Client (com.authlete:authlete-java-common 3.30 API)

java.lang.Object
- com.authlete.common.dto.Client

All Implemented Interfaces:

Serializable
```
public class Client
extends Object
implements Serializable
```
Information about a client application.
Some properties correspond to the ones listed in Client Metadata in OpenID Connect Dynamic Client Registration 1.0.

See Also:

OpenID Connect Dynamic Client Registration 1.0, Financial-grade API: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM), Serialized Form

Constructor Summary

Constructors
Constructor and Description

Client()

Constructors
Constructor and Description
`Client()`

Method Summary

All Methods Instance Methods Concrete Methods Deprecated Methods
Modifier and Type	Method and Description
`ApplicationType`	`getApplicationType()` Get the application type.
`Pair[]`	`getAttributes()` Get attributes.
`String[]`	`getAuthorizationDetailsTypes()` Get the authorization details types that this client may use as values of the `"type"` field in `"authorization_details"`.
`JWEAlg`	`getAuthorizationEncryptionAlg()` Get the JWE `alg` algorithm for encrypting authorization responses.
`JWEEnc`	`getAuthorizationEncryptionEnc()` Get the JWE `enc` algorithm for encrypting authorization responses.
`JWSAlg`	`getAuthorizationSignAlg()` Get the JWS `alg` algorithm for signing authorization responses.
`DeliveryMode`	`getBcDeliveryMode()` Get the backchannel token delivery mode.
`URI`	`getBcNotificationEndpoint()` Get the backchannel client notification endpoint.
`JWSAlg`	`getBcRequestSignAlg()` Get the signature algorithm of the request to the backchannel authentication endpoint.
`long`	`getClientId()` Get the client ID.
`String`	`getClientIdAlias()` Get the alias of the client ID.
`String`	`getClientName()` Get the client name.
`TaggedValue[]`	`getClientNames()` Get the client names each of which has a language tag.
`String`	`getClientSecret()` Get the client secret.
`ClientType`	`getClientType()` Get the client type.
`URI`	`getClientUri()` Get the URI of the home page.
`TaggedValue[]`	`getClientUris()` Get the URIs of the home pages for specific languages.
`String[]`	`getContacts()` Get the email addresses of contacts.
`long`	`getCreatedAt()` Get the time at which this client was created.
`String`	`getCustomMetadata()` Get the custom client metadata in JSON format.
`String[]`	`getDefaultAcrs()` Get the default list of authentication context class references.
`int`	`getDefaultMaxAge()` Get the default value of the maximum authentication age in seconds.
`String`	`getDerivedSectorIdentifier()` Get the sector identifier host component as derived from either the `sector_identifier_uri` or the registered `redirect_uri`.
`String`	`getDescription()` Get the description.
`TaggedValue[]`	`getDescriptions()` Get the descriptions for specific languages.
`String`	`getDeveloper()` Get the unique ID of the developer of this client application.
`String`	`getDigestAlgorithm()` Get the digest algorithm that this client requests the server to use when it computes digest values of external attachments, which may be referenced from within ID tokens or userinfo responses (or any place that can have the `verified_claims` claim).
`ClientExtension`	`getExtension()` Get the extended information about this client.
`GrantType[]`	`getGrantTypes()` Get `grant_type` values that the client is declaring that it will restrict itself to using.
`JWEAlg`	`getIdTokenEncryptionAlg()` Get the JWE `alg` algorithm for encrypting the ID token issued to this client.
`JWEEnc`	`getIdTokenEncryptionEnc()` Get the JWE `enc` algorithm for encrypting the ID token issued to this client.
`JWSAlg`	`getIdTokenSignAlg()` Get the JWS `alg` algorithm for signing the ID token issued to this client.
`String`	`getJwks()` Get the JSON Web Key Set.
`URI`	`getJwksUri()` Get the URI of the JSON Web Key Set of the client application.
`URI`	`getLoginUri()` Get the URL that can initiate a login for this client application.
`URI`	`getLogoUri()` Get the URI of the logo image.
`TaggedValue[]`	`getLogoUris()` Get the logo URIs each of which has a language tag.
`long`	`getModifiedAt()` Get the time at which this client was last modified.
`int`	`getNumber()` Get the client number.
`URI`	`getPolicyUri()` Get the URI of the policy page which describes how the client application uses the profile data of the end-user.
`TaggedValue[]`	`getPolicyUris()` Get the URIs of the policy pages for specific languages.
`String[]`	`getRedirectUris()` Get the redirect URIs.
`String`	`getRegistrationAccessTokenHash()` Get the hash of the registration access token for this client.
`JWEAlg`	`getRequestEncryptionAlg()` Get the JWE `alg` algorithm for encrypting request objects.
`JWEEnc`	`getRequestEncryptionEnc()` Get the JWE `enc` algorithm for encrypting request objects.
`JWSAlg`	`getRequestSignAlg()` Get the JWS `alg` algorithm for signing request objects.
`String[]`	`getRequestUris()` Get the request URIs that this client declares it may use.
`ResponseType[]`	`getResponseTypes()` Get `response_type` values that the client is declaring that it will restrict itself to using.
`URI`	`getSectorIdentifier()` Deprecated. Since Authlete 2.2. Use `getSectorIdentifierUri()` instead.
`URI`	`getSectorIdentifierUri()` Get the value of the sector identifier URI.
`String`	`getSelfSignedCertificateKeyId()` Get the key ID of a JWK containing a self-signed certificate of this client.
`int`	`getServiceNumber()` Get the number of the service which this client belongs to.
`String`	`getSoftwareId()` Get the unique identifier string assigned by the client developer or software publisher used by registration endpoints to identify the client software to be dynamically registered.
`String`	`getSoftwareVersion()` Get the version identifier string for the client software identified by the software ID.
`SubjectType`	`getSubjectType()` Get the subject type that this client application requests.
`String`	`getTlsClientAuthSanDns()` Get the string representation of the expected DNS subject alternative name of the certificate this client will use in mutual TLS authentication.
`String`	`getTlsClientAuthSanEmail()` Get the string representation of the expected email address subject alternative name of the certificate this client will use in mutual TLS authentication.
`String`	`getTlsClientAuthSanIp()` Get the string representation of the expected IP address subject alternative name of the certificate this client will use in mutual TLS authentication.
`URI`	`getTlsClientAuthSanUri()` Get the string representation of the expected URI subject alternative name of the certificate this client will use in mutual TLS authentication.
`String`	`getTlsClientAuthSubjectDn()` Get the string representation of the expected subject distinguished name of the certificate this client will use in mutual TLS authentication.
`ClientAuthMethod`	`getTokenAuthMethod()` Get the client authentication method for the token endpoint.
`JWSAlg`	`getTokenAuthSignAlg()` Get the JWS `alg` algorithm for signing the JWT used to authenticate the client at the token endpoint.
`URI`	`getTosUri()` Get the URI of the "Terms Of Service" page.
`TaggedValue[]`	`getTosUris()` Get the URIs of the "Terms Of Service" pages for specific languages.
`JWEAlg`	`getUserInfoEncryptionAlg()` Get the JWE `alg` algorithm for encrypting UserInfo responses.
`JWEEnc`	`getUserInfoEncryptionEnc()` Get the JWE `enc` algorithm for encrypting UserInfo responses.
`JWSAlg`	`getUserInfoSignAlg()` Get the JWS `alg` algorithm for signing UserInfo responses.
`boolean`	`isAuthTimeRequired()` Get the flag which indicates whether this client requires `auth_time` claim to be embedded in the ID token.
`boolean`	`isBcUserCodeRequired()` Get the boolean flag which indicates whether a user code is required when this client makes a backchannel authentication request.
`boolean`	`isClientIdAliasEnabled()` Get the flag which indicates whether the client ID alias is enabled or not.
`boolean`	`isDynamicallyRegistered()` Get the flag which indicates whether this client has been registered dynamically.
`boolean`	`isFrontChannelRequestObjectEncryptionRequired()` Get the flag indicating whether encryption of request object is required when the request object is passed through the front channel.
`boolean`	`isParRequired()` Get the flag indicating whether this client is required to use the pushed authorization request endpoint.
`boolean`	`isPkceRequired()` Get the flag indicating whether PKCE (RFC 7636) is required whenever this client makes an authorization request by the authorization code flow.
`boolean`	`isPkceS256Required()` Get the flag indicating whether `S256` must be used as the code challenge method whenever this client uses PKCE (RFC 7636).
`boolean`	`isRequestObjectEncryptionAlgMatchRequired()` Get the flag indicating whether the JWE `alg` of encrypted request object must match the `request_object_encryption_alg` client metadata.
`boolean`	`isRequestObjectEncryptionEncMatchRequired()` Get the flag indicating whether the JWE `enc` of encrypted request object must match the `request_object_encryption_enc` client metadata.
`boolean`	`isRequestObjectRequired()` Get the flag indicating whether authorization requests from this client are always required to utilize a request object by using either `request` or `request_uri` request parameter.
`boolean`	`isSingleAccessTokenPerSubject()` Get the flag which indicates whether the number of access tokens per subject (and per client) is at most one or can be more.
`boolean`	`isTlsClientCertificateBoundAccessTokens()` Does this client use TLS client certificate bound access tokens?
`Client`	`loadAttributes(Iterable<Pair> attributes)` Load attributes from an iterable.
`Client`	`setApplicationType(ApplicationType applicationType)` Set the application type.
`Client`	`setAttributes(Pair[] attributes)` Set attributes.
`Client`	`setAuthorizationDetailsTypes(String[] types)` Set the authorization details types that this client may use as values of the `"type"` field in `"authorization_details"`.
