IAM exposes the OpenID Connect/OAuth dynamic client registration functionality offered by the MitreID OpenID Connect server libraries.
In OAuth terminology, a client is an application or service that can interact with an authorisation server for authentication/authorization purposes.
A new client can be registered in the IAM in two ways:
- using the dynamic client registration API;
- via the IAM dashboard (which simply acts as a client to the API mentioned above).
Registering a client using the dashboard
Log into the service and click on the MitreID dashboard link on the left navigation bar:
From the MitreID dashboard, select Client registration:
And then click on New client:
A form will open that enable you to configure your client:
The minimum information you have to provide is:
- client name: choose a name for your client
- Redirect URI(s): one or more redirect URIs for your client; these are required if you choose to enable the authorization code flow;
Remember to select the
offline_access scope from the Access tab if you
want to request refresh tokens for the client being created:
You can then click the "Save" button at the bottom of the page:
IAM will then generate client credentials for your client and other information that will be displayed as follows:
The JSON tab provides client information in JSON:
Select the content of the text area and paste it in a local file, for future reference.
The JSON file contains the client secret and the registration access token, which can be used later to change the client configuration or to delete the client.