Information about a client application. More...
Properties | |
| string | Developer [get, set] |
| The unique ID of the developer of this client application. More... | |
| long | ClientId [get, set] |
The client ID which is expected to be used as the value of the "client_id" request parameter of authorization requests and token requests. More... | |
| string | ClientIdAlias [get, set] |
| The alias of the client ID. More... | |
| bool | IsClientIdAliasEnabled [get, set] |
| The flag which indicates whether the client ID alias is enabled or not. More... | |
| string | ClientSecret [get, set] |
The client secret which is expected to be used as the value of the "client_secret" request parameter of token requests. More... | |
| ClientType | ClientType [get, set] |
The client type, either ClientType.PUBLIC or ClientType.CONFIDENTIAL. The definition of "Client Type" is described in 2.1. Client Types of RFC 6749. More... | |
| string[] | RedirectUris [get, set] |
| Redirect URIs. See 3.1.2. Redirection Endpoint of RFC 6749. More... | |
| ResponseType[] | ResponseTypes [get, set] |
The "response_type" values that this client application is declaring that it will restrict itself to using. This property corresponds to the "response_types" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| GrantType[] | GrantTypes [get, set] |
The "grant_type" values that this client application is declaring that it will restrict itself to using. This property corresponds to the "grant_types" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| ApplicationType | ApplicationType [get, set] |
The application type of this client application. WEB, NATIVE or null. This property corresponds to the "application_type" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| string[] | Contacts [get, set] |
The email addresses of contacts for this client application. This property corresponds to the "contacts" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| string | ClientName [get, set] |
The name of this client application. This property corresponds to the "client_name" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| TaggedValue[] | ClientNames [get, set] |
| Localized names of this client application. More... | |
| Uri | LogoUri [get, set] |
The URI of the logo image of this client application. This property corresponds to the "logo_uri" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| TaggedValue[] | LogoUris [get, set] |
| URIs of localized logo images of this client application. More... | |
| Uri | ClientUri [get, set] |
The URI of the home page of this client application. This property corresponds to the "client_uri" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| TaggedValue[] | ClientUris [get, set] |
| URIs of localized home pages of this client application. More... | |
| Uri | PolicyUri [get, set] |
The URI of the policy page which describes how this client application uses the profile data of the end-user. This property corresponds to the "policy_uri" defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| TaggedValue[] | PolicyUris [get, set] |
| URIs of localized policy pages of this client application. More... | |
| Uri | TosUri [get, set] |
The URI of the "Terms Of Service" page of this client application. This property corresponds to the "tos_uri" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| TaggedValue[] | TosUris [get, set] |
| URIs of localized "Terms Of Service" pages of this client application. More... | |
| Uri | JwksUri [get, set] |
The URI of the JSON Web Key Set of this client application. This property corresponds to the "jwks_uri" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| String | Jwks [get, set] |
The JSON Web Key Set of this client application. This property corresponds to the "jwks" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| String | DerivedSectorIdentifier [get, set] |
The sector identifier host component as derived from either the sector_identifier_uri or the registered redirect_uri. If no sector_identifier_uri is registered and multiple redirect URIs are registered, this value is undefined and this property holds null. More... | |
| Uri | SectorIdentifierUri [get, set] |
The sector identifier URI. This property corresponds to the "sector_identifier_uri" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. See 5. "sector_identifier_uri" Validation of OpenID Connect Dynamic Client Registration 1.0 for details. More... | |
| SubjectType | SubjectType [get, set] |
The subject type. This property corresponds to the "subject_type" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. See 8. Subject Identifier Types of OpenID Connect Core 1.0 for details. More... | |
| JWSAlg | IdTokenSignAlg [get, set] |
The JWS "alg" algorithm for signing ID tokens issued to this client application. This property corresponds to the "id_token_signed_response_alg" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| JWEAlg | IdTokenEncryptionAlg [get, set] |
The JWE "alg" algorithm for encrypting ID tokens issued to this client application. This property corresponds to the "id_token_encrypted_response_alg" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| JWEEnc | IdTokenEncryptionEnc [get, set] |
