Serialized Form
-
Package com.authlete.common.api
-
Class com.authlete.common.api.AuthleteApiException extends RuntimeException implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
-
Package com.authlete.common.assurance
-
Class com.authlete.common.assurance.Claims extends LinkedHashMap<String,Object> implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.assurance.Document extends LinkedHashMap<String,Object> implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.assurance.Evidence extends LinkedHashMap<String,Object> implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.assurance.EvidenceArray extends ArrayList<Evidence> implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.assurance.IDDocument extends Evidence implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.assurance.IdentityAssuranceException extends RuntimeException implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.assurance.Issuer extends LinkedHashMap<String,Object> implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.assurance.Provider extends LinkedHashMap<String,Object> implements Serializable
- serialVersionUID:
- 2L
-
Class com.authlete.common.assurance.QES extends Evidence implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.assurance.UtilityBill extends Evidence implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.assurance.Verification extends LinkedHashMap<String,Object> implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.assurance.VerifiedClaims extends LinkedHashMap<String,Object> implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.assurance.Verifier extends LinkedHashMap<String,Object> implements Serializable
- serialVersionUID:
- 1L
-
-
Package com.authlete.common.assurance.constraint
-
Class com.authlete.common.assurance.constraint.ClaimsConstraint extends LinkedHashMap<String,VerifiedClaimConstraint> implements Serializable
- serialVersionUID:
- 2L
-
Serialized Fields
-
exists
boolean exists
-
isNull
boolean isNull
-
-
Class com.authlete.common.assurance.constraint.ConstraintException extends RuntimeException implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.assurance.constraint.EvidenceArrayConstraint extends ArrayList<EvidenceConstraint> implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
exists
boolean exists
-
isNull
boolean isNull
-
-
-
Package com.authlete.common.dto
-
Class com.authlete.common.dto.AccessToken extends Object implements Serializable
- serialVersionUID:
- 2L
-
Serialized Fields
-
accessTokenExpiresAt
long accessTokenExpiresAt
-
accessTokenHash
String accessTokenHash
-
clientId
long clientId
-
createdAt
long createdAt
-
grantType
GrantType grantType
-
lastRefreshedAt
long lastRefreshedAt
-
properties
Property[] properties
-
refreshTokenExpiresAt
long refreshTokenExpiresAt
-
refreshTokenHash
String refreshTokenHash
-
refreshTokenScopes
String[] refreshTokenScopes
-
scopes
String[] scopes
-
subject
String subject
-
-
Class com.authlete.common.dto.Address extends Object implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.ApiResponse extends Object implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.AuthenticationCallbackRequest extends Object implements Serializable
- serialVersionUID:
- 3L
-
Serialized Fields
-
Class com.authlete.common.dto.AuthenticationCallbackResponse extends Object implements Serializable
- serialVersionUID:
- 3L
-
Class com.authlete.common.dto.AuthorizationAuthenticateRequest extends Object implements Serializable
- serialVersionUID:
- 2L
-
Serialized Fields
-
claims
String claims
The claims to request. -
claimsLocales
String claimsLocales
Locales for claims. -
loginId
String loginId
The login ID of the end-user to authenticate. -
password
String password
The password of the end-user to authenticate. -
ticket
String ticket
The ticket issued by Authlete's /auth/authorization API.
-
-
Class com.authlete.common.dto.AuthorizationAuthenticateResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 2L
-
Serialized Fields
-
action
AuthorizationAuthenticateResponse.Action action
-
authenticated
boolean authenticated
-
responseContent
String responseContent
-
-
Class com.authlete.common.dto.AuthorizationFailRequest extends Object implements Serializable
- serialVersionUID:
- 3L
-
Serialized Fields
-
description
String description
The custom description about the failure. -
reason
AuthorizationFailRequest.Reason reason
The reason of the failure. -
ticket
String ticket
The ticket issued by Authlete's /auth/authorization API.
