Service |
AuthorizationResponse.getService() |
Get the information about the service.
|
Service[] |
ServiceListResponse.getServices() |
Get the list of services.
|
Service |
Service.loadAttributes(Iterable<Pair> attributes) |
Load attributes from an iterable.
|
Service |
Service.setAccessTokenDuration(long duration) |
Set the duration of access tokens in seconds; the value of
expires_in in access token responses.
|
Service |
Service.setAccessTokenForExternalAttachmentEmbedded(boolean embedded) |
Set the flag indicating whether Authlete generates access tokens for
external attachments and embeds them in ID tokens and userinfo
responses.
|
Service |
Service.setAccessTokenSignAlg(JWSAlg alg) |
Set the signature algorithm of access tokens.
|
Service |
Service.setAccessTokenSignatureKeyId(String keyId) |
Set the key ID to identify a JWK used for signing access tokens.
|
Service |
Service.setAccessTokenType(String type) |
Set the access token type; the value of token_type in
access token responses.
|
Service |
Service.setAllowableClockSkew(int seconds) |
Set the allowable clock skew between the server and clients in seconds.
|
Service |
Service.setApiKey(long apiKey) |
Set the API key.
|
Service |
Service.setApiSecret(String apiSecret) |
Set the API secret.
|
Service |
Service.setAttributes(Pair[] attributes) |
Set attributes.
|
Service |
Service.setAuthenticationCallbackApiKey(String apiKey) |
Set the API key to access the authentication callback endpoint.
|
Service |
Service.setAuthenticationCallbackApiSecret(String apiSecret) |
Set the API secret to access the authentication callback endpoint.
|
Service |
Service.setAuthenticationCallbackEndpoint(URI endpoint) |
Set the URI of the authentication callback endpoint.
|
Service |
Service.setAuthorityHints(URI[] authorityHints) |
Set the identifiers of entities that can issue entity statements for
this service.
|
Service |
Service.setAuthorizationEndpoint(URI endpoint) |
Set the URI of the authorization endpoint.
|
Service |
Service.setAuthorizationResponseDuration(long duration) |
Set the duration of authorization response JWTs.
|
Service |
Service.setAuthorizationSignatureKeyId(String keyId) |
Set the key ID to identify a JWK used for signing authorization responses
using an asymmetric key.
|
Service |
Service.setBackchannelAuthenticationEndpoint(URI endpoint) |
Set the URI of the backchannel authentication endpoint.
|
Service |
Service.setBackchannelAuthReqIdDuration(int duration) |
Set the duration of backchannel authentication request IDs issued from
the backchannel authentication endpoint in seconds.
|
Service |
Service.setBackchannelBindingMessageRequiredInFapi(boolean required) |
Set the boolean flag which indicates whether the binding_message
request parameter is always required whenever a backchannel authentication
request is judged as a request for Financial-grade API.
|
Service |
Service.setBackchannelPollingInterval(int interval) |
Set the minimum interval between polling requests to the token endpoint
from client applications in seconds.
|
Service |
Service.setBackchannelUserCodeParameterSupported(boolean supported) |
Set the boolean flag which indicates whether the "user_code"
request parameter is supported at the backchannel authentication
endpoint.
|
Service |
Service.setClaimShortcutRestrictive(boolean restrictive) |
Set the flag indicating whether claims specified by shortcut scopes
(e.g.
|
Service |
Service.setClientIdAliasEnabled(boolean enabled) |
Enable/disable the 'Client ID Alias' feature.
|
Service |
Service.setClientsPerDeveloper(int count) |
Set the number of client applications that one developer can create.
|
Service |
Service.setCnonceDuration(long duration) |
Set the duration of c_nonce in seconds.
|
Service |
Service.setCreatedAt(long createdAt) |
Set the time at which this service was created.
|
Service |
Service.setCredentialDuration(long duration) |
Set the default duration of verifiable credentials in seconds.
|
Service |
Service.setCredentialIssuerMetadata(CredentialIssuerMetadata metadata) |
Set the credential issuer metadata.
|
Service |
Service.setCredentialJwks(String jwks) |
Set the JWK Set document containing private keys that are used to sign
verifiable credentials.
|
Service |
Service.setCredentialJwksUri(URI uri) |
Set the URL at which the JWK Set document of the credential issuer is
exposed.