`Client`	`setAuthorizationEncryptionAlg(JWEAlg alg)` Set the JWE `alg` algorithm for encrypting authorization responses.
`Client`	`setAuthorizationEncryptionEnc(JWEEnc enc)` Set the JWE `enc` algorithm for encrypting authorization responses.
`Client`	`setAuthorizationSignAlg(JWSAlg alg)` Set the JWS `alg` algorithm for signing authorization responses.
`Client`	`setAuthTimeRequired(boolean required)` Set the flag which indicates whether this client requires `auth_time` claim to be embedded in the ID token.
`Client`	`setBcDeliveryMode(DeliveryMode mode)` Set the backchannel token delivery mode.
`Client`	`setBcNotificationEndpoint(URI endpoint)` Set the backchannel client notification endpoint.
`Client`	`setBcRequestSignAlg(JWSAlg alg)` Set the signature algorithm of the request to the backchannel authentication endpoint.
`Client`	`setBcUserCodeRequired(boolean required)` Set the boolean flag which indicates whether a user code is required when this client makes a backchannel authentication request.
`Client`	`setClientId(long clientId)` Set the client ID.
`Client`	`setClientIdAlias(String alias)` Set the alias of the client ID.
`Client`	`setClientIdAliasEnabled(boolean enabled)` Enable/disable the client ID alias.
`Client`	`setClientName(String clientName)` Set the client name.
`Client`	`setClientNames(TaggedValue[] clientNames)` Set the client names each of which has a language tag.
`Client`	`setClientSecret(String clientSecret)` Set the client secret.
`Client`	`setClientType(ClientType clientType)` Set the client type.
`Client`	`setClientUri(URI uri)` Set the URI of the home page.
`Client`	`setClientUris(TaggedValue[] uris)` Set the URIs of the home pages for specific languages.
`Client`	`setContacts(String[] contacts)` Set the email addresses of contacts.
`Client`	`setCreatedAt(long createdAt)` Set the time at which this client was created.
`Client`	`setCustomMetadata(String metadata)` Set the custom client metadata in JSON format.
`Client`	`setDefaultAcrs(String[] defaultAcrs)` Set the default list of authentication context class references.
`Client`	`setDefaultMaxAge(int defaultMaxAge)` Set the default value of the maximum authentication age in seconds.
`Client`	`setDerivedSectorIdentifier(String derivedSectorIdentifier)` Set the sector identifier host component as derived from either the `sector_identifier_uri` or the registered `redirect_uri`.
`Client`	`setDescription(String description)` Set the description.
`Client`	`setDescriptions(TaggedValue[] descriptions)` Set the descriptions for specific languages.
`Client`	`setDeveloper(String developer)` Set the unique ID of the developer of this client application.
`Client`	`setDigestAlgorithm(String algorithm)` Set the digest algorithm that this client requests the server to use when it computes digest values of external attachments, which may be referenced from within ID tokens or userinfo responses (or any place that can have the `verified_claims` claim).
`Client`	`setDynamicallyRegistered(boolean dynamicallyRegistered)` Set the flag which indicates whether this client has been registered dynamically.
`Client`	`setExtension(ClientExtension extension)` Set the extended information about this client.
`Client`	`setFrontChannelRequestObjectEncryptionRequired(boolean required)` Set the flag indicating whether encryption of request object is required when the request object is passed through the front channel.
`Client`	`setGrantTypes(GrantType[] grantTypes)` Set `grant_type` values that the client is declaring that it will restrict itself to using.
`Client`	`setIdTokenEncryptionAlg(JWEAlg alg)` Set the JWE `alg` algorithm for encrypting the ID token issued to this client.
`Client`	`setIdTokenEncryptionEnc(JWEEnc enc)` Set the JWE `enc` algorithm for encrypting the ID token issued to this client.
`Client`	`setIdTokenSignAlg(JWSAlg alg)` Set the JWS `alg` algorithm for signing the ID token issued to this client.
`Client`	`setJwks(String jwks)` Set the JSON Web Key Set.
`Client`	`setJwksUri(URI uri)` Set the URI of the JSON Web Key Set of the client application.
`Client`	`setLoginUri(URI uri)` Set the URL that can initiate a login for this client application.
`Client`	`setLogoUri(URI uri)` Set the URI of the logo image.
`Client`	`setLogoUris(TaggedValue[] uris)` Set the logo URIs each of which has a language tag.
`Client`	`setModifiedAt(long modifiedAt)` Set the time at which this client was last modified.
`Client`	`setNumber(int number)` Set the client number.
`Client`	`setParRequired(boolean required)` Set the flag indicating whether this client is required to use the pushed authorization request endpoint.
`Client`	`setPkceRequired(boolean required)` Set the flag indicating whether PKCE (RFC 7636) is required whenever this client makes an authorization request by the authorization code flow.
`Client`	`setPkceS256Required(boolean required)` Set the flag indicating whether `S256` must be used as the code challenge method whenever this client uses PKCE (RFC 7636).
`Client`	`setPolicyUri(URI uri)` Set the URI of the policy page which describes how the client application uses the profile data of the end-user.
`Client`	`setPolicyUris(TaggedValue[] uris)` Set the URIs of the policy pages for specific languages.
`Client`	`setRedirectUris(String[] uris)` Set the redirect URIs.
`Client`	`setRegistrationAccessTokenHash(String registrationAccessToken)` Set the hash of the registration access token for this client.
`Client`	`setRequestEncryptionAlg(JWEAlg alg)` Set the JWE `alg` algorithm for encrypting request objects.
`Client`	`setRequestEncryptionEnc(JWEEnc enc)` Set the JWE `enc` algorithm for encrypting request objects.
`Client`	`setRequestObjectEncryptionAlgMatchRequired(boolean required)` Set the flag indicating whether the JWE `alg` of encrypted request object must match the `request_object_encryption_alg` client metadata.
`Client`	`setRequestObjectEncryptionEncMatchRequired(boolean required)` Set the flag indicating whether the JWE `enc` of encrypted request object must match the `request_object_encryption_enc` client metadata.
`Client`	`setRequestObjectRequired(boolean required)` Set the flag indicating whether authorization requests from this client are always required to utilize a request object by using either `request` or `request_uri` request parameter.
`Client`	`setRequestSignAlg(JWSAlg alg)` Set the JWS `alg` algorithm for signing request objects.
`Client`	`setRequestUris(String[] uris)` Set the request URIs that this client declares it may use.
`Client`	`setResponseTypes(ResponseType[] responseTypes)` Set `response_type` values that the client is declaring that it will restrict itself to using.
`Client`	`setSectorIdentifier(URI sectorIdentifier)` Deprecated. Since Authlete 2.2. Use `setSectorIdentifierUri(URI)` instead.
`Client`	`setSectorIdentifierUri(URI uri)` Set the value of the sector identifier URI.
`Client`	`setSelfSignedCertificateKeyId(String keyId)` Set the key ID of a JWK containing a self-signed certificate of this client.
`Client`	`setServiceNumber(int number)` Set the number of the service which this client belongs to.
`Client`	`setSingleAccessTokenPerSubject(boolean single)` Set the flag which indicates whether the number of access tokens per subject (and per client) is at most one or can be more.
`Client`	`setSoftwareId(String softwareId)` Set a unique identifier string assigned by the client developer or software publisher used by registration endpoints to identify the client software to be dynamically registered.
`Client`	`setSoftwareVersion(String softwareVersion)` Set a version identifier string for the client software identified by the software ID.
`Client`	`setSubjectType(SubjectType subjectType)` Set the subject type that this client application requests.
`Client`	`setTlsClientAuthSanDns(String tlsClientAuthSanDns)` Set the string representation of the expected DNS subject alternative name of the certificate this client will use in mutual TLS authentication.
`Client`	`setTlsClientAuthSanEmail(String tlsClientAuthSanEmail)` Set the string representation of the expected email address subject alternative name of the certificate this client will use in mutual TLS authentication.
`Client`	`setTlsClientAuthSanIp(String tlsClientAuthSanIp)` Set the string representation of the expected IP address subject alternative name of the certificate this client will use in mutual TLS authentication.
`Client`	`setTlsClientAuthSanUri(URI tlsClientAuthSanUri)` Set the string representation of the expected URI subject alternative name of the certificate this client will use in mutual TLS authentication.
`Client`	`setTlsClientAuthSubjectDn(String name)` Set the string representation of the expected subject distinguished name of the certificate this client will use in mutual TLS authentication.
`Client`	`setTlsClientCertificateBoundAccessTokens(boolean use)` Set whether this client uses TLS client certificate bound access tokens or not.
`Client`	`setTokenAuthMethod(ClientAuthMethod method)` Set the client authentication method for the token endpoint.
`Client`	`setTokenAuthSignAlg(JWSAlg alg)` Set the JWS `alg` algorithm for signing the JWT used to authenticate the client at the token endpoint.
`Client`	`setTosUri(URI uri)` Set the URI of the "Terms Of Service" page.
`Client`	`setTosUris(TaggedValue[] uris)` Set the URIs of the "Terms Of Service" pages for specific languages.
`Client`	`setUserInfoEncryptionAlg(JWEAlg alg)` Set the JWE `alg` algorithm for encrypting UserInfo responses.
`Client`	`setUserInfoEncryptionEnc(JWEEnc enc)` Set the JWE `enc` algorithm for encrypting UserInfo responses.
`Client`	`setUserInfoSignAlg(JWSAlg alg)` Set the JWS `alg` algorithm for signing UserInfo responses.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - Client
```
public Client()
```
- Method Detail
  - getNumber
```
public int getNumber()
```
    Get the client number.
    
