `json:"additionalProperties,omitempty" yaml:"additionalProperties,omitempty"` // all of AllOf []*SupportedJSONSchema `json:"allOf" yaml:"allOf"` // any of AnyOf []*SupportedJSONSchema `json:"anyOf" yaml:"anyOf"` // const Const string `json:"const,omitempty" yaml:"const,omitempty"` // contains Contains *SupportedJSONSchema `json:"contains,omitempty" yaml:"contains,omitempty"` // dependent required DependentRequired map[string][]string `json:"dependentRequired,omitempty" yaml:"dependentRequired,omitempty"` // dependent schemas DependentSchemas map[string]SupportedJSONSchema `json:"dependentSchemas,omitempty" yaml:"dependentSchemas,omitempty"` // description Description string `json:"description,omitempty" yaml:"description,omitempty"` // else Else *SupportedJSONSchema `json:"else,omitempty" yaml:"else,omitempty"` // enum Enum []string `json:"enum" yaml:"enum"` // exclusive maximum ExclusiveMaximum int64 `json:"exclusiveMaximum,omitempty" yaml:"exclusiveMaximum,omitempty"` // exclusive minimum ExclusiveMinimum int64 `json:"exclusiveMinimum,omitempty" yaml:"exclusiveMinimum,omitempty"` // hidden Hidden bool `json:"hidden,omitempty" yaml:"hidden,omitempty"` // if If *SupportedJSONSchema `json:"if,omitempty" yaml:"if,omitempty"` // items Items *SupportedJSONSchema `json:"items,omitempty" yaml:"items,omitempty"` // max contains MaxContains int64 `json:"maxContains,omitempty" yaml:"maxContains,omitempty"` // arrays MaxItems int64 `json:"maxItems,omitempty" yaml:"maxItems,omitempty"` // strings MaxLength int64 `json:"maxLength,omitempty" yaml:"maxLength,omitempty"` // objects MaxProperties int64 `json:"maxProperties,omitempty" yaml:"maxProperties,omitempty"` // maximum Maximum int64 `json:"maximum,omitempty" yaml:"maximum,omitempty"` // min contains MinContains int64 `json:"minContains,omitempty" yaml:"minContains,omitempty"` // min items MinItems int64 `json:"minItems,omitempty" yaml:"minItems,omitempty"` // min length MinLength int64 `json:"minLength,omitempty" yaml:"minLength,omitempty"` // min properties MinProperties int64 `json:"minProperties,omitempty" yaml:"minProperties,omitempty"` // minimum Minimum int64 `json:"minimum,omitempty" yaml:"minimum,omitempty"` // numeric MultipleOf int64 `json:"multipleOf,omitempty" yaml:"multipleOf,omitempty"` // not Not *SupportedJSONSchema `json:"not,omitempty" yaml:"not,omitempty"` // one of OneOf []*SupportedJSONSchema `json:"oneOf" yaml:"oneOf"` // pattern Pattern string `json:"pattern,omitempty" yaml:"pattern,omitempty"` // pattern properties PatternProperties map[string]SupportedJSONSchema `json:"patternProperties,omitempty" yaml:"patternProperties,omitempty"` // properties Properties map[string]SupportedJSONSchema `json:"properties,omitempty" yaml:"properties,omitempty"` // property names PropertyNames *SupportedJSONSchema `json:"propertyNames,omitempty" yaml:"propertyNames,omitempty"` // required Required []string `json:"required" yaml:"required"` // then Then *SupportedJSONSchema `json:"then,omitempty" yaml:"then,omitempty"` // any Type string `json:"type,omitempty" yaml:"type,omitempty"` // unique items UniqueItems bool `json:"uniqueItems,omitempty" yaml:"uniqueItems,omitempty"` }
SupportedJSONSchema supported JSON schema
swagger:model SupportedJSONSchema
func (*SupportedJSONSchema) ContextValidate ¶
ContextValidate validate this supported JSON schema based on the context it is used
func (*SupportedJSONSchema) MarshalBinary ¶
func (m *SupportedJSONSchema) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*SupportedJSONSchema) UnmarshalBinary ¶
func (m *SupportedJSONSchema) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
type UpdateClientDeveloperRequest ¶
type UpdateClientDeveloperRequest struct { // The client application type. // // Client applications can be either of a `web` or `native` types. // // Web applications include clients like server web applications or service apps. // // Native applications include single-page applications (SPAs) and mobile or desktop // applications. // // Apply security measures according to the type of your application. // Example: web ApplicationType string `json:"application_type,omitempty" yaml:"application_type,omitempty"` // An array of dynamically calculated application types that can be used for filtering // Example: ["single_page","server_web","mobile_desktop","service","legacy","dcr"] // Read Only: true ApplicationTypes []string `json:"application_types" yaml:"application_types"` // Identity of the intended recipients (the audience). // // Typically, the audience is a