|
Service |
Service.setCredentialOfferDuration(long duration) |
Set the default duration of credential offers in seconds.
|
Service |
Service.setCredentialTransactionDuration(long duration) |
Set the duration of transaction ID in seconds that may be issued as a
result of a credential request or a batch credential request.
|
Service |
Service.setDcrDuplicateSoftwareIdBlocked(boolean blocked) |
Set the flag indicating whether to block DCR (Dynamic Client Registration)
requests whose software_id has already been used previously.
|
Service |
Service.setDcrScopeUsedAsRequestable(boolean used) |
Set the flag indicating whether the scope request parameter
in dynamic client registration and update requests ( RFC 7591 and
RFC 7592)
is used as scopes that the client can request. |
Service |
Service.setDescription(String description) |
Set the description.
|
Service |
Service.setDeveloperAuthenticationCallbackApiKey(String apiKey) |
Set the API key to access the developer authentication callback endpoint.
|
Service |
Service.setDeveloperAuthenticationCallbackApiSecret(String apiSecret) |
Set the API secret to access the developer authentication callback endpoint.
|
Service |
Service.setDeveloperAuthenticationCallbackEndpoint(URI endpoint) |
Set the URI of the developer authentication callback endpoint.
|
Service |
Service.setDeveloperSnsCredentials(SnsCredentials[] snsCredentials) |
Set the list of SNS credentials that Authlete uses to support social login
at the developer console.
|
Service |
Service.setDeviceAuthorizationEndpoint(URI endpoint) |
Set the URI of the device authorization endpoint.
|
Service |
Service.setDeviceFlowCodeDuration(int duration) |
Set the duration of device verification codes and end-user verification
codes issued from the device authorization endpoint in seconds.
|
Service |
Service.setDeviceFlowPollingInterval(int interval) |
Set the minimum interval between polling requests to the token endpoint
from client applications in seconds in device flow.
|
Service |
Service.setDeviceVerificationUri(URI uri) |
Set the verification URI for the device flow.
|
Service |
Service.setDeviceVerificationUriComplete(URI uri) |
Set the verification URI for the device flow with a placeholder for a
user code.
|
Service |
Service.setDirectAuthorizationEndpointEnabled(boolean enabled) |
Set the flag which indicates whether the direct authorization endpoint
is enabled or not.
|
Service |
Service.setDirectIntrospectionEndpointEnabled(boolean enabled) |
Set the flag which indicates whether the direct introspection endpoint
is enabled or not.
|
Service |
Service.setDirectJwksEndpointEnabled(boolean enabled) |
Set the flag which indicates whether the direct jwks endpoint
is enabled or not.
|
Service |
Service.setDirectRevocationEndpointEnabled(boolean enabled) |
Set the flag which indicates whether the direct revocation endpoint
is enabled or not.
|
Service |
Service.setDirectTokenEndpointEnabled(boolean enabled) |
Set the flag which indicates whether the direct token endpoint
is enabled or not.
|
Service |
Service.setDirectUserInfoEndpointEnabled(boolean enabled) |
Set the flag which indicates whether the direct userinfo endpoint
is enabled or not.
|
Service |
Service.setDpopNonceDuration(long duration) |
Set the duration of nonce values for DPoP proof JWTs in seconds.
|
Service |
Service.setDpopNonceRequired(boolean required) |
Set the flag indicating whether to require DPoP proof JWTs to include
the nonce claim whenever they are presented.
|
Service |
Service.setDynamicRegistrationSupported(boolean enabled) |
Set the flag which indicates whether dynamic client registration is supported.
|
Service |
Service.setEndSessionEndpoint(URI endSessionEndpoint) |
Set the end session endpoint for the service.
|
Service |
Service.setErrorDescriptionOmitted(boolean omitted) |
Omit or embed the error_description response parameter in
error responses.
|
Service |
Service.setErrorUriOmitted(boolean omitted) |
Omit or embed the error_uri response parameter in error
responses.
|
Service |
Service.setFapiModes(FapiMode[] modes) |
Set the FAPI modes for this service.
|
Service |
Service.setFederationConfigurationDuration(long duration) |
Set the duration of the entity configuration in seconds.