-
-
Class com.authlete.common.dto.AuthorizationFailResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
action
AuthorizationFailResponse.Action action
-
responseContent
String responseContent
-
-
Class com.authlete.common.dto.AuthorizationIssueRequest extends Object implements Serializable
- serialVersionUID:
- 16L
-
Serialized Fields
-
accessToken
String accessToken
The representation of an access token that may be issued as a result of the Authlete API call.- Since:
- 3.24, Authlete 2.2.27
-
accessTokenDuration
long accessTokenDuration
The duration of the access token that may be issued as a result of the Authlete API call.- Since:
- 3.65, Authlete 2.2.41, Authlete 2.3.5, Authlete 3.0
-
acr
String acr
The authentication context class reference. -
authorizationDetails
AuthzDetails authorizationDetails
The authorization details to associate with the access token. -
authTime
long authTime
The time when the end-user was authenticated. -
claims
String claims
Claims in JSON format. -
claimsForTx
String claimsForTx
Claim key-value pairs that are used to compute values of transformed claims. The format is JSON.- Since:
- 3.8
-
consentedClaims
String[] consentedClaims
Claims that the user has consented for the client application to know.- Since:
- 3.7
-
idtHeaderParams
String idtHeaderParams
JSON that represents additional JWS header parameters for ID tokens that may be issued based on the authorization request.- Since:
- 2.76
-
idTokenAudType
String idTokenAudType
The type of theaud
claim in the ID token being issued.- Since:
- 3.57, Authlete 2.3.3
-
jwtAtClaims
String jwtAtClaims
Additional claims that are added to the payload part of the JWT access token.- Since:
- 3.23, Authlete 2.3
-
properties
Property[] properties
Extra properties to associate with an access token and/or an authorization code. -
scopes
String[] scopes
Scopes to associate with an access token and/or an authorization code. If this field isnull
, the scopes specified in the original authorization request from the client application are used. In other cases, including the case of an empty array, the scopes here will replace the original scopes contained in the original request. -
sub
String sub
The value of the 'sub' claim in an ID token. When this field is empty, 'subject' is used. -
subject
String subject
The subject (end-user) managed by the service. -
ticket
String ticket
The ticket issued by Authlete's endpoint. -
verifiedClaimsForTx
String[] verifiedClaimsForTx
Verified claim key-value pairs that are used to compute values of transformed claims. The format of each element is JSON.- Since:
- 3.8
-
-
Class com.authlete.common.dto.AuthorizationIssueResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 3L
-
Serialized Fields
-
accessToken
String accessToken
- Since:
- Authlete 1.1
-
accessTokenDuration
long accessTokenDuration
- Since:
- Authlete 1.1
-
accessTokenExpiresAt
long accessTokenExpiresAt
- Since:
- Authlete 1.1
-
action
AuthorizationIssueResponse.Action action
- Since:
- Authlete 1.1
-
authorizationCode
String authorizationCode
- Since:
- Authlete 1.1
-
idToken
String idToken
- Since:
- Authlete 1.1
-
jwtAccessToken
String jwtAccessToken
- Since:
- Authlete 2.1
-
responseContent
String responseContent
- Since:
- Authlete 1.1
-
ticketInfo
AuthorizationTicketInfo ticketInfo
Information attached to the ticket.- Since:
- 3.88, Authlete 3.0
-
-
Class com.authlete.common.dto.AuthorizationRequest extends Object implements Serializable
- serialVersionUID:
- 3L
-
Class com.authlete.common.dto.AuthorizationResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 20L
-
Serialized Fields
-
acrEssential
boolean acrEssential
- Since:
- Authlete 1.1
-
acrs
String[] acrs
- Since:
- Authlete 1.1
-
action
AuthorizationResponse.Action action
- Since:
- Authlete 1.1
-
authorizationDetails
AuthzDetails authorizationDetails
- Since:
- Authlete 2.2.0
-
claims
String[] claims
- Since:
- Authlete 1.1
-
claimsAtUserInfo
String[] claimsAtUserInfo
- Since:
- Authlete 3.0.0
-
claimsLocales
String[] claimsLocales
- Since:
- Authlete 1.1
-
client
Client client
- Since:
- Authlete 1.1
-
clientEntityIdUsed
boolean clientEntityIdUsed
- Since:
- Authlete 2.3
-
clientIdAliasUsed
boolean clientIdAliasUsed
- Since:
- Authlete 1.1
-
credentialOfferInfo
CredentialOfferInfo credentialOfferInfo
- Since:
- Authlete 3.0.0
-
display
Display display
- Since:
- Authlete 1.1
-
dynamicScopes
DynamicScope[] dynamicScopes
- Since:
- Authlete 2.2.8
-
gmAction
GMAction gmAction
- Since:
- Authlete 2.3.0
-
grant
Grant grant
- Since:
- Authlete 2.3.0
-
grantId
String grantId
- Since:
- Authlete 2.3.0
-
grantSubject
String grantSubject
- Since:
- Authlete 2.3.0
-
idTokenClaims
String idTokenClaims
- Since:
- Authlete 1.1
-
issuableCredentials
String issuableCredentials
- Since:
- Authlete 3.0.0
-
loginHint
String loginHint
- Since:
- Authlete 1.1
-
lowestPrompt
Prompt lowestPrompt
- Since:
- Authlete 1.1
-
maxAge
int maxAge
- Since:
- Authlete 1.1
-
prompts
Prompt[] prompts
- Since:
- Authlete 1.1
-
purpose
String purpose
- Since:
- Authlete 2.2.1
-
requestedClaimsForTx
String[] requestedClaimsForTx
- Since:
- Authlete 2.3
-
requestedVerifiedClaimsForTx
StringArray[] requestedVerifiedClaimsForTx
- Since:
- Authlete 2.3
-
requestObjectPayload
String requestObjectPayload
- Since:
- Authlete 1.1.22
-
resources
URI[] resources
- Since:
- Authlete 2.2.1
-
responseContent
String responseContent
- Since:
- Authlete 1.1
-
scopes
Scope[] scopes
- Since:
- Authlete 1.1
-
service
Service service
- Since:
- Authlete 1.1
-
subject
String subject
- Since:
- Authlete 1.1
-
ticket
String ticket
- Since:
- Authlete 1.1
-
transformedClaims
String transformedClaims
- Since:
- Authlete 2.3
-
uiLocales
String[] uiLocales
- Since:
- Authlete 1.1
-
userInfoClaims
String userInfoClaims
- Since:
- Authlete 1.1
-
-
Class com.authlete.common.dto.AuthorizationTicketInfo extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
context
String context
The arbitrary text attached to the ticket.