The JWE "enc" algorithm for encrypting ID tokens issued to this client application. This property corresponds to the "id_token_encrypted_response_enc" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| JWSAlg | UserInfoSignAlg [get, set] |
The JWS "alg" algorithm for signing UserInfo responses. This property corresponds to the "userinfo_signed_response_alg" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| JWEAlg | UserInfoEncryptionAlg [get, set] |
The JWE "alg" algorithm for encrypting UserInfo responses. This property corresponds to the "userinfo_encrypted_response_alg" metadata defined in 2. Client Metadata in OpenID Connect Dynamic Client Registration 1.0. More... | |
| JWEEnc | UserInfoEncryptionEnc [get, set] |
The JWE "enc" algorithm for encrypting UserInfo responses. This property corresponds to the "userinfo_encrypted_response_enc" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| JWSAlg | RequestSignAlg [get, set] |
The JWS "alg" algorithm for signing request objects. This property corresponds to the "request_object_signing_alg" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| JWEAlg | RequestEncryptionAlg [get, set] |
The JWE "alg" algorithm for encrypting request objects. This property corresponds to the "request_object_encryption_alg" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| JWEEnc | RequestEncryptionEnc [get, set] |
The JWE "enc" algorithm for encrypting request objects. This property corresponds to the "request_object_encryption_enc" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| ClientAuthMethod | TokenAuthMethod [get, set] |
The client authentication method for the token endpoint. This property corresponds to the "token_endpoint_auth_method" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| JWSAlg | TokenAuthSignAlg [get, set] |
The JWS "alg" algorithm for signing the JWT used to authenticate the client at the token endpoint. This property corresponds to the "token_endpoint_auth_signing_alg" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| int | DefaultMaxAge [get, set] |
The default value of the maximum authentication age in seconds. This property corresponds to the "default_max_age" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| bool | IsAuthTimeRequired [get, set] |
The flag which indicates whether this client requires "auth_time" claim to be embedded in ID tokens. This property corresponds to the "require_auth_time" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| string[] | DefaultAcrs [get, set] |
The default list of Authentication Context Class References. This property corresponds to the "default_acr_values" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| Uri | LoginUri [get, set] |
The URL that can initiate a login for this client application. This property corresponds to the "initiate_login_uri" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| string[] | RequestUris [get, set] |
The request URIs that this client declares it may use. This property corresponds to the "request_uris" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. More... | |
| string | Description [get, set] |
| The description about this client application. More... | |
| TaggedValue[] | Descriptions [get, set] |
| Localized descriptions of this client application. More... | |
| long | CreatedAt [get, set] |
| The time at which this client was created. The value is represented as milliseconds since the Unix epoch (1970-Jan-1). More... | |
| long | ModifiedAt [get, set] |
| The time at which this client was last modified. The value is represented as milliseconds since the Unix epoch (1970-Jan-1). More... | |
| ClientExtension | Extension [get, set] |
| The extended information about this client application. More... | |
| string | TlsClientAuthSubjectDn [get, set] |
The string representation of the expected subject distinguished name of the certificate this client will use in mutual TLS authentication. See "tls_client_auth_subject_dn" in 2.3. Dynamic Client Registration in Mutual TLS Profile for OAuth Clients for details. More... | |
| string | TlsClientAuthSanDns [get, set] |
| The string representation of the expected DNS subject alternative name of the certificate this client will use in mutual TLS authentication. More... | |
| Uri | TlsClientAuthSanUri [get, set] |
| The string representation of the expected URI subject alternative name of the certificate this client will use in mutual TLS authentication. More... | |
| string | TlsClientAuthSanIp [get, set] |
| The string representation of the expected IP address subject alternative name of the certificate this client will use in mutual TLS authentication. More... | |
| string | TlsClientAuthSanEmail [get, set] |
| The string representation of the expected email address subject alternative name of the certificate this client will use in mutual TLS authentication. More... | |
| bool | IsTlsClientCertificateBoundAccessTokens [get, set] |
| The flag which indicates whether this client uses "client certificate bound access tokens". More... | |
| string | SelfSignedCertificateKeyId [get, set] |
| The key ID of a JWK containing a self-signed certificate of this client application. More... | |
| string | SoftwareId [get, set] |
| The unique identifier string assigned by the client developer or software publisher used by registration endpoints to identify the client software to be dynamically registered. More... | |