|
Service |
Service.setFederationEnabled(boolean enabled) |
|
Service |
Service.setFederationJwks(String jwks) |
Set the JWK Set document containing keys that are used to sign (1)
self-signed entity statement of this service and (2) the response from
signed_jwks_uri.
|
Service |
Service.setFederationRegistrationEndpoint(URI endpoint) |
Set the URI of the federation registration endpoint.
|
Service |
Service.setFederationSignatureKeyId(String keyId) |
Set the key ID to identify a JWK that should be used to sign the entity
configuration and the signed JWK Set.
|
Service |
Service.setFrontChannelRequestObjectEncryptionRequired(boolean required) |
Set the flag indicating whether encryption of request object is required
when the request object is passed through the front channel.
|
Service |
Service.setGrantManagementActionRequired(boolean required) |
Set the flag indicating whether every authorization request (and any
request serving as an authorization request such as CIBA backchannel
authentication request and device authorization request) must include
the grant_management_action request parameter.
|
Service |
Service.setGrantManagementEndpoint(URI endpoint) |
Set the URL of the grant management endpoint.
|
Service |
Service.setHsks(Hsk[] hsks) |
Set information about keys managed on HSMs (Hardware Security Modules).
|
Service |
Service.setHsmEnabled(boolean enabled) |
Set the flag indicating whether HSM (Hardware Security Module) support
is enabled for this service.
|
Service |
Service.setIdTokenAudType(String type) |
Set the type of the aud claim in ID tokens.
|
Service |
Service.setIdTokenDuration(long duration) |
Set the duration of ID tokens in seconds.
|
Service |
Service.setIdTokenReissuable(boolean reissuable) |
Set the flag indicating whether to enable the feature of ID token
reissuance in the refresh token flow.
|
Service |
Service.setIdTokenSignatureKeyId(String keyId) |
Set the key ID to identify a JWK used for ID token signature using
an asymmetric key.
|
Service |
Service.setIntrospectionEndpoint(URI endpoint) |
Set the URI of the introspection endpoint.
|
Service |
Service.setIntrospectionSignatureKeyId(String keyId) |
Set the key ID of the key for signing introspection responses.
|
Service |
Service.setIssSuppressed(boolean suppressed) |
Set the flag indicating whether generation of the iss response
parameter is suppressed.
|
Service |
Service.setIssuer(URI issuer) |
Set the issuer identifier of this OpenID provider.
|
Service |
Service.setJwks(String jwks) |
Set the JSON Web Key Set of the service.
|
Service |
Service.setJwksUri(URI uri) |
Set the URI of the service's JSON Web Key Set.
|
Service |
Service.setJwtGrantByIdentifiableClientsOnly(boolean only) |
Set the flag indicating whether to prohibit unidentifiable clients from
using the grant type "urn:ietf:params:oauth:grant-type:jwt-bearer"
( RFC 7523). |
Service |
Service.setJwtGrantEncryptedJwtRejected(boolean rejected) |
Set the flag indicating whether to reject token requests that use
an encrypted JWT as an authorization grant with the grant type
"urn:ietf:params:oauth:grant-type:jwt-bearer"
( RFC 7523). |
Service |
Service.setJwtGrantUnsignedJwtRejected(boolean rejected) |
Set the flag indicating whether to reject token requests that use
an unsigned JWT as an authorization grant with the grant type
"urn:ietf:params:oauth:grant-type:jwt-bearer"
( RFC 7523). |
Service |
Service.setLoopbackRedirectionUriVariable(boolean variable) |
Set the flag indicating whether the port number component of redirection
URIs can be variable when the host component indicates loopback.
|
Service |
Service.setMetadata(Pair[] metadata) |
Set metadata.
|
Service |
Service.setMissingClientIdAllowed(boolean allowed) |
Set the flag indicating whether token requests from public clients without
the client_id request parameter are allowed when the client can be
guessed from authorization_code or refresh_token.
|
Service |
Service.setModifiedAt(long modifiedAt) |
Set the time at which this service was last modified.
|
Service |
Service.setMtlsEndpointAliases(NamedUri[] aliases) |
Set the MTLS endpoint aliases.
|
Service |
Service.setMutualTlsValidatePkiCertChain(boolean mutualTlsValidatePkiCertChain) |
Set whether this service validates certificate chains during PKI-based
client mutual TLS authentication.
