Client definition

This document covers the interface that is provided by the OAuth/OIDC main objects. The main objects are
the definition (also known as, federation or provider) and the client (also known as partner or relying party) configuration.

1. Definition

This object represents a definition.

Return Type	Method	Description
string	getDefinitionId()	Return definition ID.
string	getDefinitionName()	Return definition name.
string[]	getSupportedAuthorizationGrants()	Return list of supported grant type.
Boolean	issueRefreshToken()	Verify whether the `refresh_token` grant type is enabled.
integer	getAccessTokenLifetime()	Return access token life time.
integer	getAuthorizationCodeLifetime()	Return authorization code life time.
integer	getRefreshTokenLifetime()	Return refresh token life time.
Boolean	enforceSingleAccessTokenPerGrant()	Verify whether single access token per grant needs to be enforced.
Boolean	enforceSingleUseAuthorizationGrant()	Verify whether single use access token need to be enforced.
Boolean	enableMultipleRefreshTokensForFaultTolerance()	Verify whether `multiple refresh tokens for fault tolerance` is enabled.
Boolean	pinEnabled()	Verify whether during the exchange of refresh token requires pin.
integer	getPinLength()	Return pin length.
string	getTCMBehavior()	Return consent prompt mode.
OidcDefinition	getOidc()	Return specific OIDC configuration.

1.1 Oidc definition

Return Type	Method	Description
Boolean	isOidc()	Verify whether OIDC flag is enabled.
string	getIss()	Return issuer.
string	getPoc()	Return point of contact information.
integer	getLifetime()	Return ID token life time.
string	getAlg()	Return ID token signing algorithm.
string	getDb()	Return private keystore used to sign the ID token.
string	getCert()	Return private key label used to sign the ID token.
string	getEncAlg()	Return key encryption algorithm used to encrypt ID token.
string	getEncEnc()	Return content encryption algorithm used to encrypt ID token.
Boolean	dynamicClientsEnabled()	Verify whether dynamic client endpoint is enabled.
Boolean	dynamicClientIssueSecret()	Verify whether dynamic client issues a client secret.
Boolean	getOidcCompliant()	Verify whether OIDC-compliant flag is enabled.
Boolean	getFapiCompliant()	Verify whether FAPI-compliant flag is enabled.

2. Client

This object represents a client.

Return Type	Method	Description	Arguments
string	getClientId()	Get client identifier.
string	getClientSecret()	Get client secret.
string	getDisplayName()	Get client name.
string[]	getRedirectUris()	Get registered redirect URIs.
Boolean	isConfidential()	Verify whether it is a confidential client.
Boolean	isRequirePkce()	Verify whether PKCE is needed for this client.
string	getJwksUri()	Return the jwks URI for this client.
object	getJwks()	Return the jwks document associated with this client.
string	getEncryptionDb()	Return the keystore of asymmetric key that is used for encrypting id_token.
string	getEncryptionCert()	Return the key label of asymmetric key that is used for encrypting id_token.
string	getCompanyName()	Return company name metadata associate with this client.
string	getCompanyUrl()	Return company url metadata associate with this client.
string	getContactPerson()	Return contact person metadata associate with this client.
string	getEmailAddress()	Return email address metadata associate with this client.
string	getPhoneNumber()	Return phone number metadata associate with this client.
string	getContactType()	Return contact type metadata associate with this client.
string	getOtherInfo()	Return other information metadata associate with this client.
any	getExtendedData(name)	Return other extended property of this client, based on specified name.	string