- Generated by
1.8.18
|
Authlete
|
Request to Authlete's /api/auth/token/update API.
More...
Properties | |
| string | AccessToken [get, set] |
| An access token to be updated. More... | |
| long | AccessTokenExpiresAt [get, set] |
A new date at which the acces token will expire. The value needs to be expressed in milliseconds since the Unix epoch (1970-Jan-1). If 0 or a negative value is given, the expiration date of the access token is not changed. More... | |
| string[] | Scopes [get, set] |
A new set of scopes assigned to the access token. If null is given, the scope set associated with the access token is not changed. More... | |
| Property[] | Properties [get, set] |
A new set of properties assigned to the access token. If null is given, the property set associated with the access token is not changed. More... | |
| bool | IsAccessTokenExpiresAtUpdatedOnScopeUpdate [get, set] |
The flag which indicates whether /api/auth/token/update API attempts to update the expiration date of the access token when the scopes linked to the access token are changed by this request. More... | |
| bool | IsAccessTokenPersistent [get, set] |
| The flag which indicates whether the access token expires or not. More... | |
| string | AccessTokenHash [get, set] |
| The hash of the access token value. More... | |
| bool | IsAccessTokenValueUpdated [get, set] |
| The flag which indicates whether to update the value of the access token in the data store. More... | |
| string | CertificateThumbprint [get, set] |
| The thumbprint of the client certificate bound to the token. If this property is set, a certificate whose thumbprint matches the value must be presented with the access token when it is used by a client. More... | |
| string | DpopKeyThumbprint [get, set] |
| The thumbprint of the public key used for DPoP presentation of the token. If this property is set, a DPoP proof JWT signed with the corresponding private key must be presented with the access token when it is used by a client. More... | |
Request to Authlete's /api/auth/token/update API.
|
getset |
An access token to be updated.
|
getset |
A new date at which the acces token will expire. The value needs to be expressed in milliseconds since the Unix epoch (1970-Jan-1). If 0 or a negative value is given, the expiration date of the access token is not changed.
|
getset |
The hash of the access token value.
Used when the hash of the token is known (perhaps from lookup) but the value of the token itself is not. The value of the accessToken parameter takes precedence.
Since version 1.3.0.
|
getset |
The thumbprint of the client certificate bound to the token. If this property is set, a certificate whose thumbprint matches the value must be presented with the access token when it is used by a client.
See RFC 8705 (OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens) for details.
The value should be a base64url-encoded SHA-256 certificate thumbprint.
Since version 1.4.0.
|
getset |
The thumbprint of the public key used for DPoP presentation of the token. If this property is set, a DPoP proof JWT signed with the corresponding private key must be presented with the access token when it is used by a client.
See "OAuth 2.0 Demonstration of Proof-of-Possession at the Application Layer (DPoP)" for details.
Since version 1.4.0.
|
getset |
The flag which indicates whether /api/auth/token/update API attempts to update the expiration date of the access token when the scopes linked to the access token are changed by this request.
This request parameter is optional and its default value is false. If this request parameter is set to true and all of the following conditions are satisfied, the API performs an update on the expiration date of the access token even if the accessTokenExpiresAt request parameter is not explicitly specified in the request.
The accessTokenExpiresAt request parameter is not included in the request or its value is 0 (or negative).
The scopes linked to the access token are changed by the scopes request parameter in the request.
When multiple access token duration values are found in the attributes of the specified scopes, the smallest value among them is used.
For more details, see the following examples.
Example 1.
Let's say we send the following request to /api/auth/token/update API.
and "read_profile" has the following attributes.
In this case, the API evaluates "10000" as a new value of the duration of the access token (in seconds) and updates the expiration date of the access token using the duration.
Example 2.
Let's say we send the following request to /api/auth/token/update API.
and "read_profile" has the following attributes.
and "write_profile" has the following attributes.
In this case, the API evaluates "10000" and "5000" as candidate values for new duration of the access token (in seconds) and chooses the smallest value of them (i.e. "5000" is adopted) and updates the expiration date of the access token using the duration.
Since version 1.3.0.
|
getset |
The flag which indicates whether the access token expires or not.
By default, all access tokens expire after a period of time determined by their service. If this request parameter is true then the access token will not automatically expire and must be revoked or deleted manually at the service.
If this request parameter is true, the accessTokenExpiresAt request parameter is ignored. If this request parameter is false, the accessTokenExpiresAt request parameter is processed normally.
Since version 1.3.0.
|
getset |
The flag which indicates whether to update the value of the access token in the data store.
If this parameter is set to true, then a new access token value is generated by the server and returned in the response. If false (the default value), the current value of the access token is not changed.
Since version 1.3.0.
|
getset |
A new set of properties assigned to the access token. If null is given, the property set associated with the access token is not changed.
|
getset |
A new set of scopes assigned to the access token. If null is given, the scope set associated with the access token is not changed.
1.8.18