-
-
Class com.authlete.common.dto.AuthorizationTicketInfoRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
ticket
String ticket
The ticket that has been issued from the/auth/authorization
API.
-
-
Class com.authlete.common.dto.AuthorizationTicketInfoResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
action
AuthorizationTicketInfoResponse.Action action
The result of the/auth/authorization/ticket/info
API call. -
info
AuthorizationTicketInfo info
Information about the ticket.
-
-
Class com.authlete.common.dto.AuthorizationTicketUpdateRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
info
AuthorizationTicketInfo info
The information about the ticket. -
ticket
String ticket
The ticket.
-
-
Class com.authlete.common.dto.AuthorizationTicketUpdateResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
action
AuthorizationTicketUpdateResponse.Action action
The result of the/auth/authorization/ticket/info
API call. -
info
AuthorizationTicketInfo info
Information about the ticket.
-
-
Class com.authlete.common.dto.AuthorizedClientListResponse extends ClientListResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
subject
String subject
The identifier of the user who has granted authorization to the client applications.- Since:
- Authlete 1.1
-
-
Class com.authlete.common.dto.AuthzDetails extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
elements
AuthzDetailsElement[] elements
-
-
Class com.authlete.common.dto.AuthzDetailsElement extends Object implements Serializable
- serialVersionUID:
- 4L
-
Class com.authlete.common.dto.BackchannelAuthenticationCompleteRequest extends Object implements Serializable
- serialVersionUID:
- 8L
-
Serialized Fields
-
accessToken
String accessToken
The representation of an access token that may be issued as a result of the Authlete API call.- Since:
- 3.24, Authlete 2.2.27
-
accessTokenDuration
long accessTokenDuration
The duration of the access token that may be issued as a result of the Authlete API call.- Since:
- 4.8, Authlete 2.3.20, Authlete 3.0
-
acr
String acr
The authentication context class reference. -
authTime
long authTime
The time at which the end-user was authenticated. -
claims
String claims
Additional claims in JSON format. -
consentedClaims
String[] consentedClaims
Claims that the user has consented for the client application to know.- Since:
- 3.7
-
errorDescription
String errorDescription
The description of the error. This property is referred to when the result is not AUTHORIZED. -
errorUri
URI errorUri
The URI of a document which describes the error in detail. This property is referred to when the result is not AUTHORIZED. -
idtHeaderParams
String idtHeaderParams
JSON that represents additional JWS header parameters for the ID token.- Since:
- 2.79
-
idTokenAudType
String idTokenAudType
The type of theaud
claim in the ID token being issued.- Since:
- 3.57, Authlete 2.3.3
-
jwtAtClaims
String jwtAtClaims
Additional claims that are added to the payload part of the JWT access token.- Since:
- 3.23, Authlete 2.3
-
properties
Property[] properties
Extra properties associated with the access token. -
refreshTokenDuration
long refreshTokenDuration
The duration of the refresh token that may be issued as a result of the Authlete API call.- Since:
- 4.8, Authlete 2.3.20, Authlete 3.0
-
result
BackchannelAuthenticationCompleteRequest.Result result
The result of the end-user authentication and authorization. -
scopes
String[] scopes
Scopes associated with the access token. If this field isnull
, the scopes specified in the original backchannel authentication request are used. In other cases, the scopes here will replace the original scopes contained in the original request. -
sub
String sub
The value of thesub
claim for the ID token. When this field is empty,subject
is used as the value of thesub
claim. -
subject
String subject
The subject (= unique identifier) of the end-user. -
ticket
String ticket
The ticket issued by Authlete's /api/backchannel/authentication API.
-
-
Class com.authlete.common.dto.BackchannelAuthenticationCompleteResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 8L
-
Serialized Fields
-
accessToken
String accessToken
- Since:
- Authlete 2.0.0
-
accessTokenDuration
long accessTokenDuration
- Since:
- Authlete 2.0.0
-
action
BackchannelAuthenticationCompleteResponse.Action action
- Since:
- Authlete 2.0.0
-
authorizationDetails
AuthzDetails authorizationDetails
- Since:
- Authlete 2.2.0
-
authReqId
String authReqId
- Since:
- Authlete 2.0.0
-
clientAttributes
Pair[] clientAttributes
- Since:
- Authlete 2.2.3
-
clientEntityId
URI clientEntityId
- Since:
- Authlete 2.3.0
-
clientEntityIdUsed
boolean clientEntityIdUsed
- Since:
- Authlete 2.3.0
-
clientId
long clientId
- Since:
- Authlete 2.0.0
-
clientIdAlias
String clientIdAlias
- Since:
- Authlete 2.0.0
-
clientIdAliasUsed
boolean clientIdAliasUsed
- Since:
- Authlete 2.0.0
-
clientName
String clientName
- Since:
- Authlete 2.0.0
-
clientNotificationEndpoint
URI clientNotificationEndpoint
- Since:
- Authlete 2.0.0
-
clientNotificationToken
String clientNotificationToken
- Since:
- Authlete 2.0.0
-
deliveryMode
DeliveryMode deliveryMode
- Since:
- Authlete 2.0.0
-
grantId
String grantId
- Since:
- Authlete 2.3.0
-
idToken
String idToken
- Since:
- Authlete 2.0.0
-
idTokenDuration
long idTokenDuration
- Since:
- Authlete 2.0.0
-
jwtAccessToken
String jwtAccessToken
- Since:
- Authlete 2.2.0
-
refreshToken
String refreshToken
- Since:
- Authlete 2.0.0
-
refreshTokenDuration
long refreshTokenDuration
- Since:
- Authlete 2.0.0
-
resources
URI[] resources
- Since:
- Authlete 2.2.0
-
responseContent
String responseContent
- Since:
- Authlete 2.0.0
-
serviceAttributes
Pair[] serviceAttributes
- Since:
- Authlete 2.2.3
-
-
Class com.authlete.common.dto.BackchannelAuthenticationFailRequest extends Object implements Serializable
- serialVersionUID:
- 3L
-
Serialized Fields
-
errorDescription
String errorDescription
-
errorUri
URI errorUri
-
reason
BackchannelAuthenticationFailRequest.Reason reason
-
ticket
String ticket
-
-
Class com.authlete.common.dto.BackchannelAuthenticationFailResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
action
BackchannelAuthenticationFailResponse.Action action
-
responseContent
String responseContent
-
-
Class com.authlete.common.dto.BackchannelAuthenticationIssueRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
ticket
String ticket
The ticket issued by Authlete's /api/backchannel/authentication API.