| string | SoftwareVersion [get, set] |
| The version identifier string for the client software identified by the software ID. More... | |
| JWSAlg | AuthorizationSignAlg [get, set] |
The JWS "alg" algorithm for signing authorization responses. This property corresponds to the "authorization_signed_response_alg" in 5. Client Metadata of Financial-grade API: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM). More... | |
| JWEAlg | AuthorizationEncryptionAlg [get, set] |
The JWE "alg" algorithm for encrypting authorization responses. This property corresponds to the "authorization_encrypted_response_alg" in 5. Client Metadata of Financial-grade API: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM). More... | |
| JWEEnc | AuthorizationEncryptionEnc [get, set] |
The JWE "enc" algorithm for encrypting authorization responses. This property corresponds to the "authorization_encrypted_response_enc" in 5. Client Metadata of Financial-grade API: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM). More... | |
| DeliveryMode | BcDeliveryMode [get, set] |
The backchannel token delivery mode. This property corresponds to the backchannel_token_delivery_mode metadata. More... | |
| Uri | BcNotificationEndpoint [get, set] |
The backchannel client notification endpoint. This property corresponds to the backchannel_client_notification_endpoint metadata. More... | |
| JWSAlg | BcRequestSignAlg [get, set] |
The signature algorithm of the request to the backchannel authentication endpoint. This property corresponds to the backchannel_authentication_request_signing_alg metadata. More... | |
| bool | IsBcUserCodeRequired [get, set] |
The boolean flag which indicates whether a user code is required when this client makes a backchannel authentication request. This property corresponds to the backchannel_user_code_parameter metadata. More... | |
| bool | IsDynamicallyRegistered [get, set] |
| The boolean flag which indicates whether this client has been registered dynamically. More... | |
| string | RegistrationAccessTokenHash [get, set] |
| The hash of the registration access token for this client. More... | |
| string[] | AuthorizationDataTypes [get, set] |
The data types that this client may use as values of the type field in authorization_details. This property corresponds to the authorization_data_types client metadata defined in "OAuth 2.0 Rich Authorization Requests" (RAR). More... | |
| bool | IsParRequired [get, set] |
The boolean flag which indicates whether this client is required to use PAR (Pushed Authorization Request). This property corresponds to the require_pushed_authorization_requests client metadata defined in "OAuth 2.0 Pushed Authorization Requests" (PAR). More... | |
| bool | IsRequestObjectRequired [get, set] |
The boolean flag which indicates whether authorization requests from this client are always required to utilize a request object by using either request or request_uri request parameter. More... | |
Information about a client application.
Some properties correspond to the ones listed in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
The application type of this client application. WEB, NATIVE or null. This property corresponds to the "application_type" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
The data types that this client may use as values of the type field in authorization_details. This property corresponds to the authorization_data_types client metadata defined in "OAuth 2.0 Rich Authorization Requests" (RAR).
Since version 1.4.0.
|
getset |
The JWE "alg" algorithm for encrypting authorization responses. This property corresponds to the "authorization_encrypted_response_alg" in 5. Client Metadata of Financial-grade API: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM).
Since version 1.2.0.
|
getset |
The JWE "enc" algorithm for encrypting authorization responses. This property corresponds to the "authorization_encrypted_response_enc" in 5. Client Metadata of Financial-grade API: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM).
Since version 1.2.0.
|
getset |
The JWS "alg" algorithm for signing authorization responses. This property corresponds to the "authorization_signed_response_alg" in 5. Client Metadata of Financial-grade API: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM).
Since version 1.2.0.
|
getset |
The backchannel token delivery mode. This property corresponds to the backchannel_token_delivery_mode metadata.
The backchannel token delivery mode is defined in the specification of CIBA (Client Initiated Backchannel Authentication).
Since version 1.3.0.
|
getset |
The backchannel client notification endpoint. This property corresponds to the backchannel_client_notification_endpoint metadata.
The backchannel client notification endpoint is defined in the specification of CIBA (Client Initiated Backchannel Authentication).
Since version 1.3.0.
|
getset |
The signature algorithm of the request to the backchannel authentication endpoint. This property corresponds to the backchannel_authentication_request_signing_alg metadata.
The specification of CIBA (Client Initiated Backchannel Authentication) allows asymmetric algorithms only.