single resource server or a list of resource servers. // // It is considered a good practice to limit the audience of the token for security purposes. Audience []string `json:"audience" yaml:"audience"` // Authorization details types // // Indicates what authorization details types the client can use. AuthorizationDetailsTypes []AuthorizationDetailType `json:"authorization_details_types" yaml:"authorization_details_types"` // Algorithm used for encrypting authorization responses. // // If both signing and encryption are requested, the response is first signed, and then encrypted. // As a result, a Nested JWT is obtained, as defined in JWT [RFC7519]. // // If omitted, no encryption is applied by default. // Example: RSA-OAEP-256 // Enum: [RSA-OAEP RSA-OAEP-256] AuthorizationEncryptedResponseAlg string `json:"authorization_encrypted_response_alg,omitempty" yaml:"authorization_encrypted_response_alg,omitempty"` // Algorithm used for encrypting authorization responses. // // With `authorization_encrypted_response_alg` specified, the default value is `A128CBC-HS256`. // When `authorization_encrypted_response_enc` is included, `authorization_encrypted_response_alg` // MUST also be provided in a request. // Example: A128CBC-HS256 // Enum: [A256GCM A128CBC-HS256] AuthorizationEncryptedResponseEnc string `json:"authorization_encrypted_response_enc,omitempty" yaml:"authorization_encrypted_response_enc,omitempty"` // Algorithm used for signing authorization responses. // // With this parameter specified, the response is signed using JWS and according to the configured algorithm. // // `none` isn't allowed. // Example: RS256 AuthorizationSignedResponseAlg string `json:"authorization_signed_response_alg,omitempty" yaml:"authorization_signed_response_alg,omitempty"` // OPTIONAL. The JWS alg algorithm value used by the client application to sign authentication requests. // // When omitted, the client application doesn't send signed authentication requests. BackchannelAuthenticationRequestSigningAlg string `` /* 127-byte string literal not displayed */ // REQUIRED for requests when the client application uses CIBA as an authorization grant type, and the token // delivery mode is set to `ping` or `push`. // // This parameter is the endpoint where an OP (OpenID Provider) posts a notification after end-user authentication. // // Input: an HTTPS URL. BackchannelClientNotificationEndpoint string `json:"backchannel_client_notification_endpoint,omitempty" yaml:"backchannel_client_notification_endpoint,omitempty"` // REQUIRED for requests when the client application uses CIBA as an authorization grant type. // // Input: `poll`, `ping`, or `push`. BackchannelTokenDeliveryMode string `json:"backchannel_token_delivery_mode,omitempty" yaml:"backchannel_token_delivery_mode,omitempty"` // OPTIONAL. A boolean value indicating the `user_code` parameter support by the client application. // // If omitted, the default value is `false`. // // This applies only when the `backchannel_user_code_parameter_supported` OP parameter is `true`. BackchannelUserCodeParameter bool `json:"backchannel_user_code_parameter,omitempty" yaml:"backchannel_user_code_parameter,omitempty"` // The client identifier time of issue. // // The value is the number of seconds between 1970-01-01T00:00:00Z (UTC) and the date/time of issue. ClientIDIssuedAt int64 `json:"client_id_issued_at,omitempty" yaml:"client_id_issued_at,omitempty"` // Human-readable name of a client application. // Example: My app ClientName string `json:"client_name,omitempty" yaml:"client_name,omitempty"` // OAuth client secret // // If not provided, a random client secret is generated. // Min Length: 32 ClientSecret string `json:"client_secret,omitempty" yaml:"client_secret,omitempty"` // The client secret expiration time. // // If the client secret does not expire, `client_secret_expires_at` = `0`. ClientSecretExpiresAt int64 `json:"client_secret_expires_at,omitempty" yaml:"client_secret_expires_at,omitempty"` // URI of a client application. ClientURI string `json:"client_uri,omitempty" yaml:"client_uri,omitempty"` // Date when the client application was created. // Example: 2022-04-07T19:17:31.323187Z // Format: date-time CreatedAt strfmt.DateTime `json:"created_at,omitempty" yaml:"created_at,omitempty"` // Description of the client application. Description string `json:"description,omitempty" yaml:"description,omitempty"` // Boolean value specifying whether the client always uses DPoP for token requests // If true, the authorization server will reject token