Skip to content

OpenIdConnectApplicationSettingsClient.md

Latest commit

 

History

History
57 lines (48 loc) · 7.14 KB

OpenIdConnectApplicationSettingsClient.md

File metadata and controls

57 lines (48 loc) · 7.14 KB

OpenIdConnectApplicationSettingsClient

Properties

Name Type Description Notes
application_type OpenIdConnectApplicationType [optional]
backchannel_authentication_request_signing_alg str The signing algorithm for Client-Initiated Backchannel Authentication (CIBA) signed requests using JWT. If this value isn't set and a JWT-signed request is sent, the request fails. > Note: This property appears for clients with `urn:openid:params:grant-type:ciba` defined as one of the `grant_types`. [optional]
backchannel_custom_authenticator_id str The ID of the custom authenticator that authenticates the user > Note: This property appears for clients with `urn:openid:params:grant-type:ciba` defined as one of the `grant_types`. [optional]
backchannel_token_delivery_mode str The delivery mode for Client-Initiated Backchannel Authentication (CIBA). Currently, only `poll` is supported. > Note: This property appears for clients with `urn:openid:params:grant-type:ciba` defined as one of the `grant_types`. [optional]
client_uri str URL string of a web page providing information about the client [optional]
consent_method OpenIdConnectApplicationConsentMethod [optional] [default to OpenIdConnectApplicationConsentMethod.TRUSTED]
dpop_bound_access_tokens bool Indicates that the client application uses Demonstrating Proof-of-Possession (DPoP) for token requests. If `true`, the authorization server rejects token requests from this client that don't contain the DPoP header. > Note: If `dpop_bound_access_tokens` is true, then `client_credentials` and `implicit` aren't allowed in `grant_types`. [optional] [default to False]
frontchannel_logout_session_required bool <x-lifecycle-container><x-lifecycle class=&quot;ea&quot;></x-lifecycle> <x-lifecycle class=&quot;oie&quot;></x-lifecycle></x-lifecycle-container>Determines whether Okta sends `sid` and `iss` in the logout request [optional]
frontchannel_logout_uri str <x-lifecycle-container><x-lifecycle class=&quot;ea&quot;></x-lifecycle> <x-lifecycle class=&quot;oie&quot;></x-lifecycle></x-lifecycle-container>URL where Okta sends the logout request [optional]
grant_types List[GrantType]
id_token_encrypted_response_alg IdTokenKeyEncryptionAlgorithm [optional]
idp_initiated_login OpenIdConnectApplicationIdpInitiatedLogin [optional]
initiate_login_uri str URL string that a third party can use to initiate the sign-in flow by the client [optional]
issuer_mode OpenIdConnectApplicationIssuerMode [optional]
jwks OpenIdConnectApplicationSettingsClientKeys [optional]
jwks_uri str URL string that references a JSON Web Key Set for validating JWTs presented to Okta or for encrypting ID tokens minted by Okta for the client [optional]
logo_uri str The URL string that references a logo for the client. This logo appears on the client tile in the End-User Dashboard. It also appears on the client consent dialog during the client consent flow. [optional]
network OpenIdConnectApplicationNetwork [optional]
participate_slo bool <x-lifecycle-container><x-lifecycle class=&quot;ea&quot;></x-lifecycle> <x-lifecycle class=&quot;oie&quot;></x-lifecycle></x-lifecycle-container>Allows the app to participate in front-channel Single Logout > Note: You can only enable `participate_slo` for `web` and `browser` application types (`application_type`). [optional]
policy_uri str URL string of a web page providing the client's policy document [optional]
post_logout_redirect_uris List[str] Array of redirection URI strings for relying party-initiated logouts [optional]
redirect_uris List[str] Array of redirection URI strings for use in redirect-based flows. > Note: At least one `redirect_uris` and `response_types` are required for all client types, with exceptions: if the client uses the Resource Owner Password flow (`grant_types` contains `password`) or Client Credentialsflow (`grant_types` contains `client_credentials`), then no `redirect_uris` or `response_types` is necessary. In these cases, you can pass either null or an empty array for these attributes. [optional]
refresh_token OpenIdConnectApplicationSettingsRefreshToken [optional]
request_object_signing_alg str The type of JSON Web Key Set (JWKS) algorithm that must be used for signing request objects [optional]
response_types List[OAuthResponseType] Array of OAuth 2.0 response type strings [optional]
sector_identifier_uri str The sector identifier used for pairwise `subject_type`. See OIDC Pairwise Identifier Algorithm [optional]
subject_type str Type of the subject [optional]
tos_uri str URL string of a web page providing the client's terms of service document [optional]
wildcard_redirect str Indicates if the client is allowed to use wildcard matching of `redirect_uris` [optional]

Example

from okta.models.open_id_connect_application_settings_client import OpenIdConnectApplicationSettingsClient

# TODO update the JSON string below
json = "{}"
# create an instance of OpenIdConnectApplicationSettingsClient from a JSON string
open_id_connect_application_settings_client_instance = OpenIdConnectApplicationSettingsClient.from_json(json)
# print the JSON string representation of the object
print(OpenIdConnectApplicationSettingsClient.to_json())

# convert the object into a dict
open_id_connect_application_settings_client_dict = open_id_connect_application_settings_client_instance.to_dict()
# create an instance of OpenIdConnectApplicationSettingsClient from a dict
open_id_connect_application_settings_client_from_dict = OpenIdConnectApplicationSettingsClient.from_dict(open_id_connect_application_settings_client_dict)

[Back to Model list] [Back to API list] [Back to README]