    Returns:
    
    The client number.
  - setNumber
```
public Client setNumber(int number)
```
    Set the client number.
    
    Parameters:
    
    number - The client number.
    
    Returns:
    
    this object.
  - getServiceNumber
```
public int getServiceNumber()
```
    Get the number of the service which this client belongs to.
    
    Returns:
    
    The service number
  - setServiceNumber
```
public Client setServiceNumber(int number)
```
    Set the number of the service which this client belongs to.
    
    Parameters:
    
    number - The service number.
    
    Returns:
    
    this object.
  - getDeveloper
```
public String getDeveloper()
```
    Get the unique ID of the developer of this client application.
    
    Returns:
    
    The developer unique ID.
  - setDeveloper
```
public Client setDeveloper(String developer)
```
    Set the unique ID of the developer of this client application.
    
    Parameters:
    
    developer - The developer unique ID.
    
    Returns:
    
    this object.
  - getClientId
```
public long getClientId()
```
    Get the client ID.
    
    Returns:
    
    The client ID.
  - setClientId
```
public Client setClientId(long clientId)
```
    Set the client ID.
    
    Parameters:
    
    clientId - The client ID.
    
    Returns:
    
    this object.
  - getClientIdAlias
```
public String getClientIdAlias()
```
    Get the alias of the client ID.
    Note that the client ID alias is recognized only when this client's clientIdAliasEnabled property is true AND the service's clientIdAliasEnabled property is also true.
    
    Returns:
    
    The alias of the client ID. This may be null.
    
    Since:
    
    2.1
  - setClientIdAlias
```
public Client setClientIdAlias(String alias)
```
    Set the alias of the client ID.
    Note that the client ID alias is recognized only when this client's clientIdAliasEnabled property is true AND the service's clientIdAliasEnabled property is also true.
    
    Parameters:
    
    alias - The alias of the client ID.
    
    Returns:
    
    this object.
    
    Since:
    
    2.1
  - isClientIdAliasEnabled
```
public boolean isClientIdAliasEnabled()
```
    Get the flag which indicates whether the client ID alias is enabled or not.
    Note that Service class also has clientIdAliasEnabled property. If the service's clientIdAliasEnabled property is false, the client ID alias of this client is not recognized even if this client's clientIdAliasEnabled property is true.
    
    Returns:
    
    true if the client ID alias is enabled.
    
    Since:
    
    2.2
  - setClientIdAliasEnabled
```
public Client setClientIdAliasEnabled(boolean enabled)
```
    Enable/disable the client ID alias.
    Note that Service class also has clientIdAliasEnabled property. If the service's clientIdAliasEnabled property is false, the client ID alias of this client is not recognized even if this client's clientIdAliasEnabled property is true.
    
    Parameters:
    
    enabled - true to enable the client ID alias. false to disable it.
    
    Returns:
    
    this object.
    
    Since:
    
    2.2
  - getClientSecret
```
public String getClientSecret()
```
    Get the client secret.
    
    Returns:
    
    The client secret.
  - setClientSecret
```
public Client setClientSecret(String clientSecret)
```
    Set the client secret.
    
    Parameters:
    
    clientSecret - The client secret.
    
    Returns:
    
    this object.
  - getClientType
```
public ClientType getClientType()
```
    Get the client type.
    
    Returns:
    
    The client type.
  - setClientType
```
public Client setClientType(ClientType clientType)
```
    Set the client type.
    
    Parameters:
    
    clientType - The client type.
    
    Returns:
    
    this object.
  - getRedirectUris
```
public String[] getRedirectUris()
```
    Get the redirect URIs.
    
    Returns:
    
    The redirect URIs.
    
    See Also:
    
    RFC 6749 (OAuth 2.0), 3.1.2. Redirection Endpoint
  - setRedirectUris
```
public Client setRedirectUris(String[] uris)
```
    Set the redirect URIs.
    
    Parameters:
    
    uris - The redirect URIs.
    
    Returns:
    
    this object.
    
    See Also:
    
    RFC 6749 (OAuth 2.0), 3.1.2. Redirection Endpoint
  - getResponseTypes
```
public ResponseType[] getResponseTypes()
```
    Get response_type values that the client is declaring that it will restrict itself to using.
    
    Returns:
    
    The response types.
  - setResponseTypes
```
public Client setResponseTypes(ResponseType[] responseTypes)
```
    Set response_type values that the client is declaring that it will restrict itself to using.
    
    Parameters:
    
    responseTypes - The response types.
    
    Returns:
    
    this object.
  - getGrantTypes
```
public GrantType[] getGrantTypes()
```
    Get grant_type values that the client is declaring that it will restrict itself to using.
    
    Returns:
    
    The grant types.
  - setGrantTypes
```
public Client setGrantTypes(GrantType[] grantTypes)
```
    Set grant_type values that the client is declaring that it will restrict itself to using.
    
    Parameters:
    
    grantTypes - The grant types.
    
    Returns:
    
    this object.
  - getApplicationType
```
public ApplicationType getApplicationType()
```
    Get the application type.
    
    Returns:
    
    The application type.
    
    See Also:
    
    OpenID Connect Dynamic Client Registration 1.0, 2. Client Metadata
  - setApplicationType
```
public Client setApplicationType(ApplicationType applicationType)
```
    Set the application type.
    
    Parameters:
    
    applicationType - The application type.
    
    Returns:
    
    this object.
    
    See Also:
    
    OpenID Connect Dynamic Client Registration 1.0, 2. Client Metadata
  - getContacts
```
public String[] getContacts()
```
    Get the email addresses of contacts.
    
    Returns:
    
    Email addresses of contacts.
  - setContacts
```
public Client setContacts(String[] contacts)
```
    Set the email addresses of contacts.
    
    Parameters:
    
    contacts - Email addresses of contacts.
    
    Returns:
    
    this object.
  - getClientName
```
public String getClientName()
```
    Get the client name.
    
    Returns:
    
    The client name.
  - setClientName
```
public Client setClientName(String clientName)
```
    Set the client name.
    
    Parameters:
    
    clientName - The client name.
    
    Returns:
    
    this object.
  - getClientNames
```
public TaggedValue[] getClientNames()
```
    Get the client names each of which has a language tag.
    
    Returns:
    
    The client names each of which has a language tag.
  - setClientNames
```
public Client setClientNames(TaggedValue[] clientNames)
```
    Set the client names each of which has a language tag.
    
    Parameters:
    
    clientNames - The client names.
    
    Returns:
    
    this object.
  - getLogoUri
```
public URI getLogoUri()
```
    Get the URI of the logo image.
    
    Returns:
    
    The URI of the logo image.
  - setLogoUri
```
public Client setLogoUri(URI uri)
```
    Set the URI of the logo image.
    
    Parameters:
    
    uri - The URI of the logo image.
    
    Returns:
    
    this object.
  - getLogoUris
```
public TaggedValue[] getLogoUris()
```
    Get the logo URIs each of which has a language tag.
    
    Returns:
    
    The logo URIs.
  - setLogoUris
```
public Client setLogoUris(TaggedValue[] uris)
```
    Set the logo URIs each of which has a language tag.
    
    Parameters:
    
    uris - The logo URIs.
    
    Returns:
    
    this object.
  - getClientUri
```
public URI getClientUri()
```
    Get the URI of the home page.
    
    Returns:
    
    The URI of the home page.
  - setClientUri
```
public Client setClientUri(URI uri)
```
    Set the URI of the home page.
    
    Parameters:
    
    uri - The URI of the home page.
    
    Returns:
    
    this object.
  - getClientUris
```
public TaggedValue[] getClientUris()
```
    Get the URIs of the home pages for specific languages.
    
    Returns:
    
    The URIs of the home page for specific languages.
  - setClientUris
```
public Client setClientUris(TaggedValue[] uris)
```
    Set the URIs of the home pages for specific languages.
    
    Parameters:
    
    uris - The URIs of the home page for specific languages.
    
    Returns:
    
    this object.
  - getPolicyUri
```
public URI getPolicyUri()
```
    Get the URI of the policy page which describes how the client application uses the profile data of the end-user.
    
    Returns:
    
    The URI of the policy page.
  - setPolicyUri
```
public Client setPolicyUri(URI uri)
```
    Set the URI of the policy page which describes how the client application uses the profile data of the end-user.
    
    Parameters:
    
    uri - The URI of the policy page.
    
    Returns:
    
    this object.
  - getPolicyUris
```
public TaggedValue[] getPolicyUris()
```
    Get the URIs of the policy pages for specific languages.
    
    Returns:
    
    The URIs of the policy pages for specific languages.
  - setPolicyUris
```
public Client setPolicyUris(TaggedValue[] uris)
```
    Set the URIs of the policy pages for specific languages.
    
    Parameters:
    
    uris - The URIs of the policy pages for specific languages.
    
    Returns:
    
    this object.
  - getTosUri
```
public URI getTosUri()
```
    Get the URI of the "Terms Of Service" page.
    
    Returns:
    
    The URI of the "Terms Of Service" page.
  - setTosUri
```
public Client setTosUri(URI uri)
```
    Set the URI of the "Terms Of Service" page.
    
    Parameters:
    
    uri - The URI of the "Terms Of Service" page.
    
    Returns:
    
    this object.
  - getTosUris
```
public TaggedValue[] getTosUris()
```
    Get the URIs of the "Terms Of Service" pages for specific languages.
    
    Returns:
    
    The URIs of the "Terms Of Service" pages for specific languages.
  - setTosUris
```
public Client setTosUris(TaggedValue[] uris)
```
    Set the URIs of the "Terms Of Service" pages for specific languages.
    
    Parameters:
    
    uris - The URIs of the "Terms Of Service" pages for specific languages.
    
    Returns:
    
    this object.
  - getJwksUri
```
public URI getJwksUri()
```
    Get the URI of the JSON Web Key Set of the client application.
    
    Returns:
    
    The URI of the JSON Web Key Set of the client application.
  - setJwksUri
```
public Client setJwksUri(URI uri)
```
    Set the URI of the JSON Web Key Set of the client application.
    
    Parameters:
    
    uri - The URI of the JSON Web Key Set of the client application.
    
    Returns:
    
    this object.
  - getJwks
```
public String getJwks()
```
    Get the JSON Web Key Set.
    
    Returns:
    
    The JSON Web Key Set.
  - setJwks
```
public Client setJwks(String jwks)
```
    Set the JSON Web Key Set.
    
    Parameters:
    
    jwks - The JSON Web Key Set.
    
    Returns:
    
    this object.
  - getSectorIdentifier
```
@Deprecated
public URI getSectorIdentifier()
```
    Deprecated. Since Authlete 2.2. Use getSectorIdentifierUri() instead.
    
    Get the sector identifier.
    
    Returns:
    
    The sector identifier.
  - setSectorIdentifier
```
@Deprecated
public Client setSectorIdentifier(URI sectorIdentifier)
```
    Deprecated. Since Authlete 2.2. Use setSectorIdentifierUri(URI) instead.
    
    Set the sector identifier.
    
    Parameters:
    
    sectorIdentifier - The sector identifier.
    
    Returns:
    
    this object.
  - getSectorIdentifierUri
```
public URI getSectorIdentifierUri()
```
    Get the value of the sector identifier URI.
    This represents the sector_identifier_uri client metadata which is defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
    
    Returns:
    
    The sector identifier URI.
    