Since version 1.3.0.
|
getset |
The client ID which is expected to be used as the value of the "client_id" request parameter of authorization requests and token requests.
|
getset |
The alias of the client ID.
Note that the client ID alias is recognized only when this client's IsClientIdAliasEnabled property is true AND the Service's IsClientIdAliasEnabled property is also true.
|
getset |
The name of this client application. This property corresponds to the "client_name" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
Localized names of this client application.
|
getset |
The client secret which is expected to be used as the value of the "client_secret" request parameter of token requests.
|
getset |
The client type, either ClientType.PUBLIC or ClientType.CONFIDENTIAL. The definition of "Client Type" is described in 2.1. Client Types of RFC 6749.
|
getset |
The URI of the home page of this client application. This property corresponds to the "client_uri" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
URIs of localized home pages of this client application.
|
getset |
The email addresses of contacts for this client application. This property corresponds to the "contacts" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
The time at which this client was created. The value is represented as milliseconds since the Unix epoch (1970-Jan-1).
|
getset |
The default list of Authentication Context Class References. This property corresponds to the "default_acr_values" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
The default value of the maximum authentication age in seconds. This property corresponds to the "default_max_age" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
The sector identifier host component as derived from either the sector_identifier_uri or the registered redirect_uri. If no sector_identifier_uri is registered and multiple redirect URIs are registered, this value is undefined and this property holds null.
See 8.1. Pairwise Identifier Algorithm of OpenID Connect Core 1.0 for details.
Since version 1.4.0.
|
getset |
The description about this client application.
|
getset |
Localized descriptions of this client application.
|
getset |
The unique ID of the developer of this client application.
|
getset |
The extended information about this client application.
|
getset |
The "grant_type" values that this client application is declaring that it will restrict itself to using. This property corresponds to the "grant_types" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
The JWE "alg" algorithm for encrypting ID tokens issued to this client application. This property corresponds to the "id_token_encrypted_response_alg" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
The JWE "enc" algorithm for encrypting ID tokens issued to this client application. This property corresponds to the "id_token_encrypted_response_enc" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
The JWS "alg" algorithm for signing ID tokens issued to this client application. This property corresponds to the "id_token_signed_response_alg" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
The flag which indicates whether this client requires "auth_time" claim to be embedded in ID tokens. This property corresponds to the "require_auth_time" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
The boolean flag which indicates whether a user code is required when this client makes a backchannel authentication request. This property corresponds to the backchannel_user_code_parameter metadata.
Since version 1.3.0.
|
getset |
The flag which indicates whether the client ID alias is enabled or not.
Note that Service class also has IsClientIdAliasEnabled property. If the service's IsClientIdAliasEnabled property is false, the client ID alias of this client is not recognized even if this client's IsClientIdAliasEnabled property is true.
|
getset |
The boolean flag which indicates whether this client has been registered dynamically.
Since version 1.4.0.
|
getset |
The boolean flag which indicates whether this client is required to use PAR (Pushed Authorization Request). This property corresponds to the require_pushed_authorization_requests client metadata defined in "OAuth 2.0 Pushed Authorization Requests" (PAR).
Since version 1.4.0.
|
getset |
The boolean flag which indicates whether authorization requests from this client are always required to utilize a request object by using either request or request_uri request parameter.
If this property is true and the service's IsTraditionalRequestObjectProcessingApplied property is false, authorization requests from this client are processed as if require_signed_request_object client metadata of this client is true. The metadata is defined in JAR (JWT Secured Authorization Request).
Since version 1.5.0.
|
getset |
The flag which indicates whether this client uses "client certificate bound access tokens".
If this property is true (and if the service supports "client certificate bound access tokens"), this client must present its client certificate (1) when it makes token requests to the authorization server and (2) when it makes API calls to the resource server.
Since version 1.1.0.
|
getset |
The JSON Web Key Set of this client application. This property corresponds to the "jwks" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
The URI of the JSON Web Key Set of this client application. This property corresponds to the "jwks_uri" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
The URL that can initiate a login for this client application. This property corresponds to the "initiate_login_uri" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
The URI of the logo image of this client application. This property corresponds to the "logo_uri" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
URIs of localized logo images of this client application.
|
getset |
The time at which this client was last modified. The value is represented as milliseconds since the Unix epoch (1970-Jan-1).
|
getset |
The URI of the policy page which describes how this client application uses the profile data of the end-user. This property corresponds to the "policy_uri" defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
URIs of localized policy pages of this client application.
|
getset |
Redirect URIs. See 3.1.2. Redirection Endpoint of RFC 6749.
|
getset |
The hash of the registration access token for this client.