|
Service |
Service.setNbfOptional(boolean optional) |
Set the flag indicating whether the nbf claim in the request
object is optional even when the authorization request is regarded as
a FAPI-Part2 request.
|
Service |
Service.setNumber(int number) |
Set the service number.
|
Service |
Service.setOpenidDroppedOnRefreshWithoutOfflineAccess(boolean dropped) |
Set the flag indicating whether to remove the openid scope from
a new access token issued by the refresh token flow if the presented
refresh token does not contain the offline_access scope.
|
Service |
Service.setOrganizationName(String name) |
Set the human-readable name representing the organization that operates
this service.
|
Service |
Service.setParRequired(boolean required) |
Set the flag indicating whether this service requires that clients use
the pushed authorization request endpoint.
|
Service |
Service.setPkceRequired(boolean required) |
Set the flag which indicates whether the use of Proof Key for Code
Exchange (PKCE) is always required for authorization requests
by Authorization Code Flow. |
Service |
Service.setPkceS256Required(boolean required) |
Set the flag which indicates whether S256 is always required
as the code challenge method whenever PKCE ( RFC 7636) is used. |
Service |
Service.setPolicyUri(URI uri) |
Set the URI that this OpenID Provider provides to the person
registering the client to read about the OP's requirements on
how the Relying Party can use the data provided by the OP.
|
Service |
Service.setPreAuthorizedGrantAnonymousAccessSupported(boolean supported) |
Set the flag indicating whether token requests using the pre-authorized
code grant flow by unidentifiable clients are allowed.
|
Service |
Service.setPredefinedTransformedClaims(String claims) |
Set the transformed claims predefined by this service in JSON format.
|
Service |
Service.setPushedAuthReqDuration(long duration) |
Set the duration of pushed authorization requests.
|
Service |
Service.setPushedAuthReqEndpoint(URI endpoint) |
Set the URI of the pushed authorization request endpoint.
|
Service |
Service.setRefreshTokenDuration(long duration) |
Set the duration of refresh tokens in seconds.
|
Service |
Service.setRefreshTokenDurationKept(boolean kept) |
Set the flag which indicates whether the remaining duration of the used
refresh token is taken over to the newly issued refresh token.
|
Service |
Service.setRefreshTokenDurationReset(boolean reset) |
Set the flag which indicates whether duration of refresh tokens are
reset when they are used even if the refreshTokenKept property
of this service (cf. isRefreshTokenKept()) is true
(= even if "Refresh Token Continuous Use" is "Kept"). |
Service |
Service.setRefreshTokenIdempotent(boolean idempotent) |
Set the flag indicating whether refresh token requests with the same
refresh token can be made multiple times in quick succession and they
can obtain the same renewed refresh token within the short period.
|
Service |
Service.setRefreshTokenKept(boolean kept) |
Set the flag which indicates whether a refresh token remains valid
or gets renewed after its use.
|
Service |
Service.setRegistrationEndpoint(URI endpoint) |
Set the URI of the registration endpoint.
|
Service |
Service.setRegistrationManagementEndpoint(URI endpoint) |
Set the URI of the registration management endpoint.
|
Service |
Service.setRequestObjectAudienceChecked(boolean checked) |
Set the flag indicating whether Authlete checks whether the aud
claim of request objects matches the issuer identifier of this service.
|
Service |
Service.setRequestObjectEncryptionAlgMatchRequired(boolean required) |
Set the flag indicating whether the JWE alg of encrypted request
object must match the request_object_encryption_alg client metadata
of the client that has sent the request object.
|
Service |
Service.setRequestObjectEncryptionEncMatchRequired(boolean required) |
Set the flag indicating whether the JWE enc of encrypted request
object must match the request_object_encryption_enc client metadata
of the client that has sent the request object.
|
Service |
Service.setRequestObjectRequired(boolean required) |
Set the flag indicating whether this service requires that authorization
requests always utilize a request object by using either request
or request_uri request parameter.
|
Service |
Service.setResourceSignatureKeyId(String keyId) |
Set the key ID of a JWK containing the private key used by this service to
sign responses from the resource server, such as the userinfo endpoint and
responses sent to the RS signing endpoint.
|
Service |
Service.setRevocationEndpoint(URI endpoint) |
Set the URI of the token revocation endpoint.
|
Service |
Service.setRsResponseSigned(boolean signed) |
Set whether the service signs responses from the resource server.