    Since:
    
    2.50
  - setSectorIdentifierUri
```
public Client setSectorIdentifierUri(URI uri)
```
    Set the value of the sector identifier URI.
    This represents the sector_identifier_uri client metadata which is defined in 2. Client Metadata of OpenID Connect Dynamic Client Registration 1.0.
    
    Parameters:
    
    uri - The sector identifier URI.
    
    Returns:
    
    this object.
    
    Since:
    
    2.50
  - getDerivedSectorIdentifier
```
public String getDerivedSectorIdentifier()
```
    Get the sector identifier host component as derived from either the sector_identifier_uri or the registered redirect_uri. If no sector_identifier_uri is registered and multiple redirect_uris are also registered, this value is undefined and the field returns null.
    
    Returns:
    
    The derived sector identifier, if available, or null otherwise.
    
    Since:
    
    2.61
    
    See Also:
    
    OIDC Core, 8.1. Pairwise Identifier Algorithm
  - setDerivedSectorIdentifier
```
public Client setDerivedSectorIdentifier(String derivedSectorIdentifier)
```
    Set the sector identifier host component as derived from either the sector_identifier_uri or the registered redirect_uri. If no sector_identifier_uri is registered and multiple redirect_uris are also registered, this value is undefined and the field is null.
    
    Parameters:
    
    derivedSectorIdentifier - The derived sector identifier, if available, or null otherwise.
    
    Returns:
    
    this object.
    
    Since:
    
    2.61
    
    See Also:
    
    OIDC Core, 8.1. Pairwise Identifier Algorithm
  - getSubjectType
```
public SubjectType getSubjectType()
```
    Get the subject type that this client application requests.
    
    Returns:
    
    The subject type.
    
    See Also:
    
    Subject Identifier Types
  - setSubjectType
```
public Client setSubjectType(SubjectType subjectType)
```
    Set the subject type that this client application requests.
    
    Parameters:
    
    subjectType - The subject type.
    
    Returns:
    
    this object.
    
    See Also:
    
    Subject Identifier Types
  - getIdTokenSignAlg
```
public JWSAlg getIdTokenSignAlg()
```
    Get the JWS alg algorithm for signing the ID token issued to this client. This property corresponds to id_token_signed_response_alg in Client Metadata.
    
    Returns:
    
    The JWS alg algorithm for signing the ID token issued to this client.
  - setIdTokenSignAlg
```
public Client setIdTokenSignAlg(JWSAlg alg)
```
    Set the JWS alg algorithm for signing the ID token issued to this client. This property corresponds to id_token_signed_response_alg in Client Metadata.
    
    Parameters:
    
    alg - The JWS alg algorithm for signing the ID token issued to this client.
    
    Returns:
    
    this object.
  - getIdTokenEncryptionAlg
```
public JWEAlg getIdTokenEncryptionAlg()
```
    Get the JWE alg algorithm for encrypting the ID token issued to this client. This property corresponds to id_token_encrypted_response_algin Client Metadata.
    
    Returns:
    
    The JWE alg algorithm for encrypting the ID token issued to this client.
  - setIdTokenEncryptionAlg
```
public Client setIdTokenEncryptionAlg(JWEAlg alg)
```
    Set the JWE alg algorithm for encrypting the ID token issued to this client. This property corresponds to id_token_encrypted_response_algin Client Metadata.
    
    Parameters:
    
    alg - The JWE alg algorithm for encrypting the ID token issued to this client.
    
    Returns:
    
    this object.
  - getIdTokenEncryptionEnc
```
public JWEEnc getIdTokenEncryptionEnc()
```
    Get the JWE enc algorithm for encrypting the ID token issued to this client. This property corresponds to id_token_encrypted_response_encin Client Metadata.
    
    Returns:
    
    The JWE enc algorithm for encrypting the ID token issued to this client.
  - setIdTokenEncryptionEnc
```
public Client setIdTokenEncryptionEnc(JWEEnc enc)
```
    Set the JWE enc algorithm for encrypting the ID token issued to this client. This property corresponds to id_token_encrypted_response_encin Client Metadata.
    
    Parameters:
    
    enc - The JWE enc algorithm for encrypting the ID token issued to this client.
    
    Returns:
    
    this object.
  - getUserInfoSignAlg
```
public JWSAlg getUserInfoSignAlg()
```
    Get the JWS alg algorithm for signing UserInfo responses. This property corresponds to userinfo_signed_response_alg in Client Metadata.
    
    Returns:
    
    The JWS alg algorithm for signing UserInfo responses.
  - setUserInfoSignAlg
```
public Client setUserInfoSignAlg(JWSAlg alg)
```
    Set the JWS alg algorithm for signing UserInfo responses. This property corresponds to userinfo_signed_response_alg in Client Metadata.
    
    Parameters:
    
    alg - The JWS alg algorithm for signing UserInfo responses.
    
    Returns:
    
    this object.
  - getUserInfoEncryptionAlg
```
public JWEAlg getUserInfoEncryptionAlg()
```
    Get the JWE alg algorithm for encrypting UserInfo responses. This property corresponds to userinfo_encrypted_response_alg in Client Metadata.
    
    Returns:
    
    The JWE alg algorithm for encrypting UserInfo responses.
  - setUserInfoEncryptionAlg
```
public Client setUserInfoEncryptionAlg(JWEAlg alg)
```
    Set the JWE alg algorithm for encrypting UserInfo responses. This property corresponds to userinfo_encrypted_response_alg in Client Metadata.
    
    Parameters:
    
    alg - The JWE alg algorithm for encrypting UserInfo responses.
    
    Returns:
    
    this object.
  - getUserInfoEncryptionEnc
```
public JWEEnc getUserInfoEncryptionEnc()
```
    Get the JWE enc algorithm for encrypting UserInfo responses. This property corresponds to userinfo_encrypted_response_enc in Client Metadata.
    
    Returns:
    
    The JWE enc algorithm for encrypting UserInfo responses.
  - setUserInfoEncryptionEnc
```
public Client setUserInfoEncryptionEnc(JWEEnc enc)
```
    Set the JWE enc algorithm for encrypting UserInfo responses. This property corresponds to userinfo_encrypted_response_enc in Client Metadata.
    
    Parameters:
    
    enc - The JWE enc algorithm for encrypting UserInfo responses.
    
    Returns:
    
    this object.
  - getRequestSignAlg
```
public JWSAlg getRequestSignAlg()
```
    Get the JWS alg algorithm for signing request objects. This property corresponds to request_object_signing_alg in Client Metadata.
    
    Returns:
    
    The JWS alg algorithm for signing request objects.
  - setRequestSignAlg
```
public Client setRequestSignAlg(JWSAlg alg)
```
    Set the JWS alg algorithm for signing request objects. This property corresponds to request_object_signing_alg in Client Metadata.
    
    Parameters:
    
    alg - The JWS alg algorithm for signing request objects.
    
    Returns:
    
    this object.
  - getRequestEncryptionAlg
```
public JWEAlg getRequestEncryptionAlg()
```
    Get the JWE alg algorithm for encrypting request objects. This property corresponds to request_object_encryption_alg in Client Metadata.
    
    Returns:
    
    The JWE alg algorithm for encrypting request objects.
  - setRequestEncryptionAlg
```
public Client setRequestEncryptionAlg(JWEAlg alg)
```
    Set the JWE alg algorithm for encrypting request objects. This property corresponds to request_object_encryption_alg in Client Metadata.
    
    Parameters:
    
    alg - The JWE alg algorithm for encrypting request objects.
    
    Returns:
    
    this object.
  - getRequestEncryptionEnc
```
public JWEEnc getRequestEncryptionEnc()
```
    Get the JWE enc algorithm for encrypting request objects. This property corresponds to request_object_encryption_enc in Client Metadata.
    
    Returns:
    
    The JWE enc algorithm for encrypting request objects.
  - setRequestEncryptionEnc
```
public Client setRequestEncryptionEnc(JWEEnc enc)
```
    Set the JWE enc algorithm for encrypting request objects. This property corresponds to request_object_encryption_enc in Client Metadata.
    
    Parameters:
    
    enc - The JWE enc algorithm for encrypting request objects.
    
    Returns:
    
    this object.
  - getTokenAuthMethod
```
public ClientAuthMethod getTokenAuthMethod()
```
    Get the client authentication method for the token endpoint. This property corresponds to token_endpoint_auth_method in Client Metadata.
    
    Returns:
    
    The client authentication method for the token endpoint.
  - setTokenAuthMethod
```
public Client setTokenAuthMethod(ClientAuthMethod method)
```
    Set the client authentication method for the token endpoint. This property corresponds to token_endpoint_auth_method in Client Metadata.
    
    Parameters:
    
    method - The client authentication method for the token endpoint.
    
    Returns:
    
    this object.
  - getTokenAuthSignAlg
```
public JWSAlg getTokenAuthSignAlg()
```
    Get the JWS alg algorithm for signing the JWT used to authenticate the client at the token endpoint. This property corresponds to token_endpoint_auth_signing_alg in Client Metadata.
    
    Returns:
    
    The JWS alg algorithm for signing the JWT used to authenticate the client at the token endpoint.
  - setTokenAuthSignAlg
```
public Client setTokenAuthSignAlg(JWSAlg alg)
```
    Set the JWS alg algorithm for signing the JWT used to authenticate the client at the token endpoint. This property corresponds to token_endpoint_auth_signing_alg in Client Metadata.
    
    Parameters:
    
    alg - The JWS alg algorithm for signing the JWT used to authenticate the client at the token endpoint.
    
    Returns:
    
    this object.
  - getDefaultMaxAge
```
public int getDefaultMaxAge()
```
    Get the default value of the maximum authentication age in seconds. This property corresponds to default_max_age in Client Metadata.
    
    Returns:
    
    The default value of the maximum authentication age in seconds.
  - setDefaultMaxAge
```
public Client setDefaultMaxAge(int defaultMaxAge)
```
    Set the default value of the maximum authentication age in seconds. This property corresponds to default_max_age in Client Metadata.
    This value is used when the request from the client application does not contain the max_age request parameter.
    
