- configuration - Process Entity Configuration Request
- registration - Process Federation Registration Request
This API gathers the federation configuration about a service.
The authorization server implementation should
retrieve the value of the action
response parameter from the API response and take the following steps
according to the value.
require 'authlete_ruby_sdk'
Models = ::Authlete::Models
s = ::Authlete::Client.new(
bearer: '<YOUR_BEARER_TOKEN_HERE>'
)
res = s.federation.configuration(service_id: '<id>')
unless res.federation_configuration_response.nil?
# handle response
end| Parameter | Type | Required | Description |
|---|---|---|---|
service_id |
::String | ✔️ | A service ID. |
request_body |
T.nilable(Models::Operations::FederationConfigurationApiRequestBody) | ➖ | N/A |
T.nilable(Models::Operations::FederationConfigurationApiResponse)
| Error Type | Status Code | Content Type |
|---|---|---|
| Models::Errors::ResultError | 400, 401, 403 | application/json |
| Models::Errors::ResultError | 500 | application/json |
| Errors::APIError | 4XX, 5XX | */* |
The Authlete API is for implementations of the federation registration
endpoint that accepts "explicit client registration". Its details are
defined in OpenID Connect Federation 1.0.
The endpoint accepts POST requests whose Content-Type
is either of the following.
application/entity-statement+jwt-application/trust-chain+jsonWhen theContent-Typeof a request isapplication/entity-statement+jwt, the content of the request is the entity configuration of a relying party that is to be registered. In this case, the implementation of the federation registration endpoint should call Authlete's/federation/registrationAPI with the entity configuration set to theentityConfigurationrequest parameter. On the other hand, when theContent-Typeof a request isapplication/trust-chain+json, the content of the request is a JSON array that contains entity statements in JWT format. The sequence of the entity statements composes the trust chain of a relying party that is to be registered. In this case, the implementation of the federation registration endpoint should call Authlete's/federation/registrationAPI with the trust chain set to thetrustChainrequest parameter.
require 'authlete_ruby_sdk'
Models = ::Authlete::Models
s = ::Authlete::Client.new(
bearer: '<YOUR_BEARER_TOKEN_HERE>'
)
res = s.federation.registration(service_id: '<id>', federation_registration_request: Models::Components::FederationRegistrationRequest.new)
unless res.federation_registration_response.nil?
# handle response
end| Parameter | Type | Required | Description |
|---|---|---|---|
service_id |
::String | ✔️ | A service ID. |
federation_registration_request |
Models::Components::FederationRegistrationRequest | ✔️ | N/A |
T.nilable(Models::Operations::FederationRegistrationApiResponse)
| Error Type | Status Code | Content Type |
|---|---|---|
| Models::Errors::ResultError | 400, 401, 403 | application/json |
| Models::Errors::ResultError | 500 | application/json |
| Errors::APIError | 4XX, 5XX | */* |