|
Service |
Service.setScopeRequired(boolean required) |
Set the flag indicating whether requests that request no scope are
rejected or not.
|
Service |
Service.setServiceDocumentation(URI uri) |
Set the URI of a page containing human-readable information
that developers might want or need to know when using this
OpenID Provider.
|
Service |
Service.setServiceName(String serviceName) |
Set the service name.
|
Service |
Service.setServiceOwnerNumber(int serviceOwnerNumber) |
Set the service owner number
|
Service |
Service.setSignedJwksUri(URI uri) |
Set the URI of the endpoint that returns this service's JWK Set document in
the JWT format.
|
Service |
Service.setSingleAccessTokenPerSubject(boolean single) |
Set the flag which indicates whether the number of access tokens
per subject (and per client) is at most one or can be more.
|
Service |
Service.setSnsCredentials(SnsCredentials[] snsCredentials) |
Set the list of SNS credentials that Authlete uses to support social login.
|
Service |
Service.setSupportedAcrs(String[] acrs) |
Set the supported ACRs (authentication context class references).
|
Service |
Service.setSupportedAttachments(AttachmentType[] types) |
Set attachment types supported by this service.
|
Service |
Service.setSupportedAuthorizationDetailsTypes(String[] types) |
Set the supported authorization details types that can be used as values
of the "type" field in "authorization_details".
|
Service |
Service.setSupportedBackchannelTokenDeliveryModes(DeliveryMode[] modes) |
Get the supported backchannel token delivery modes.
|
Service |
Service.setSupportedClaimLocales(String[] supportedClaimLocales) |
Set the supported claim locales.
|
Service |
Service.setSupportedClaims(String[] supportedClaims) |
Set the supported claims.
|
Service |
Service.setSupportedClaimTypes(ClaimType[] claimTypes) |
Set the supported claim types.
|
Service |
Service.setSupportedClientRegistrationTypes(ClientRegistrationType[] types) |
Set the client registration types supported by this service.
|
Service |
Service.setSupportedCustomClientMetadata(String[] metadata) |
Set custom client metadata supported by this service.
|
Service |
Service.setSupportedDeveloperSnses(Sns[] supportedSnses) |
Set the list of supported SNSes for social login at the developer console.
|
Service |
Service.setSupportedDigestAlgorithms(String[] algorithms) |
Set supported algorithms used to compute digest values of external
attachments.
|
Service |
Service.setSupportedDisplays(Display[] displays) |
Set the supported values of display parameter passed to
the authorization endpoint.
|
Service |
Service.setSupportedDocuments(String[] documents) |
Set document types supported by this service.
|
Service |
Service.setSupportedDocumentsCheckMethods(String[] methods) |
Set document check methods supported by this service.
|
Service |
Service.setSupportedDocumentsMethods(String[] methods) |
Set validation and verification processes supported by this service.
|
Service |
Service.setSupportedDocumentsValidationMethods(String[] methods) |
Deprecated.
|
Service |
Service.setSupportedDocumentsVerificationMethods(String[] methods) |
Deprecated.
|
Service |
Service.setSupportedElectronicRecords(String[] records) |
Set electronic record types supported by this service.
|
Service |
Service.setSupportedEvidence(String[] evidence) |
Set evidence supported by this service.
|
Service |
Service.setSupportedGrantTypes(GrantType[] grantTypes) |
Set the supported grant types.
|
Service |
Service.setSupportedIdentityDocuments(String[] documents) |
Deprecated.
|
Service |
Service.setSupportedIntrospectionAuthMethods(ClientAuthMethod[] methods) |
Set client authentication methods supported at the introspection endpoint.
|
Service |
Service.setSupportedPromptValues(Prompt[] promptValues) |
Set the supported prompt values.
|
Service |
Service.setSupportedResponseTypes(ResponseType[] responseTypes) |
Set the supported response types.
|
Service |
Service.setSupportedRevocationAuthMethods(ClientAuthMethod[] methods) |
Set client authentication methods supported at the revocation endpoint.
|
Service |
Service.setSupportedScopes(Scope[] supportedScopes) |
Set the supported scopes.
|
Service |
Service.setSupportedServiceProfiles(ServiceProfile[] profiles) |
Set the supported service profiles.