    Parameters:
    
    defaultMaxAge - The default value of the maximum authentication age in seconds. 0 means that no default value is set.
    
    Returns:
    
    this object.
  - isAuthTimeRequired
```
public boolean isAuthTimeRequired()
```
    Get the flag which indicates whether this client requires auth_time claim to be embedded in the ID token. This property corresponds to require_auth_time in Client Metadata.
    
    Returns:
    
    The flag which indicates whether this client requires auth_time claim to be embedded in the ID token.
  - setAuthTimeRequired
```
public Client setAuthTimeRequired(boolean required)
```
    Set the flag which indicates whether this client requires auth_time claim to be embedded in the ID token. This property corresponds to require_auth_time in Client Metadata.
    
    Parameters:
    
    required - The flag which indicates whether this client requires auth_time claim to be embedded in the ID token.
    
    Returns:
    
    this object.
  - getDefaultAcrs
```
public String[] getDefaultAcrs()
```
    Get the default list of authentication context class references. This property corresponds to default_acr_values in Client Metadata.
    
    Returns:
    
    The default list of authentication context class references.
  - setDefaultAcrs
```
public Client setDefaultAcrs(String[] defaultAcrs)
```
    Set the default list of authentication context class references. This property corresponds to default_max_age in Client Metadata.
    This value is used when the request from the client application does not contain the acr_values request parameter.
    
    Parameters:
    
    defaultAcrs - The default list of authentication context class references.
    
    Returns:
    
    this object.
  - getLoginUri
```
public URI getLoginUri()
```
    Get the URL that can initiate a login for this client application. This property corresponds to initiate_login_uri in Client Metadata.
    
    Returns:
    
    The URL that can initiate a login for this client application.
  - setLoginUri
```
public Client setLoginUri(URI uri)
```
    Set the URL that can initiate a login for this client application. This property corresponds to initiate_login_uri in Client Metadata.
    
    Parameters:
    
    uri - The URL that can initiate a login for this client application.
    
    Returns:
    
    this object.
  - getRequestUris
```
public String[] getRequestUris()
```
    Get the request URIs that this client declares it may use. This property corresponds to request_uris in Client Metadata.
    
    Returns:
    
    The request URIs that this client declares it may use.
  - setRequestUris
```
public Client setRequestUris(String[] uris)
```
    Set the request URIs that this client declares it may use. This property corresponds to request_uris in Client Metadata.
    
    Parameters:
    
    uris - The request URIs that this client declares it may use.
    
    Returns:
    
    this object.
  - getDescription
```
public String getDescription()
```
    Get the description.
    
    Returns:
    
    The description.
  - setDescription
```
public Client setDescription(String description)
```
    Set the description.
    
    Parameters:
    
    description - The description.
    
    Returns:
    
    this object.
  - getDescriptions
```
public TaggedValue[] getDescriptions()
```
    Get the descriptions for specific languages.
    
    Returns:
    
    The descriptions for specific languages.
  - setDescriptions
```
public Client setDescriptions(TaggedValue[] descriptions)
```
    Set the descriptions for specific languages.
    
    Parameters:
    
    descriptions - The descriptions for specific languages.
    
    Returns:
    
    this object.
  - getCreatedAt
```
public long getCreatedAt()
```
    Get the time at which this client was created.
    
    Returns:
    
    The time at which this client was created. The value is represented as milliseconds since the UNIX epoch (1970-01-01).
    
    Since:
    
    1.6
  - setCreatedAt
```
public Client setCreatedAt(long createdAt)
```
    Set the time at which this client was created.
    
    Parameters:
    
    createdAt - The time at which this client was created.
    
    Returns:
    
    this object.
    
    Since:
    
    1.6
  - getModifiedAt
```
public long getModifiedAt()
```
    Get the time at which this client was last modified.
    
    Returns:
    
    The time at which this client was last modified. The value is represented as milliseconds since the UNIX epoch (1970-01-01).
    
    Since:
    
    1.6
  - setModifiedAt
```
public Client setModifiedAt(long modifiedAt)
```
    Set the time at which this client was last modified.
    
    Parameters:
    
    modifiedAt - The time at which this client was modified.
    
    Returns:
    
    this object.
    
    Since:
    
    1.6
  - getExtension
```
public ClientExtension getExtension()
```
    Get the extended information about this client.
    
    Returns:
    
    The extended information about this client.
    
    Since:
    
    1.39
  - setExtension
```
public Client setExtension(ClientExtension extension)
```
    Set the extended information about this client.
    
    Parameters:
    
    extension - The extended information about this client.
    
    Returns:
    
    this object.
    
    Since:
    
    1.39
  - getTlsClientAuthSubjectDn
```
public String getTlsClientAuthSubjectDn()
```
    Get the string representation of the expected subject distinguished name of the certificate this client will use in mutual TLS authentication.
    See tls_client_auth_subject_dn in "2.3. Dynamic Client Registration" in "Mutual TLS Profiles for OAuth Clients" for details.
    
    Returns:
    
    The expected subject distinguished name of the client certificate.
    
    Since:
    
    2.7
  - setTlsClientAuthSubjectDn
```
public Client setTlsClientAuthSubjectDn(String name)
```
    Set the string representation of the expected subject distinguished name of the certificate this client will use in mutual TLS authentication.
    See tls_client_auth_subject_dn in "2.3. Dynamic Client Registration" in "Mutual TLS Profiles for OAuth Clients" for details.
    
    Parameters:
    
    name - The expected subject distinguished name of the client certificate.
    
    Returns:
    
    this object.
    
    Since:
    
    2.7
  - getTlsClientAuthSanDns
```
public String getTlsClientAuthSanDns()
```
    Get the string representation of the expected DNS subject alternative name of the certificate this client will use in mutual TLS authentication.
    See tls_client_auth_san_dns in "2.3. Dynamic Client Registration" in "Mutual TLS Profiles for OAuth Clients" for details.
    
    Returns:
    
    The expected DNS subject alternative name of the client certificate.
    
    Since:
    
    2.38
  - setTlsClientAuthSanDns
```
public Client setTlsClientAuthSanDns(String tlsClientAuthSanDns)
```
    Set the string representation of the expected DNS subject alternative name of the certificate this client will use in mutual TLS authentication.
    See tls_client_auth_san_dns in "2.3. Dynamic Client Registration" in "Mutual TLS Profiles for OAuth Clients" for details.
    
    Parameters:
    
    name - The expected DNS subject alternative name of the client certificate.
    
    Returns:
    
    this object.
    
    Since:
    
    2.38
  - getTlsClientAuthSanUri
```
public URI getTlsClientAuthSanUri()
```
    Get the string representation of the expected URI subject alternative name of the certificate this client will use in mutual TLS authentication.
    See tls_client_auth_san_uri in "2.3. Dynamic Client Registration" in "Mutual TLS Profiles for OAuth Clients" for details.
    
    Returns:
    
    The expected URI subject alternative name of the client certificate.
    
    Since:
    
    2.38
  - setTlsClientAuthSanUri
```
public Client setTlsClientAuthSanUri(URI tlsClientAuthSanUri)
```
    Set the string representation of the expected URI subject alternative name of the certificate this client will use in mutual TLS authentication.
    See tls_client_auth_san_uri in "2.3. Dynamic Client Registration" in "Mutual TLS Profiles for OAuth Clients" for details.
    
    Parameters:
    
    name - The expected URI subject alternative name of the client certificate.
    
    Returns:
    
    this object.
    
    Since:
    
    2.38
  - getTlsClientAuthSanIp
```
public String getTlsClientAuthSanIp()
```
    Get the string representation of the expected IP address subject alternative name of the certificate this client will use in mutual TLS authentication.
    See tls_client_auth_san_ip in "2.3. Dynamic Client Registration" in "Mutual TLS Profiles for OAuth Clients" for details.
    
    Returns:
    
    The expected IP address subject alternative name of the client certificate.
    
    Since:
    
    2.38
  - setTlsClientAuthSanIp
```
public Client setTlsClientAuthSanIp(String tlsClientAuthSanIp)
```
    Set the string representation of the expected IP address subject alternative name of the certificate this client will use in mutual TLS authentication.
    See tls_client_auth_san_ip in "2.3. Dynamic Client Registration" in "Mutual TLS Profiles for OAuth Clients" for details.
    
    Parameters:
    
    name - The expected IP address subject alternative name of the client certificate.
    
    Returns:
    
    this object.
    
    Since:
    
    2.38
  - getTlsClientAuthSanEmail
```
public String getTlsClientAuthSanEmail()
```
    Get the string representation of the expected email address subject alternative name of the certificate this client will use in mutual TLS authentication.
    See tls_client_auth_san_email in "2.3. Dynamic Client Registration" in "Mutual TLS Profiles for OAuth Clients" for details.
    
    Returns:
    
    The expected email address subject alternative name of the client certificate.
    
    Since:
    
    2.38
  - setTlsClientAuthSanEmail
```
public Client setTlsClientAuthSanEmail(String tlsClientAuthSanEmail)
```
    Set the string representation of the expected email address subject alternative name of the certificate this client will use in mutual TLS authentication.
    See tls_client_auth_san_email in "2.3. Dynamic Client Registration" in "Mutual TLS Profiles for OAuth Clients" for details.
    
    Parameters:
    
    name - The expected email address subject alternative name of the client certificate.
    
    Returns:
    
    this object.
    
    Since:
    
    2.38
  - isTlsClientCertificateBoundAccessTokens
```
public boolean isTlsClientCertificateBoundAccessTokens()
```
    Does this client use TLS client certificate bound access tokens?
    
    Returns:
    
    true if this client uses TLS client certificate bound access tokens.
    
    Since:
    
    2.19
  - setTlsClientCertificateBoundAccessTokens
```
public Client setTlsClientCertificateBoundAccessTokens(boolean use)
```
    Set whether this client uses TLS client certificate bound access tokens or not.
    
    Parameters:
    
    use - true to indicate that this client uses TLS client certificate bound access tokens.
    
    Returns:
    
    this object.
    
    Since:
    
    2.19
  - getSelfSignedCertificateKeyId
```
public String getSelfSignedCertificateKeyId()
```
    Get the key ID of a JWK containing a self-signed certificate of this client.
    See "2.2. Self-Signed Certificate Mutual TLS OAuth Client Authentication Method" in "OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access Tokens" for details.
    