-
-
Class com.authlete.common.dto.BackchannelAuthenticationIssueResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
action
BackchannelAuthenticationIssueResponse.Action action
-
authReqId
String authReqId
-
expiresIn
int expiresIn
-
interval
int interval
-
responseContent
String responseContent
-
-
Class com.authlete.common.dto.BackchannelAuthenticationRequest extends Object implements Serializable
- serialVersionUID:
- 2L
-
Serialized Fields
-
clientCertificate
String clientCertificate
Client certificate. -
clientCertificatePath
String[] clientCertificatePath
Client certificate path. -
clientId
String clientId
Client ID extracted from Authorization header. -
clientSecret
String clientSecret
Client secret extracted from Authorization header. -
oauthClientAttestation
String oauthClientAttestation
The value of theOAuth-Client-Attestation
HTTP header.- Since:
- 4.3, Authlete 3.0
- See Also:
- OAuth 2.0 Attestation-Based Client Authentication
-
oauthClientAttestationPop
String oauthClientAttestationPop
The value of theOAuth-Client-Attestation-PoP
HTTP header.- Since:
- 4.3, Authlete 3.0
- See Also:
- OAuth 2.0 Attestation-Based Client Authentication
-
parameters
String parameters
Request parameters of a backchannel authentication request.
-
-
Class com.authlete.common.dto.BackchannelAuthenticationResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 11L
-
Serialized Fields
-
acrs
String[] acrs
- Since:
- Authlete 2.0.0
-
action
BackchannelAuthenticationResponse.Action action
- Since:
- Authlete 2.0.0
-
authorizationDetails
AuthzDetails authorizationDetails
- Since:
- Authlete 2.2.0
-
bindingMessage
String bindingMessage
- Since:
- Authlete 2.0.0
-
claimNames
String[] claimNames
- Since:
- Authlete 2.0.0
-
clientAttributes
Pair[] clientAttributes
- Since:
- Authlete 2.2.3
-
clientAuthMethod
ClientAuthMethod clientAuthMethod
- Since:
- Authlete 2.3.13
-
clientEntityId
URI clientEntityId
- Since:
- Authlete 2.3.0
-
clientEntityIdUsed
boolean clientEntityIdUsed
- Since:
- Authlete 2.3.0
-
clientId
long clientId
- Since:
- Authlete 2.0.0
-
clientIdAlias
String clientIdAlias
- Since:
- Authlete 2.0.0
-
clientIdAliasUsed
boolean clientIdAliasUsed
- Since:
- Authlete 2.0.0
-
clientName
String clientName
- Since:
- Authlete 2.0.0
-
clientNotificationToken
String clientNotificationToken
- Since:
- Authlete 2.0.0
-
deliveryMode
DeliveryMode deliveryMode
- Since:
- Authlete 2.0.0
-
dynamicScopes
DynamicScope[] dynamicScopes
- Since:
- Authlete 2.2.8
-
gmAction
GMAction gmAction
- Since:
- Authlete 2.3.0
-
grant
Grant grant
- Since:
- Authlete 2.3.0
-
grantId
String grantId
- Since:
- Authlete 2.3.0
-
grantSubject
String grantSubject
- Since:
- Authlete 2.3.0
-
hint
String hint
- Since:
- Authlete 2.0.0
-
hintType
UserIdentificationHintType hintType
- Since:
- Authlete 2.0.0
-
requestContext
String requestContext
- Since:
- Authlete 2.0.0
-
requestedExpiry
int requestedExpiry
- Since:
- Authlete 2.0.0
-
resources
URI[] resources
- Since:
- Authlete 2.2.1
-
responseContent
String responseContent
- Since:
- Authlete 2.0.0
-
scopes
Scope[] scopes
- Since:
- Authlete 2.0.0
-
serviceAttributes
Pair[] serviceAttributes
- Since:
- Authlete 2.2.3
-
sub
String sub
- Since:
- Authlete 2.0.0
-
ticket
String ticket
- Since:
- Authlete 2.0.0
-
userCode
String userCode
- Since:
- Authlete 2.0.0
-
userCodeRequired
boolean userCodeRequired
- Since:
- Authlete 2.0.0
-
warnings
String[] warnings
- Since:
- Authlete 2.0.0
-
-
Class com.authlete.common.dto.Client extends Object implements Serializable
- serialVersionUID:
- 38L
-
Serialized Fields
-
applicationType
ApplicationType applicationType
Application type.- Since:
- Authlete 1.1
-
attributes
Pair[] attributes
- Since:
- Authlete 2.2.3
-
authorizationDetailsTypes
String[] authorizationDetailsTypes
- Since:
- Authlete 2.2.7
-
authorizationEncryptionAlg
JWEAlg authorizationEncryptionAlg
- Since:
- Authlete 2.0.0
-
authorizationEncryptionEnc
JWEEnc authorizationEncryptionEnc
- Since:
- Authlete 2.0.0
-
authorizationSignAlg