Since version 1.4.0.
|
getset |
The JWE "alg" algorithm for encrypting request objects. This property corresponds to the "request_object_encryption_alg" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
The JWE "enc" algorithm for encrypting request objects. This property corresponds to the "request_object_encryption_enc" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
The JWS "alg" algorithm for signing request objects. This property corresponds to the "request_object_signing_alg" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
The request URIs that this client declares it may use. This property corresponds to the "request_uris" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
The "response_type" values that this client application is declaring that it will restrict itself to using. This property corresponds to the "response_types" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
The sector identifier URI. This property corresponds to the "sector_identifier_uri" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. See 5. "sector_identifier_uri" Validation of OpenID Connect Dynamic Client Registration 1.0 for details.
|
getset |
The key ID of a JWK containing a self-signed certificate of this client application.
See "2.2. Self-Signed Certificate Mutual TLS OAuth Client Authentication Method" in "OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access Tokens" for details.
Since version 1.1.0.
|
getset |
The unique identifier string assigned by the client developer or software publisher used by registration endpoints to identify the client software to be dynamically registered.
This property corresponds to the software_id metadata defined in 2. Client Metadata of RFC 7591 (OAuth 2.0 Dynamic Client Registration Protocol).
Since version 1.2.0.
|
getset |
The version identifier string for the client software identified by the software ID.
This property corresponds to the software_version metadata defined in 2. Client Metadata of RFC 7591 (OAuth 2.0 Dynamic Client Registration Protocol).
Since version 1.2.0.
|
getset |
The subject type. This property corresponds to the "subject_type" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0. See 8. Subject Identifier Types of OpenID Connect Core 1.0 for details.
|
getset |
The string representation of the expected DNS subject alternative name of the certificate this client will use in mutual TLS authentication.
See tls_client_auth_san_dns in "2.3. Dynamic
Client Registration" in "Mutual TLS Profiles for OAuth
Clients" for details.
Since version 1.3.0.
|
getset |
The string representation of the expected email address subject alternative name of the certificate this client will use in mutual TLS authentication.
See tls_client_auth_san_email in "2.3. Dynamic
Client Registration" in "Mutual TLS Profiles for OAuth
Clients" for details.
Since version 1.3.0.
|
getset |
The string representation of the expected IP address subject alternative name of the certificate this client will use in mutual TLS authentication.
See tls_client_auth_san_ip in "2.3. Dynamic
Client Registration" in "Mutual TLS Profiles for OAuth
Clients" for details.
Since version 1.3.0.
|
getset |
The string representation of the expected URI subject alternative name of the certificate this client will use in mutual TLS authentication.
See tls_client_auth_san_uri in "2.3. Dynamic
Client Registration" in "Mutual TLS Profiles for OAuth
Clients" for details.
Since version 1.3.0.
|
getset |
The string representation of the expected subject distinguished name of the certificate this client will use in mutual TLS authentication. See "tls_client_auth_subject_dn" in 2.3. Dynamic Client Registration in Mutual TLS Profile for OAuth Clients for details.
|
getset |
The client authentication method for the token endpoint. This property corresponds to the "token_endpoint_auth_method" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
The JWS "alg" algorithm for signing the JWT used to authenticate the client at the token endpoint. This property corresponds to the "token_endpoint_auth_signing_alg" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
The URI of the "Terms Of Service" page of this client application. This property corresponds to the "tos_uri" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
URIs of localized "Terms Of Service" pages of this client application.
|
getset |
The JWE "alg" algorithm for encrypting UserInfo responses. This property corresponds to the "userinfo_encrypted_response_alg" metadata defined in 2. Client Metadata in OpenID Connect Dynamic Client Registration 1.0.
|
getset |
The JWE "enc" algorithm for encrypting UserInfo responses. This property corresponds to the "userinfo_encrypted_response_enc" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
|
getset |
The JWS "alg" algorithm for signing UserInfo responses. This property corresponds to the "userinfo_signed_response_alg" metadata defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
1.8.18