    Returns:
    
    A key ID of a JWK. This may be null.
    
    Since:
    
    2.20
  - setSelfSignedCertificateKeyId
```
public Client setSelfSignedCertificateKeyId(String keyId)
```
    Set the key ID of a JWK containing a self-signed certificate of this client. Unless this value is set to null, Authlete uses this value to look up the corresponding JWK for client authentication using mutual TLS utilizing self-signed certificates.
    See "2.2. Self-Signed Certificate Mutual TLS OAuth Client Authentication Method" in "OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access Tokens" for details.
    
    Parameters:
    
    keyId - A key ID of a JWK. This may be null.
    
    Returns:
    
    this object.
    
    Since:
    
    2.20
  - getSoftwareId
```
public String getSoftwareId()
```
    Get the unique identifier string assigned by the client developer or software publisher used by registration endpoints to identify the client software to be dynamically registered.
    This property corresponds to the software_id metadata defined in 2. Client Metadata of RFC 7591 (OAuth 2.0 Dynamic Client Registration Protocol).
    
    Returns:
    
    The unique identifier of the client software.
    
    Since:
    
    2.24
  - setSoftwareId
```
public Client setSoftwareId(String softwareId)
```
    Set a unique identifier string assigned by the client developer or software publisher used by registration endpoints to identify the client software to be dynamically registered.
    This property corresponds to the software_id metadata defined in 2. Client Metadata of RFC 7591 (OAuth 2.0 Dynamic Client Registration Protocol).
    
    Parameters:
    
    softwareId - A unique identifier of the client software.
    
    Returns:
    
    this object.
    
    Since:
    
    2.24
  - getSoftwareVersion
```
public String getSoftwareVersion()
```
    Get the version identifier string for the client software identified by the software ID.
    This property corresponds to the software_version metadata defined in 2. Client Metadata of RFC 7591 (OAuth 2.0 Dynamic Client Registration Protocol).
    
    Returns:
    
    The version of the client software.
    
    Since:
    
    2.24
  - setSoftwareVersion
```
public Client setSoftwareVersion(String softwareVersion)
```
    Set a version identifier string for the client software identified by the software ID.
    This property corresponds to the software_version metadata defined in 2. Client Metadata of RFC 7591 (OAuth 2.0 Dynamic Client Registration Protocol).
    
    Parameters:
    
    softwareVersion - A version of the client software.
    
    Returns:
    
    this object.
    
    Since:
    
    2.24
  - getAuthorizationSignAlg
```
public JWSAlg getAuthorizationSignAlg()
```
    Get the JWS alg algorithm for signing authorization responses. This property corresponds to authorization_signed_response_alg in 5. Client Metadata of Financial-grade API: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM).
    
    Returns:
    
    The JWS alg algorithm for signing authorization responses.
    
    Since:
    
    2.27
  - setAuthorizationSignAlg
```
public Client setAuthorizationSignAlg(JWSAlg alg)
```
    Set the JWS alg algorithm for signing authorization responses. This property corresponds to authorization_signed_response_alg in 5. Client Metadata of Financial-grade API: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM).
    
    Parameters:
    
    alg - The JWS alg algorithm for signing authorization responses.
    
    Returns:
    
    this object.
    
    Since:
    
    2.27
  - getAuthorizationEncryptionAlg
```
public JWEAlg getAuthorizationEncryptionAlg()
```
    Get the JWE alg algorithm for encrypting authorization responses. This property corresponds to authorization_encrypted_response_alg in 5. Client Metadata of Financial-grade API: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM).
    
    Returns:
    
    The JWE alg algorithm for encrypting authorization responses.
    
    Since:
    
    2.27
  - setAuthorizationEncryptionAlg
```
public Client setAuthorizationEncryptionAlg(JWEAlg alg)
```
    Set the JWE alg algorithm for encrypting authorization responses. This property corresponds to authorization_encrypted_response_alg in 5. Client Metadata of Financial-grade API: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM).
    
    Parameters:
    
    alg - The JWE alg algorithm for encrypting authorization responses.
    
    Returns:
    
    this object.
    
    Since:
    
    2.27
  - getAuthorizationEncryptionEnc
```
public JWEEnc getAuthorizationEncryptionEnc()
```
    Get the JWE enc algorithm for encrypting authorization responses. This property corresponds to authorization_encrypted_response_enc in 5. Client Metadata of Financial-grade API: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM).
    
    Returns:
    
    The JWE enc algorithm for encrypting authorization responses.
    
    Since:
    
    2.27
  - setAuthorizationEncryptionEnc
```
public Client setAuthorizationEncryptionEnc(JWEEnc enc)
```
    Set the JWE enc algorithm for encrypting authorization responses. This property corresponds to authorization_encrypted_response_enc in 5. Client Metadata of Financial-grade API: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM).
    
    Parameters:
    
    enc - The JWE enc algorithm for encrypting authorization responses.
    
    Returns:
    
    this object.
    
    Since:
    
    2.27
  - getBcDeliveryMode
```
public DeliveryMode getBcDeliveryMode()
```
    Get the backchannel token delivery mode. This property corresponds to the backchannel_token_delivery_mode metadata.
    The backchannel token delivery mode is defined in the specification of the CIBA (Client Initiated Backchannel Authentication).
    
    Returns:
    
    The backchannel token delivery mode.
    
    Since:
    
    2.32
  - setBcDeliveryMode
```
public Client setBcDeliveryMode(DeliveryMode mode)
```
    Set the backchannel token delivery mode. This property corresponds to the backchannel_token_delivery_mode metadata.
    The backchannel token delivery mode is defined in the specification of CIBA (Client Initiated Backchannel Authentication).
    
    Parameters:
    
    mode - The backchannel token delivery mode.
    
    Returns:
    
    this object.
    
    Since:
    
    2.32
  - getBcNotificationEndpoint
```
public URI getBcNotificationEndpoint()
```
    Get the backchannel client notification endpoint. This property corresponds to the backchannel_client_notification_endpoint metadata.
    The backchannel client notification endpoint is defined in the specification of CIBA (Client Initiated Backchannel Authentication).
    
    Returns:
    
    The backchannel client notification endpoint.
    
    Since:
    
    2.32
  - setBcNotificationEndpoint
```
public Client setBcNotificationEndpoint(URI endpoint)
```
    Set the backchannel client notification endpoint. This property corresponds to the backchannel_client_notification_endpoint metadata.
    The backchannel client notification endpoint is defined in the specification of CIBA (Client Initiated Backchannel Authentication).
    
    Parameters:
    
    endpoint - The backchannel client notification endpoint.
    
    Returns:
    
    this object.
    
    Since:
    
    2.32
  - getBcRequestSignAlg
```
public JWSAlg getBcRequestSignAlg()
```
    Get the signature algorithm of the request to the backchannel authentication endpoint. This property corresponds to the backchannel_authentication_request_signing_alg metadata.
    
    Returns:
    
    The signature algorithm of the request to the backchannel authentication endpoint.
    
    Since:
    
    2.32
  - setBcRequestSignAlg
```
public Client setBcRequestSignAlg(JWSAlg alg)
```
    Set the signature algorithm of the request to the backchannel authentication endpoint. This property corresponds to the backchannel_authentication_request_signing_alg metadata.
    The specification of CIBA (Client Initiated Backchannel Authentication) allows asymmetric algorithms only.
    
    Parameters:
    
    alg - The signature algorithm of the request to the backchannel authentication endpoint.
    
    Returns:
    
    this object.
    
    Since:
    
    2.32
  - isBcUserCodeRequired
```
public boolean isBcUserCodeRequired()
```
    Get the boolean flag which indicates whether a user code is required when this client makes a backchannel authentication request. This property corresponds to the backchannel_user_code_parameter metadata.
    
    Returns:
    
    true if a user code is required when this client makes a backchannel authentication request.
    
    Since:
    
    2.32
  - setBcUserCodeRequired
```
public Client setBcUserCodeRequired(boolean required)
```
    Set the boolean flag which indicates whether a user code is required when this client makes a backchannel authentication request. This property corresponds to the backchannel_user_code_parameter metadata.
    
    Parameters:
    
    required - true to indicate that a user code is required when this client makes a backchannel authentication request.
    
    Returns:
    
    this object.
    
    Since:
    
    2.32
  - isDynamicallyRegistered
```
public boolean isDynamicallyRegistered()
```
    Get the flag which indicates whether this client has been registered dynamically.
    
    Parameters:
    
    dynamicallyRegistered - true if the client has been registered dynamically.
    
    Returns:
    
    this object.
    
    Since:
    
    2.39
  - setDynamicallyRegistered
```
public Client setDynamicallyRegistered(boolean dynamicallyRegistered)
```
    Set the flag which indicates whether this client has been registered dynamically.
    
    Parameters:
    
    dynamicallyRegistered - true if the client has been registered dynamically.
    
    Returns:
    
    this object.
    
    Since:
    
    2.39
  - getRegistrationAccessTokenHash
```
public String getRegistrationAccessTokenHash()
```
    Get the hash of the registration access token for this client.
    
    Returns:
    
    The hash of the registration access token for this client.
    
    Since:
    
    2.39
  - setRegistrationAccessTokenHash
```
public Client setRegistrationAccessTokenHash(String registrationAccessToken)
```
    Set the hash of the registration access token for this client.
    
    Parameters:
    
    registrationAccessToken - The hash of the registration access token for this client.
    
    Returns:
    
    this object.
    
    Since:
    
    2.39
  - getAuthorizationDetailsTypes
```
public String[] getAuthorizationDetailsTypes()
```
    Get the authorization details types that this client may use as values of the "type" field in "authorization_details".
    This property corresponds to the "authorization_details_types" metadata. See "OAuth 2.0 Rich Authorization Requests" (RAR) for details.
    
    Note that the property name was renamed from authorizationDataTypes to authorizationDetailsTypes to align with the change made by the 5th draft of the RAR specification.
    
    Returns:
    
    Authorization details types used in "authorization_details".
    