JWSAlg authorizationSignAlg
- Since:
- Authlete 2.0.0
-
authTimeRequired
boolean authTimeRequired
- Since:
- Authlete 1.1
-
automaticallyRegistered
boolean automaticallyRegistered
- Since:
- Authlete 2.3.0
-
bcDeliveryMode
DeliveryMode bcDeliveryMode
- Since:
- Authlete 2.0.0
-
bcNotificationEndpoint
URI bcNotificationEndpoint
- Since:
- Authlete 2.0.0
-
bcRequestSignAlg
JWSAlg bcRequestSignAlg
- Since:
- Authlete 2.0.0
-
bcUserCodeRequired
boolean bcUserCodeRequired
- Since:
- Authlete 2.0.0
-
clientId
long clientId
Client ID.- Since:
- Authlete 1.1
-
clientIdAlias
String clientIdAlias
Alias of Client ID.- Since:
- Authlete 1.1
-
clientIdAliasEnabled
boolean clientIdAliasEnabled
True when the client ID alias is enabled.- Since:
- Authlete 1.1
-
clientName
String clientName
Client name.- Since:
- Authlete 1.1
-
clientNames
TaggedValue[] clientNames
Client names.- Since:
- Authlete 1.1
-
clientRegistrationTypes
ClientRegistrationType[] clientRegistrationTypes
- Since:
- Authlete 2.3.0
-
clientSecret
String clientSecret
Client secret.- Since:
- Authlete 1.1
-
clientType
ClientType clientType
Client type.- Since:
- Authlete 1.1
-
clientUri
URI clientUri
Client URI.- Since:
- Authlete 1.1
-
clientUris
TaggedValue[] clientUris
Client URIs.- Since:
- Authlete 1.1
-
contacts
String[] contacts
Email addresses of contacts.- Since:
- Authlete 1.1
-
createdAt
long createdAt
- Since:
- Authlete 1.1
-
credentialOfferEndpoint
URI credentialOfferEndpoint
- Since:
- Authlete 3.0
-
credentialResponseEncryptionRequired
boolean credentialResponseEncryptionRequired
- Since:
- Authlete 3.0
-
customMetadata
String customMetadata
- Since:
- Authlete 2.2.10
-
defaultAcrs
String[] defaultAcrs
- Since:
- Authlete 1.1
-
defaultMaxAge
int defaultMaxAge
- Since:
- Authlete 1.1
-
derivedSectorIdentifier
String derivedSectorIdentifier
Calculated sector identifier host component- Since:
- 2.61, Authlete 2.2.1
-
description
String description
- Since:
- Authlete 1.1
-
descriptions
TaggedValue[] descriptions
- Since:
- Authlete 1.1
-
developer
String developer
Deprecated.Authlete 3.0Developer unique ID.- Since:
- Authlete 1.1
-
digestAlgorithm
String digestAlgorithm
- Since:
- Authlete 2.3.0
-
dpopRequired
boolean dpopRequired
- Since:
- Authlete 2.3.0
-
dynamicallyRegistered
boolean dynamicallyRegistered
- Since:
- Authlete 2.0.0
-
entityId
URI entityId
- Since:
- Authlete 2.3.0
-
explicitlyRegistered
boolean explicitlyRegistered
- Since:
- Authlete 2.3.0
-
extension
ClientExtension extension
- Since:
- Authlete 1.1
-
fapiModes
FapiMode[] fapiModes
- Since:
- Authlete 3.0.0
-
frontChannelRequestObjectEncryptionRequired
boolean frontChannelRequestObjectEncryptionRequired
- Since:
- Authlete 2.2.10
-
grantTypes
GrantType[] grantTypes
Grant types.- Since:
- Authlete 1.1
-
idTokenEncryptionAlg
JWEAlg idTokenEncryptionAlg
- Since:
- Authlete 1.1
-
idTokenEncryptionEnc
JWEEnc idTokenEncryptionEnc
- Since:
- Authlete 1.1
-
idTokenSignAlg
JWSAlg idTokenSignAlg
- Since:
- Authlete 1.1
-
jwks
String jwks
JSON Web Key Set.- Since:
- Authlete 1.1
-
jwksUri
URI jwksUri
JSON Web Key Set URI.- Since:
- Authlete 1.1
-
locked
boolean locked
- Since:
- Authlete 2.3.7
-
loginUri
URI loginUri
- Since:
- Authlete 1.1
-
logoUri
URI logoUri
Logo URI.- Since:
- Authlete 1.1
-
logoUris
TaggedValue[] logoUris
Logo URIs.- Since:
- Authlete 1.1
-
modifiedAt
long modifiedAt
- Since:
- Authlete 1.1
-
mtlsEndpointAliasesUsed
boolean mtlsEndpointAliasesUsed
- Since:
- Authlete 3.0.0
-
number
int number
Client number.- Since:
- Authlete 1.1
-
organizationName
String organizationName
- Since:
- Authlete 2.3.0
-
parRequired
boolean parRequired
- Since:
- Authlete 2.2.1
-
pkceRequired
boolean pkceRequired
- Since:
- Authlete 2.3.0
-
pkceS256Required
boolean pkceS256Required
- Since:
- Authlete 2.3.0
-
policyUri
URI policyUri
Policy URI.- Since:
- Authlete 1.1
-
policyUris
TaggedValue[] policyUris
Policy URIs.- Since:
- Authlete 1.1
-
redirectUris
String[] redirectUris
Redirect URIs.- Since:
- Authlete 1.1