|
Service |
Service.setSupportedServiceProfiles(Iterable<ServiceProfile> profiles) |
Set the supported service profiles.
|
Service |
Service.setSupportedSnses(Sns[] supportedSnses) |
Set the list of supported SNSes for social login at the authorization
endpoint.
|
Service |
Service.setSupportedTokenAuthMethods(ClientAuthMethod[] methods) |
Set the number of client authentication methods at the token endpoint.
|
Service |
Service.setSupportedTrustFrameworks(String[] frameworks) |
Set trust frameworks supported by this service.
|
Service |
Service.setSupportedUiLocales(String[] supportedUiLocales) |
Set the supported UI locales.
|
Service |
Service.setSupportedVerificationMethods(String[] methods) |
Deprecated.
|
Service |
Service.setSupportedVerifiedClaims(String[] claims) |
Set verified claims supported by this service.
|
Service |
Service.setTlsClientCertificateBoundAccessTokens(boolean enabled) |
Enable or disable support for TLS client certificate bound access tokens.
|
Service |
Service.setTokenBatchNotificationEndpoint(URI endpoint) |
Set the URI of the endpoint that receives token batch results.
|
Service |
Service.setTokenEndpoint(URI endpoint) |
Set the URI of the token endpoint.
|
Service |
Service.setTokenExchangeByConfidentialClientsOnly(boolean only) |
Set the flag indicating whether to prohibit public clients from making
token exchange requests (cf. RFC 8693). |
Service |
Service.setTokenExchangeByIdentifiableClientsOnly(boolean only) |
Set the flag indicating whether to prohibit unidentifiable clients from
making token exchange requests (cf. RFC 8693). |
Service |
Service.setTokenExchangeByPermittedClientsOnly(boolean only) |
Set the flag indicating whether to prohibit clients which have no
explicit permission from making token exchange requests (cf.
RFC 8693). |
Service |
Service.setTokenExchangeEncryptedJwtRejected(boolean rejected) |
Set the flag indicating whether to reject token exchange requests which
use encrypted JWTs as input tokens.
|
Service |
Service.setTokenExchangeUnsignedJwtRejected(boolean rejected) |
Set the flag indicating whether to reject token exchange requests which
use unsigned JWTs as input tokens.
|
Service |
Service.setTokenExpirationLinked(boolean linked) |
Set the flag indicating whether the expiration date of an access token
never exceeds that of the corresponding refresh token.
|
Service |
Service.setTosUri(URI uri) |
Set the URI that the OpenID Provider provides to the person
registering the client to read about the OP's terms of service.
|
Service |
Service.setTraditionalRequestObjectProcessingApplied(boolean applied) |
Set the flag indicating whether a request object is processed based on
rules defined in OpenID Connect Core 1.0 or JAR (JWT Secured
Authorization Request).
|
Service |
Service.setTrustAnchors(TrustAnchor[] trustAnchors) |
Set the trust anchors that are referenced when this service resolves
trust chains of relying parties.
|
Service |
Service.setTrustedRootCertificates(String[] trustedRootCertificates) |
Get the list of root certificates trusted by this service for PKI-based
client mutual TLS authentication.
|
Service |
Service.setUnauthorizedOnClientConfigSupported(boolean supported) |
Set the flag indicating whether Authlete's /api/client/registration
API uses UNAUTHORIZED
as a value of the action response parameter when appropriate. |
Service |
Service.setUserCodeCharset(UserCodeCharset charset) |
Set the character set for end-user verification codes
(user_code) for Device Flow.
|
Service |
Service.setUserCodeLength(int length) |
Set the length of end-user verification codes (user_code) for
Device Flow.
|
Service |
Service.setUserInfoEndpoint(URI endpoint) |
Set the URI of the user info endpoint.
|
Service |
Service.setUserInfoSignatureKeyId(String keyId) |
Set the key ID to identify a JWK used for user info signature using
an asymmetric key.
|
Service |
Service.setUserPinLength(int length) |
Deprecated.
|
Service |
Service.setVerifiableCredentialsEnabled(boolean enabled) |
Set the flag indicating whether the feature of Verifiable Credentials
for this service is enabled or not.
|
Service |
Service.setVerifiedClaimsValidationSchemaSet(String schemaSet) |
Set the name of the validation schema set that is used to validate the
content of "verified_claims".
|