    Since:
    
    2.91
  - setAuthorizationDetailsTypes
```
public Client setAuthorizationDetailsTypes(String[] types)
```
    Set the authorization details types that this client may use as values of the "type" field in "authorization_details".
    This property corresponds to the "authorization_details_types" metadata. See "OAuth 2.0 Rich Authorization Requests" (RAR) for details.
    
    Note that the property name was renamed from authorizationDataTypes to authorizationDetailsTypes to align with the change made by the 5th draft of the RAR specification.
    
    Parameters:
    
    types - Authorization details types used in "authorization_details".
    
    Returns:
    
    this object.
    
    Since:
    
    2.91
  - isParRequired
```
public boolean isParRequired()
```
    Get the flag indicating whether this client is required to use the pushed authorization request endpoint.
    This property corresponds to the require_pushed_authorization_requests client metadata defined in "OAuth 2.0 Pushed Authorization Requests".
    
    Returns:
    
    true if this client is required to use the pushed authorization request endpoint.
    
    Since:
    
    2.77
  - setParRequired
```
public Client setParRequired(boolean required)
```
    Set the flag indicating whether this client is required to use the pushed authorization request endpoint.
    This property corresponds to the require_pushed_authorization_requests client metadata defined in "OAuth 2.0 Pushed Authorization Requests".
    
    Parameters:
    
    required - true to indicate that this client is required to use the pushed authorization request endpoint.
    
    Returns:
    
    this object.
    
    Since:
    
    2.77
  - isRequestObjectRequired
```
public boolean isRequestObjectRequired()
```
    Get the flag indicating whether authorization requests from this client are always required to utilize a request object by using either request or request_uri request parameter.
    If this flag is true and the service's isTraditionalRequestObjectProcessingApplied() returns false, authorization requests from this client are processed as if require_signed_request_object client metadata of this client is true. The metadata is defined in JAR (JWT Secured Authorization Request).
    
    Returns:
    
    true if authorization requests from this client are always required to utilize a request object.
    
    Since:
    
    2.80
  - setRequestObjectRequired
```
public Client setRequestObjectRequired(boolean required)
```
    Set the flag indicating whether authorization requests from this client are always required to utilize a request object by using either request or request_uri request parameter.
    See the description of isRequestObjectRequired() for details.
    
    Parameters:
    
    required - true to require that authorization requests from this client always utilize a request object.
    
    Returns:
    
    this object.
    
    Since:
    
    2.80
  - getAttributes
```
public Pair[] getAttributes()
```
    Get attributes.
    The feature of "client attributes" is available since Authlete 2.2.
    
    Returns:
    
    Attributes.
    
    Since:
    
    2.87
  - setAttributes
```
public Client setAttributes(Pair[] attributes)
```
    Set attributes.
    The feature of "client attributes" is available since Authlete 2.2.
    
    Parameters:
    
    attributes - Attributes.
    
    Returns:
    
    this object.
    
    Since:
    
    2.87
  - loadAttributes
```
public Client loadAttributes(Iterable<Pair> attributes)
```
    Load attributes from an iterable.
    The feature of "client attributes" is available since Authlete 2.2.
    
    Parameters:
    
    attributes - Attributes.
    
    Returns:
    
    this object.
    
    Since:
    
    2.89
  - getCustomMetadata
```
public String getCustomMetadata()
```
    Get the custom client metadata in JSON format.
    Standard specifications define client metadata as necessary. The following are such examples.
    Standard client metadata included in Client Registration Request and Client Update Request (cf. OIDC DynReg, RFC 7591 and RFC 7592) are, if supported by Authlete, set to corresponding properties of the client application. For example, the value of the client_name client metadata in Client Registration/Update Request is set to the clientName property. On the other hand, unrecognized client metadata are discarded.
    
    By listing up custom client metadata in advance by using the supportedCustomClientMetadata property of Service, Authlete can recognize them and stores their values into the database. The stored custom client metadata values can be referenced by this method.
    Returns:
    
    Custom client metadata in JSON format.
    
    Since:
    
    2.93
    
    See Also:
    
    Service.getSupportedCustomClientMetadata()
  - setCustomMetadata
```
public Client setCustomMetadata(String metadata)
```
    Set the custom client metadata in JSON format.
    Standard specifications define client metadata as necessary. The following are such examples.
    Standard client metadata included in Client Registration Request and Client Update Request (cf. OIDC DynReg, RFC 7591 and RFC 7592) are, if supported by Authlete, set to corresponding properties of the client application. For example, the value of the client_name client metadata in Client Registration/Update Request is set to the clientName property. On the other hand, unrecognized client metadata are discarded.
    
    By listing up custom client metadata in advance by using the supportedCustomClientMetadata property of Service, Authlete can recognize them and stores their values into the database. The stored custom client metadata values can be referenced by getCustomMetadata().
    Parameters:
    
    metadata - Custom client metadata in JSON format.
    
    Returns:
    
    this object.
    
    Since:
    
    2.93
    
    See Also:
    
    Service.getSupportedCustomClientMetadata()
  - isFrontChannelRequestObjectEncryptionRequired
```
public boolean isFrontChannelRequestObjectEncryptionRequired()
```
    Get the flag indicating whether encryption of request object is required when the request object is passed through the front channel.
    This flag does not affect the processing of request objects at the Pushed Authorization Request Endpoint, which is defined in OAuth 2.0 Pushed Authorization Requests. Unecrypted request objects are accepted at the endpoint even if this flag is true.
    
    This flag does not indicate whether a request object is always required. There is a different flag, requestObjectRequired, for the purpose. See the description of isRequestObjectRequired() for details.
    
    Even if this flag is false, encryption of request object is required if the Service.frontChannelRequestObjectEncryptionRequired flag is true.
    
    Returns:
    
    true if encryption of request object is required when the request object is passed through the front channel.
    
    Since:
    
    2.96
    
    See Also:
    
    isRequestObjectRequired(), Service.isFrontChannelRequestObjectEncryptionRequired()
  - setFrontChannelRequestObjectEncryptionRequired
```
public Client setFrontChannelRequestObjectEncryptionRequired(boolean required)
```
    Set the flag indicating whether encryption of request object is required when the request object is passed through the front channel.
    This flag does not affect the processing of request objects at the Pushed Authorization Request Endpoint, which is defined in OAuth 2.0 Pushed Authorization Requests. Unecrypted request objects are accepted at the endpoint even if this flag is true.
    
    This flag does not indicate whether a request object is always required. There is a different flag, requestObjectRequired, for the purpose. See the description of isRequestObjectRequired() for details.
    
    Even if this flag is false, encryption of request object is required if the Service.frontChannelRequestObjectEncryptionRequired flag is true.
    
    Parameters:
    
    required - true to require that request objects passed through the front channel be encrypted.
    
    Returns:
    
    this object.
    
    Since:
    
    2.96
    
    See Also:
    
    isRequestObjectRequired(), Service.isFrontChannelRequestObjectEncryptionRequired()
  - isRequestObjectEncryptionAlgMatchRequired
```
public boolean isRequestObjectEncryptionAlgMatchRequired()
```
    Get the flag indicating whether the JWE alg of encrypted request object must match the request_object_encryption_alg client metadata.
    The request_object_encryption_alg client metadata itself is defined in OpenID Connect Dynamic Client Registration 1.0 as follows.
    
    request_object_encryption_alg
    
    OPTIONAL. JWE [JWE] alg algorithm [JWA] the RP is declaring that it may use for encrypting Request Objects sent to the OP. This parameter SHOULD be included when symmetric encryption will be used, since this signals to the OP that a client_secret value needs to be returned from which the symmetric key will be derived, that might not otherwise be returned. The RP MAY still use other supported encryption algorithms or send unencrypted Request Objects, even when this parameter is present. If both signing and encryption are requested, the Request Object will be signed then encrypted, with the result being a Nested JWT, as defined in [JWT]. The default, if omitted, is that the RP is not declaring whether it might encrypt any Request Objects.
    
    The point here is "The RP MAY still use other supported encryption algorithms or send unencrypted Request Objects, even when this parameter is present."
    
    The property that represents the client metadata is requestEncryptionAlg. See the description of getRequestEncryptionAlg() for details.
    
    Even if this flag is false, the match is required if the Service.requestObjectEncryptionAlgMatchRequired flag is true.
    
    Returns:
    
    true if the JWE alg of encrypted request object must match the request_object_encryption_alg client metadata.
    
    Since:
    
    2.96
    
    See Also:
    
    getRequestEncryptionAlg(), Service.isRequestObjectEncryptionAlgMatchRequired()
  - setRequestObjectEncryptionAlgMatchRequired
```
public Client setRequestObjectEncryptionAlgMatchRequired(boolean required)
```
    Set the flag indicating whether the JWE alg of encrypted request object must match the request_object_encryption_alg client metadata.
    The request_object_encryption_alg client metadata itself is defined in OpenID Connect Dynamic Client Registration 1.0 as follows.
    
    request_object_encryption_alg
    
    OPTIONAL. JWE [JWE] alg algorithm [JWA] the RP is declaring that it may use for encrypting Request Objects sent to the OP. This parameter SHOULD be included when symmetric encryption will be used, since this signals to the OP that a client_secret value needs to be returned from which the symmetric key will be derived, that might not otherwise be returned. The RP MAY still use other supported encryption algorithms or send unencrypted Request Objects, even when this parameter is present. If both signing and encryption are requested, the Request Object will be signed then encrypted, with the result being a Nested JWT, as defined in [JWT]. The default, if omitted, is that the RP is not declaring whether it might encrypt any Request Objects.
    
    The point here is "The RP MAY still use other supported encryption algorithms or send unencrypted Request Objects, even when this parameter is present."
    
    The property that represents the client metadata is requestEncryptionAlg. See the description of getRequestEncryptionAlg() for details.
    
    Even if this flag is false, the match is required if the Service.requestObjectEncryptionAlgMatchRequired flag is true.
    
    Parameters:
    
    required - true to require that the JWE alg of encrypted request object match the request_object_encryption_alg client metadata.
    
    Returns:
    
    this object.
    