-
registrationAccessTokenHash
String registrationAccessTokenHash
- Since:
- Authlete 2.0.0
-
requestEncryptionAlg
JWEAlg requestEncryptionAlg
- Since:
- Authlete 1.1
-
requestEncryptionEnc
JWEEnc requestEncryptionEnc
- Since:
- Authlete 1.1
-
requestObjectEncryptionAlgMatchRequired
boolean requestObjectEncryptionAlgMatchRequired
- Since:
- Authlete 2.2.10
-
requestObjectEncryptionEncMatchRequired
boolean requestObjectEncryptionEncMatchRequired
- Since:
- Authlete 2.2.10
-
requestObjectRequired
boolean requestObjectRequired
- Since:
- Authlete 2.2.1
-
requestSignAlg
JWSAlg requestSignAlg
- Since:
- Authlete 1.1
-
requestUris
String[] requestUris
- Since:
- Authlete 1.1
-
responseModes
ResponseMode[] responseModes
- Since:
- Authlete 3.0.0
-
responseTypes
ResponseType[] responseTypes
Response types.- Since:
- Authlete 1.1
-
rsRequestSigned
boolean rsRequestSigned
- Since:
- Authlete 2.3.0
-
rsSignedRequestKeyId
String rsSignedRequestKeyId
- Since:
- Authlete 2.3.0
-
sectorIdentifierUri
URI sectorIdentifierUri
Sector identifier URI.- Since:
- 2.50, Authlete 2.2.1
-
selfSignedCertificateKeyId
String selfSignedCertificateKeyId
- Since:
- Authlete 1.1.19
-
serviceNumber
int serviceNumber
Service number.- Since:
- Authlete 1.1
-
signedJwksUri
URI signedJwksUri
- Since:
- Authlete 2.3.0
-
singleAccessTokenPerSubject
boolean singleAccessTokenPerSubject
- Since:
- Authlete 2.3.0
-
softwareId
String softwareId
- Since:
- Authlete 2.3.0
-
softwareVersion
String softwareVersion
- Since:
- Authlete 2.3.0
-
subjectType
SubjectType subjectType
- Since:
- Authlete 1.1
-
tlsClientAuthSanDns
String tlsClientAuthSanDns
- Since:
- Authlete 2.0.0
-
tlsClientAuthSanEmail
String tlsClientAuthSanEmail
- Since:
- Authlete 2.0.0
-
tlsClientAuthSanIp
String tlsClientAuthSanIp
- Since:
- Authlete 2.0.0
-
tlsClientAuthSanUri
URI tlsClientAuthSanUri
- Since:
- Authlete 2.0.0
-
tlsClientAuthSubjectDn
String tlsClientAuthSubjectDn
- Since:
- Authlete 1.1.17
-
tlsClientCertificateBoundAccessTokens
boolean tlsClientCertificateBoundAccessTokens
- Since:
- Authlete 1.1.19
-
tokenAuthMethod
ClientAuthMethod tokenAuthMethod
- Since:
- Authlete 1.1
-
tokenAuthSignAlg
JWSAlg tokenAuthSignAlg
- Since:
- Authlete 1.1
-
tosUri
URI tosUri
Terms of Service URI.- Since:
- Authlete 1.1
-
tosUris
TaggedValue[] tosUris
Terms of Service URIs.- Since:
- Authlete 1.1
-
trustAnchorId
URI trustAnchorId
- Since:
- Authlete 2.3.0
-
trustChain
String[] trustChain
- Since:
- Authlete 2.3.0
-
trustChainExpiresAt
long trustChainExpiresAt
- Since:
- Authlete 2.3.0
-
trustChainUpdatedAt
long trustChainUpdatedAt
- Since:
- Authlete 2.3.0
-
userInfoEncryptionAlg
JWEAlg userInfoEncryptionAlg
- Since:
- Authlete 1.1
-
userInfoEncryptionEnc
JWEEnc userInfoEncryptionEnc
- Since:
- Authlete 1.1
-
userInfoSignAlg
JWSAlg userInfoSignAlg
- Since:
- Authlete 1.1
-
-
Class com.authlete.common.dto.ClientAuthorizationDeleteRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
subject
String subject
-
-
Class com.authlete.common.dto.ClientAuthorizationGetListRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.ClientAuthorizationUpdateRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.ClientExtension extends Object implements Serializable
- serialVersionUID:
- 5L
-
Serialized Fields
-
accessTokenDuration
long accessTokenDuration
-
refreshTokenDuration
long refreshTokenDuration
-
requestableScopes
String[] requestableScopes
-
requestableScopesEnabled
boolean requestableScopesEnabled
-
tokenExchangePermitted
boolean tokenExchangePermitted
-
-
Class com.authlete.common.dto.ClientListResponse extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
clients
Client[] clients
The client list extracted from the database. -
developer
String developer
The developer of the targeted client applications. -
end
int end
The end index (exclusive) for the result set of the query. -
start
int start
The start index (inclusive) for the result set of the query. -
totalCount
int totalCount
The total count of client applications.