requests from this client that do not contain the DPoP header. DpopBoundAccessTokens bool `json:"dpop_bound_access_tokens,omitempty" yaml:"dpop_bound_access_tokens,omitempty"` // An array of allowed OAuth client grant types. // // The `grantTypes` array stores OAuth flows that are allowed for a given client application. // // [Read more](https://cloudentity.com/developers/basics/oauth-grant-types/grant-types-overview/) about grant types. // Example: ["password","refresh_token","client_credentials","implicit","authorization_code"] GrantTypes []string `json:"grant_types" yaml:"grant_types"` // An array of hashed rotated client secrets HashedRotatedSecrets []string `json:"hashed_rotated_secrets" yaml:"hashed_rotated_secrets"` // Hashed client secret // // Hashing client secrets provides additional security for your secrets storage as it hides // plaintext secrets from being viewed both in the UI and the database. HashedSecret string `json:"hashed_secret,omitempty" yaml:"hashed_secret,omitempty"` // JWE alg algorithm for encrypting the ID token issued to this client application. // Enum: [RSA-OAEP RSA-OAEP-256] IDTokenEncryptedResponseAlg string `json:"id_token_encrypted_response_alg,omitempty" yaml:"id_token_encrypted_response_alg,omitempty"` // JWE enc algorithm for encrypting the ID token issued to this client application. // Enum: [A256GCM A128CBC-HS256] IDTokenEncryptedResponseEnc string `json:"id_token_encrypted_response_enc,omitempty" yaml:"id_token_encrypted_response_enc,omitempty"` // Algorithm for signing ID tokens issued for a client application. // // The default value depends on authorization server configuration. // Example: ES256 // Enum: [RS256 ES256 PS256] IDTokenSignedResponseAlg string `json:"id_token_signed_response_alg,omitempty" yaml:"id_token_signed_response_alg,omitempty"` // An introspection endpoint authentication method configured for the client application (read-only). // // If empty, the `token_endpoint_auth_method` is used. // // Cloudentity supports the following client authentication methods: // `client_secret_basic`, `client_secret_post`, `client_secret_jwt`, `private_key_jwt`, // `self_signed_tls_client_auth`, `tls_client_auth`, `none`. // // [Read more](https://cloudentity.com/developers/basics/oauth-client-authentication/client-authentication-overview/) about client authentication. // Example: client_secret_basic // Enum: [client_secret_basic client_secret_post client_secret_jwt private_key_jwt self_signed_tls_client_auth tls_client_auth none] IntrospectionEndpointAuthMethod string `json:"introspection_endpoint_auth_method,omitempty" yaml:"introspection_endpoint_auth_method,omitempty"` // jwks Jwks *ClientJWKs `json:"jwks,omitempty" yaml:"jwks,omitempty"` // A URL of JSON Web Key Set with the public keys used by a client application to authenticate to Cloudentity. JwksURI string `json:"jwks_uri,omitempty" yaml:"jwks_uri,omitempty"` // Logo URI. LogoURI string `json:"logo_uri,omitempty" yaml:"logo_uri,omitempty"` // External organization identifier. It is a unique string assigned by the CDR Register to identify an Accredited // Data Recipient Brand. // // The value obtained is used as the `aud` claim for message signing, for example, when a JSON Web Token (JWT) is // required for authorization, and represents the audience(s) the JWT is intended for. // Example: 5647fe90-f6bc-11eb-9a03-0242ac130003 OrganisationID string `json:"organisation_id,omitempty" yaml:"organisation_id,omitempty"` // Policy URL to read about how the profile data is used. PolicyURI string `json:"policy_uri,omitempty" yaml:"policy_uri,omitempty"` // Array of URLs to which a relying party may request that the user be redirected after a logout has been performed. PostLogoutRedirectUris []string `json:"post_logout_redirect_uris" yaml:"post_logout_redirect_uris"` // privacy Privacy *ClientPrivacy `json:"privacy,omitempty" yaml:"privacy,omitempty"` // redirect uris RedirectUris RedirectURIs `json:"redirect_uris,omitempty" yaml:"redirect_uris,omitempty"` // Optional JWE alg algorithm the client is declaring that it may use for encrypting Request Objects // Example: RSA-OAEP // Enum: [RSA-OAEP RSA-OAEP-256] RequestObjectEncryptionAlg string `json:"request_object_encryption_alg,omitempty" yaml:"request_object_encryption_alg,omitempty"` // Optional JWE enc algorithm the client is declaring that it may use for encrypting Request Objects // When `request_object_encryption_enc` is included, `request_object_encryption_alg` MUST also be provided. // Example: A256GCM // Enum: [A256GCM A128CBC-HS256] RequestObjectEncryptionEnc string `json:"request_object_encryption_enc,omitempty" yaml:"request_object_encryption_enc,omitempty"` // Request object signing algorithm for the token endpoint // // Cloudentity supports signing tokens with the RS256, ES256, and PS256 algorithms. If you do not want // to use a signing algorithm, set the value of this parameter to `none`. // Example: none // Enum: [any none RS256 ES256 PS256] RequestObjectSigningAlg string `json:"request_object_signing_alg,omitempty" yaml:"request_object_signing_alg,omitempty"` // Array of absolute URIs that points to the Request Object that holds authorization request parameters. RequestUris []string `json:"request_uris" yaml:"request_uris"` // Boolean parameter indicating whether the only means of initiating an authorization request the client is allowed to use is PAR. RequirePushedAuthorizationRequests bool `json:"require_pushed_authorization_requests,omitempty" yaml:"require_pushed_authorization_requests,omitempty"` // response types ResponseTypes ResponseTypes `json:"response_types,omitempty" yaml:"response_types,omitempty"` // A revocation endpoint authentication method configured for the client application (read-only). // If empty, the `token_endpoint_auth_method` is used. // // Cloudentity supports the following client authentication methods: // `client_secret_basic`, `client_secret_post`, `client_secret_jwt`, `private_key_jwt`, // `self_signed_tls_client_auth`, `tls_client_auth`, `none`. // // [Read more](https://cloudentity.com/developers/basics/oauth-client-authentication/client-authentication-overview/) about client authentication. // Example: client_secret_basic // Enum: [client_secret_basic client_secret_post client_secret_jwt private_key_jwt self_signed_tls_client_auth tls_client_auth none] RevocationEndpointAuthMethod string `json:"revocation_endpoint_auth_method,omitempty" yaml:"revocation_endpoint_auth_method,omitempty"` // An array of rotated OAuth client secrets RotatedSecrets []string `json:"rotated_secrets" yaml:"rotated_secrets"` // Space-separated list of scopes for compatibility with the OAuth specification. // Example: email offline_access openid Scope string `json:"scope,omitempty" yaml:"scope,omitempty"` // An array of string represented scopes assigned to a client application // Example: ["email","offline_access","openid"] Scopes []string `json:"scopes" yaml:"scopes"` // OPTIONAL. [A URL using the HTTPS scheme](https://openid.net/specs/openid-connect-registration-1_0.html#SectorIdentifierValidation). // It must reference a JSON file with the array of `redirect_uri` values. // // Pass this parameter when you use multiple domains in your `redirect_uris` or need a mechanism to allow changes in // domain without affecting consumer consent. // // [Read more](https://openid.net/specs/openid-connect-core-1_0.html) SectorIdentifierURI string `json:"sector_identifier_uri,omitempty" yaml:"sector_identifier_uri,omitempty"` // Subject identifier type // // Stores information if the subject identifier is of the `public` or the `pairwise` type. // // Subject identifiers identify an end-user. They are locally unique and never reassigned within the Issuer, // and are intended to be consumed by client applications. There are two types // of subject identifiers: `public` and `pairwise`. // // For the `public` type, the value of the `sub` (subject) token claim is the same for all clients. // // For the `pairwise` type, a different `sub` (subject) token claim is provided for each client. // Using the `pairwise` subject identifier makes it impossible for client applications to correlate the end-user's // activity without their permission. // Example: public // Enum: [public pairwise] SubjectType string `json:"subject_type,omitempty" yaml:"subject_type,omitempty"` // A string containing the value of an expected dNSName SAN entry in the certificate. TLSClientAuthSanDNS string `json:"tls_client_auth_san_dns,omitempty" yaml:"tls_client_auth_san_dns,omitempty"` // A string containing the value of an expected rfc822Name SAN entry in the certificate. TLSClientAuthSanEmail string `json:"tls_client_auth_san_email,omitempty" yaml:"tls_client_auth_san_email,omitempty"` // A string representation of an IP address in either dotted decimal notation (for IPv4) or colon-delimited hexadecimal (for IPv6, as defined in [RFC5952]) that is expected to be present as an iPAddress SAN entry in the certificate. TLSClientAuthSanIP string `json:"tls_client_auth_san_ip,omitempty" yaml:"tls_client_auth_san_ip,omitempty"` // A