    Since:
    
    2.96
    
    See Also:
    
    getRequestEncryptionAlg(), Service.isRequestObjectEncryptionAlgMatchRequired()
  - isRequestObjectEncryptionEncMatchRequired
```
public boolean isRequestObjectEncryptionEncMatchRequired()
```
    Get the flag indicating whether the JWE enc of encrypted request object must match the request_object_encryption_enc client metadata.
    The request_object_encryption_enc client metadata itself is defined in OpenID Connect Dynamic Client Registration 1.0 as follows.
    
    request_object_encryption_enc
    
    OPTIONAL. JWE enc algorithm [JWA] the RP is declaring that it may use for encrypting Request Objects sent to the OP. If request_object_encryption_alg is specified, the default for this value is A128CBC-HS256. When request_object_encryption_enc is included, request_object_encryption_alg MUST also be provided.
    
    The property that represents the client metadata is requestEncryptionEnc. See the description of getRequestEncryptionEnc() for details.
    
    Even if this flag is false, the match is required if the Service.requestObjectEncryptionEncMatchRequired flag is true.
    
    Returns:
    
    true if the JWE enc of encrypted request object must match the request_object_encryption_enc client metadata.
    
    Since:
    
    2.96
    
    See Also:
    
    getRequestEncryptionEnc(), Service.isRequestObjectEncryptionEncMatchRequired()
  - setRequestObjectEncryptionEncMatchRequired
```
public Client setRequestObjectEncryptionEncMatchRequired(boolean required)
```
    Set the flag indicating whether the JWE enc of encrypted request object must match the request_object_encryption_enc client metadata.
    The request_object_encryption_enc client metadata itself is defined in OpenID Connect Dynamic Client Registration 1.0 as follows.
    
    request_object_encryption_enc
    
    OPTIONAL. JWE enc algorithm [JWA] the RP is declaring that it may use for encrypting Request Objects sent to the OP. If request_object_encryption_alg is specified, the default for this value is A128CBC-HS256. When request_object_encryption_enc is included, request_object_encryption_alg MUST also be provided.
    
    The property that represents the client metadata is requestEncryptionEnc. See the description of getRequestEncryptionEnc() for details.
    
    Even if this flag is false, the match is required if the Service.requestObjectEncryptionEncMatchRequired flag is true.
    
    Parameters:
    
    required - true to require that the JWE enc of encrypted request object match the request_object_encryption_enc client metadata.
    
    Returns:
    
    this object.
    
    Since:
    
    2.96
    
    See Also:
    
    getRequestEncryptionEnc(), Service.isRequestObjectEncryptionEncMatchRequired()
  - getDigestAlgorithm
```
public String getDigestAlgorithm()
```
    Get the digest algorithm that this client requests the server to use when it computes digest values of external attachments, which may be referenced from within ID tokens or userinfo responses (or any place that can have the verified_claims claim).
    Possible values are listed in the Hash Algorithm Registry of IANA (Internet Assigned Numbers Authority), but the server does not necessarily support all the values there. When this property is omitted, "sha-256" is used as the default algorithm.
    
    This property corresponds to the digest_algorithm client metadata which was defined by the third implementer's draft of "OpenID Connect for Identity Assurance 1.0".
    
    This property is recognized by Authlete 2.3 and newer versions.
    
    Returns:
    
    The digest algorithm that this client requests the server to use when it computes digest values of external attachments.
    
    Since:
    
    3.13
    
    See Also:
    
    OpenID Connect for Identity Assurance 1.0, Hash Algorithm Registry
  - setDigestAlgorithm
```
public Client setDigestAlgorithm(String algorithm)
```
    Set the digest algorithm that this client requests the server to use when it computes digest values of external attachments, which may be referenced from within ID tokens or userinfo responses (or any place that can have the verified_claims claim).
    Possible values are listed in the Hash Algorithm Registry of IANA (Internet Assigned Numbers Authority), but the server does not necessarily support all the values there. When this property is omitted, "sha-256" is used as the default algorithm.
    
    This property corresponds to the digest_algorithm client metadata which was defined by the third implementer's draft of "OpenID Connect for Identity Assurance 1.0".
    
    This property is recognized by Authlete 2.3 and newer versions.
    
    Parameters:
    
    algorithm - The digest algorithm that this client requests the server to use when it computes digest values of external attachments.
    
    Returns:
    
    this object.
    
    Since:
    
    3.13
    
    See Also:
    
    OpenID Connect for Identity Assurance 1.0, Hash Algorithm Registry
  - isSingleAccessTokenPerSubject
```
public boolean isSingleAccessTokenPerSubject()
```
    Get the flag which indicates whether the number of access tokens per subject (and per client) is at most one or can be more.
    If this flag is true, an attempt to issue a new access token invalidates existing access tokens associated with the same subject and the same client.
    
    Even if this flag is false, invalidation of existing access tokens is executed if the singleAccessTokenPerSubject property of the Service this client application belongs to is true. (cf. Service.isSingleAccessTokenPerSubject())
    
    Note that, however, attempts by Client Credentials Flow do not invalidate existing access tokens because access tokens issued by Client Credentials Flow are not associated with any end-user's subject. Also note that an attempt by Refresh Token Flow invalidates the coupled access token only and this invalidation is always performed regardless of whether this flag is true or false.
    
    Returns:
    
    true if the number of access tokens per subject (and per client) is at most one.
    
    Since:
    
    3.25, Authlete 2.3
    
    See Also:
    
    Service.isSingleAccessTokenPerSubject()
  - setSingleAccessTokenPerSubject
```
public Client setSingleAccessTokenPerSubject(boolean single)
```
    Set the flag which indicates whether the number of access tokens per subject (and per client) is at most one or can be more.
    If true is set, an attempt to issue a new access token invalidates existing access tokens associated with the same subject and the same client.
    
    Even if this flag is false, invalidation of existing access tokens is executed if the singleAccessTokenPerSubject property of the Service this client application belongs to is true. (cf. Service.setSingleAccessTokenPerSubject(boolean))
    
    Note that, however, attempts by Client Credentials Flow do not invalidate existing access tokens because access tokens issued by Client Credentials Flow are not associated with any end-user's subject. Also note that an attempt by Refresh Token Flow invalidates the coupled access token only and this invalidation is always performed regardless of whether this flag is true or false.
    
    Parameters:
    
    single - true to set the maximum number of access tokens per subject (and per client) to 1.
    
    Returns:
    
    this object.
    
    Since:
    
    3.25, Authlete 2.3
    
    See Also:
    
    Service.setSingleAccessTokenPerSubject(boolean)
  - isPkceRequired
```
public boolean isPkceRequired()
```
    Get the flag indicating whether PKCE (RFC 7636) is required whenever this client makes an authorization request by the authorization code flow.
    Note that even if this flag is false, PKCE is required if Service.pkceRequired is true.
    
    Returns:
    
    true if PKCE is required whenever this client makes an authorization request by the authorization code flow.
    
    Since:
    
    3.29, Authlete 2.3
    
    See Also:
    
    Service.isPkceRequired(), RFC 7636 Proof Key for Code Exchange by OAuth Public Clients
  - setPkceRequired
```
public Client setPkceRequired(boolean required)
```
    Set the flag indicating whether PKCE (RFC 7636) is required whenever this client makes an authorization request by the authorization code flow.
    Note that even if this flag is false, PKCE is required if Service.pkceRequired is true.
    
    Parameters:
    
    required - true to require PKCE whenever this client makes an authorization request by the authorization code flow.
    
    Returns:
    
    this object.
    
    Since:
    
    3.29, Authlete 2.3
    
    See Also:
    
    Service.setPkceRequired(boolean), RFC 7636 Proof Key for Code Exchange by OAuth Public Clients
  - isPkceS256Required
```
public boolean isPkceS256Required()
```
    Get the flag indicating whether S256 must be used as the code challenge method whenever this client uses PKCE (RFC 7636).
    Note that even if this flag is false, S256 is required if Service.pkceS256Required is true.
    
    Returns:
    
    true if S256 must be used as the code challenge method whenever this client uses PKCE.
    
    Since:
    
    3.29, Authlete 2.3
    
    See Also:
    
    Service.setPkceS256Required(boolean), RFC 7636 Proof Key for Code Exchange by OAuth Public Clients
  - setPkceS256Required
```
public Client setPkceS256Required(boolean required)
```
    Set the flag indicating whether S256 must be used as the code challenge method whenever this client uses PKCE (RFC 7636).
    
    Parameters:
    
    required - true to require S256 as the code challenge method whenever this client uses PKCE.
    
    Returns:
    
    this object.
    
    Since:
    
    3.29, Authlete 2.3
    
    See Also:
    
    Service.setPkceS256Required(boolean), RFC 7636 Proof Key for Code Exchange by OAuth Public Clients

Class Client

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

Client

Method Detail

getNumber

setNumber

getServiceNumber

setServiceNumber

getDeveloper

setDeveloper

getClientId

setClientId

getClientIdAlias

setClientIdAlias

isClientIdAliasEnabled

setClientIdAliasEnabled

getClientSecret

setClientSecret

getClientType

setClientType

getRedirectUris

setRedirectUris

getResponseTypes

setResponseTypes

getGrantTypes

setGrantTypes

getApplicationType

setApplicationType

getContacts

setContacts

getClientName

setClientName

getClientNames

setClientNames

getLogoUri

setLogoUri

getLogoUris

setLogoUris

getClientUri

setClientUri

getClientUris

setClientUris

getPolicyUri

setPolicyUri

getPolicyUris

setPolicyUris

getTosUri

setTosUri

getTosUris

setTosUris

getJwksUri

setJwksUri

getJwks

setJwks

getSectorIdentifier

setSectorIdentifier

getSectorIdentifierUri

setSectorIdentifierUri

getDerivedSectorIdentifier

setDerivedSectorIdentifier

getSubjectType

setSubjectType

getIdTokenSignAlg

setIdTokenSignAlg

getIdTokenEncryptionAlg

setIdTokenEncryptionAlg

getIdTokenEncryptionEnc

setIdTokenEncryptionEnc

getUserInfoSignAlg

setUserInfoSignAlg

getUserInfoEncryptionAlg

setUserInfoEncryptionAlg

getUserInfoEncryptionEnc

setUserInfoEncryptionEnc

getRequestSignAlg

setRequestSignAlg

getRequestEncryptionAlg