-
-
Class com.authlete.common.dto.ClientLockFlagUpdateRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
clientLocked
boolean clientLocked
-
-
Class com.authlete.common.dto.ClientRegistrationRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.ClientRegistrationResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 2L
-
Serialized Fields
-
action
ClientRegistrationResponse.Action action
-
client
Client client
-
responseContent
String responseContent
-
-
Class com.authlete.common.dto.ClientSecretRefreshResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.ClientSecretUpdateRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
clientSecret
String clientSecret
-
-
Class com.authlete.common.dto.ClientSecretUpdateResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.CredentialBatchIssueRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
accessToken
String accessToken
The access token that was presented at the batch credential endpoint. -
orders
CredentialIssuanceOrder[] orders
The instructions for issuance of credentials and/or transaction IDs.
-
-
Class com.authlete.common.dto.CredentialBatchIssueResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 3L
-
Serialized Fields
-
action
CredentialBatchIssueResponse.Action action
The next action that the implementation of the batch credential endpoint should take. -
responseContent
String responseContent
The content of the response that the implementation of the batch credential endpoint should return.
-
-
Class com.authlete.common.dto.CredentialBatchParseRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.CredentialBatchParseResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
action
CredentialBatchParseResponse.Action action
The next action that the batch credential endpoint should take. -
info
CredentialRequestInfo[] info
Information about the credential requests in the batch credential request. -
responseContent
String responseContent
The content of the response to the request sender.
-
-
Class com.authlete.common.dto.CredentialDeferredIssueRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
order
CredentialIssuanceOrder order
The instruction for credential issuance.
-
-
Class com.authlete.common.dto.CredentialDeferredIssueResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 2L
-
Serialized Fields
-
action
CredentialDeferredIssueResponse.Action action
The next action that the implementation of the deferred credential endpoint should take. -
responseContent
String responseContent
The content of the response that the implementation of the deferred credential endpoint should return.
-
-
Class com.authlete.common.dto.CredentialDeferredParseRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.CredentialDeferredParseResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
action
CredentialDeferredParseResponse.Action action
The next action that the deferred credential endpoint should take. -
info
CredentialRequestInfo info
Information about the credential request bound to the transaction ID. -
responseContent
String responseContent
The content of the response to the request sender.
-
-
Class com.authlete.common.dto.CredentialIssuanceOrder extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
credentialDuration
long credentialDuration
The duration of a credential to be issued. -
credentialPayload
String credentialPayload
The additional payload that will be added into a credential to be issued. -
issuanceDeferred
boolean issuanceDeferred
The flag indicating whether to defer credential issuance. -
requestIdentifier
String requestIdentifier
The identifier of a credential request. -
signingKeyId
String signingKeyId
The key ID of a private key that should be used for signing a credential to be issued.