string containing the value of an expected uniformResourceIdentifier SAN entry in the certificate. TLSClientAuthSanURI string `json:"tls_client_auth_san_uri,omitempty" yaml:"tls_client_auth_san_uri,omitempty"` // An [RFC4514] string representation of the expected subject distinguished name of the certificate. TLSClientAuthSubjectDn string `json:"tls_client_auth_subject_dn,omitempty" yaml:"tls_client_auth_subject_dn,omitempty"` // Boolean value indicating server support for mutual TLS client certificate-bound access tokens. If omitted, the default value is "false". TLSClientCertificateBoundAccessTokens bool `json:"tls_client_certificate_bound_access_tokens,omitempty" yaml:"tls_client_certificate_bound_access_tokens,omitempty"` // Token endpoint authentication method configured for a client application // // Cloudentity supports the following client authentication methods: // `client_secret_basic`, `client_secret_post`, `client_secret_jwt`, `private_key_jwt`, // `self_signed_tls_client_auth`, `tls_client_auth`, `none`. // // To learn more, go to the Authorization Basics > Client Authentication section of this guide. // Example: client_secret_basic // Enum: [client_secret_basic client_secret_post client_secret_jwt private_key_jwt self_signed_tls_client_auth tls_client_auth none] TokenEndpointAuthMethod string `json:"token_endpoint_auth_method,omitempty" yaml:"token_endpoint_auth_method,omitempty"` // Signing algorithm for the token endpoint // // This field is optional. If empty, a client can use any algorithm supported by the server (see `token_endpoint_auth_signing_alg_values_supported` in the well-known endpoing). // // If provided, depending on the server configuration, client can use of one: HS256, RS256, ES256, PS256 algorithms. // // If your token endpoint authentication is set to the `private_key_jwt` method, the // `token_endpoint_auth_signing_alg` parameter must be either RS256, ES256, or PS256. // // If your token endpoint authentication is set to the `client_secret_jwt` method, // the `token_endpoint_auth_signing_alg` parameter must be HS256. // Example: ES256 // Enum: [RS256 ES256 PS256 HS256 ] TokenEndpointAuthSigningAlg string `json:"token_endpoint_auth_signing_alg,omitempty" yaml:"token_endpoint_auth_signing_alg,omitempty"` // token exchange TokenExchange *ClientTokenExchangeConfiguration `json:"token_exchange,omitempty" yaml:"token_exchange,omitempty"` // Terms of Service URL. TosURI string `json:"tos_uri,omitempty" yaml:"tos_uri,omitempty"` // Date when the client application was updated. // Example: 2022-05-08T01:11:51.1262916Z // Format: date-time UpdatedAt strfmt.DateTime `json:"updated_at,omitempty" yaml:"updated_at,omitempty"` // JWS alg algorithm REQUIRED for signing UserInfo Responses. // // If specified, the response is a JWT serialized and signed with JWS. // // If omitted, then by default, UserInfo Response returns the Claims // as an UTF-8 encoded JSON object using the application/json content-type. // Example: none // Enum: [none RS256 ES256] UserinfoSignedResponseAlg string `json:"userinfo_signed_response_alg,omitempty" yaml:"userinfo_signed_response_alg,omitempty"` }
UpdateClientDeveloperRequest update client developer request
swagger:model UpdateClientDeveloperRequest
func (*UpdateClientDeveloperRequest) ContextValidate ¶
func (m *UpdateClientDeveloperRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error
ContextValidate validate this update client developer request based on the context it is used
func (*UpdateClientDeveloperRequest) MarshalBinary ¶
func (m *UpdateClientDeveloperRequest) MarshalBinary() ([]byte, error)
MarshalBinary interface implementation
func (*UpdateClientDeveloperRequest) UnmarshalBinary ¶
func (m *UpdateClientDeveloperRequest) UnmarshalBinary(b []byte) error
UnmarshalBinary interface implementation
Source Files ¶
- authorization_detail_type.go
- authorization_detail_with_service_developer_response.go
- client_developer_response.go
- client_j_w_k.go
- client_j_w_ks.go
- client_privacy.go
- client_token_exchange_configuration.go
- clients_for_developer.go
- create_client_developer_request.go
- developer_environment.go
- error.go
- get_server_developer_response.go
- get_server_with_scopes_developer_response.go
- list_servers_developer_response.go
- p_i_i_category.go
- redirect_u_r_is.go
- response_types.go
- rotate_client_secret_developer_response.go
- scope_privacy_information.go
- scope_with_service_developer_response.go
- supported_json_schema.go
- update_client_developer_request.go