-
-
Class com.authlete.common.dto.CredentialIssuerJwksRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
pretty
boolean pretty
-
-
Class com.authlete.common.dto.CredentialIssuerJwksResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
action
CredentialIssuerJwksResponse.Action action
-
responseContent
String responseContent
-
-
Class com.authlete.common.dto.CredentialIssuerMetadata extends Object implements Serializable
- serialVersionUID:
- 4L
-
Serialized Fields
-
authorizationServers
URI[] authorizationServers
The identifiers of the authorization servers that the credential issuer relies on for authorization.- Since:
- 3.86
-
batchCredentialEndpoint
URI batchCredentialEndpoint
The URL of the batch credential endpoint of the credential issuer. -
credentialEndpoint
URI credentialEndpoint
The URL of the credential endpoint of the credential issuer. -
credentialIssuer
URI credentialIssuer
The identifier of the credential issuer. -
credentialResponseEncryptionAlgValuesSupported
JWEAlg[] credentialResponseEncryptionAlgValuesSupported
The supported JWE alg algorithms for credential response encryption.- Since:
- 3.86
-
credentialResponseEncryptionEncValuesSupported
JWEEnc[] credentialResponseEncryptionEncValuesSupported
The supported JWE enc algorithms for credential response encryption.- Since:
- 3.86
-
credentialsSupported
String credentialsSupported
A JSON object describing supported credential configurations. -
deferredCredentialEndpoint
URI deferredCredentialEndpoint
The URL of the deferred credential endpoint of the credential issuer. -
requireCredentialResponseEncryption
boolean requireCredentialResponseEncryption
The boolean flag indicating whether credential response encryption is required.- Since:
- 3.86
-
-
Class com.authlete.common.dto.CredentialIssuerMetadataRequest extends Object implements Serializable
- serialVersionUID:
- 2L
-
Serialized Fields
-
pretty
boolean pretty
-
-
Class com.authlete.common.dto.CredentialIssuerMetadataResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
action
CredentialIssuerMetadataResponse.Action action
-
responseContent
String responseContent
-
-
Class com.authlete.common.dto.CredentialJwtIssuerMetadataRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
pretty
boolean pretty
-
-
Class com.authlete.common.dto.CredentialJwtIssuerMetadataResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
action
CredentialJwtIssuerMetadataResponse.Action action
-
responseContent
String responseContent
-
-
Class com.authlete.common.dto.CredentialOfferCreateRequest extends Object implements Serializable
- serialVersionUID:
- 5L
-
Serialized Fields
-
acr
String acr
The Authentication Context Class Reference of the user authentication performed during the course of issuing the credential offer.- Since:
- 3.62
-
authorizationCodeGrantIncluded
boolean authorizationCodeGrantIncluded
The flag to include theauthorization_code
object in thegrants
object. -
authTime
long authTime
The time at which the user authentication was performed during the course of issuing the credential offer.- Since:
- 3.62
-
context
String context
A general-purpose arbitrary string. -
credentialConfigurationIds
String[] credentialConfigurationIds
The value of thecredential_configuration_ids
array.- Since:
- 3.94
-
duration
long duration
The duration of the credential offer. -
issuerStateIncluded
boolean issuerStateIncluded
The flag to include theissuer_state
property in theauthorization_code
object in thegrants
object. -
jwtAtClaims
String jwtAtClaims
Additional claims that are added to the payload part of the JWT access token.- Since:
- 3.62
-
preAuthorizedCodeGrantIncluded
boolean preAuthorizedCodeGrantIncluded
The flag to include theurn:ietf:params:oauth:grant-type:pre-authorized_code
object in thegrants
object. -
properties
Property[] properties
Extra properties to associate with the credential offer.- Since:
- 3.62
-
subject
String subject
The subject associated with the credential offer. -
txCode
String txCode
The transaction code.- Since:
- 3.91
-
txCodeDescription
String txCodeDescription
The description of the transaction code.- Since:
- 3.91
-
txCodeInputMode
String txCodeInputMode
The input mode of the transaction code.- Since:
- 3.91
-
-
Class com.authlete.common.dto.CredentialOfferCreateResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
action
CredentialOfferCreateResponse.Action action
The result of the/vci/offer/create
API call. -
info
CredentialOfferInfo info
Information about the credential offer.
-
-
Class com.authlete.common.dto.CredentialOfferInfo extends Object implements Serializable
- serialVersionUID:
- 5L
-
Serialized Fields
-
acr
String acr
The Authentication Context Class Reference of the user authentication performed during the course of issuing the credential offer.- Since:
- 3.62
-
authorizationCodeGrantIncluded
boolean authorizationCodeGrantIncluded
The flag indicating whether theauthorization_code
object is included in thegrants
object. -
authTime
long authTime
The time at which the user authentication was performed during the course of issuing the credential offer.- Since:
- 3.62
-
context
String context
The general-purpose arbitrary string. -
credentialConfigurationIds
String[] credentialConfigurationIds
The value of thecredential_configuration_ids
array.- Since:
- 3.93
-
credentialIssuer
URI credentialIssuer
The identifier of the credential issuer.- Since:
- 3.60
-
credentialOffer
String credentialOffer
The credential offer in the JSON format. -
expiresAt
long expiresAt
The time at which the credential offer will expire. -
identifier
String identifier
The identifier of the credential offer. -
issuerState
String issuerState
The value of theissuer_state
property in theauthorization_code
object in thegrants
object. -
issuerStateIncluded
boolean issuerStateIncluded
The flag indicating whether theissuer_state
property is included in theauthorization_code
object in thegrants
object. -
jwtAtClaims
String jwtAtClaims
Additional claims that are added to the payload part of the JWT access token.- Since:
- 3.62
-
preAuthorizedCode
String preAuthorizedCode
The value of thepre-authorized_code
property in theurn:ietf:params:oauth:grant-type:pre-authorized_code
object in thegrants
object. -
preAuthorizedCodeGrantIncluded
boolean preAuthorizedCodeGrantIncluded
The flag indicating whether theurn:ietf:params:oauth:grant-type:pre-authorized_code
object is included in thegrants
object. -
properties
Property[] properties
Extra properties to associate with the credential offer.- Since:
- 3.62
-
subject
String subject
The subject associated with the credential offer. -
txCode
String txCode
The transaction code.- Since:
- 3.91
-
txCodeDescription
String txCodeDescription
The description of the transaction code.- Since:
- 3.91
-
txCodeInputMode
String txCodeInputMode
The input mode of the transaction code.- Since:
- 3.91
-
-
Class com.authlete.common.dto.CredentialOfferInfoRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
identifier
String identifier
The identifier of the credential offer.
-
-
Class com.authlete.common.dto.CredentialOfferInfoResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
action
CredentialOfferInfoResponse.Action action
The result of the/vci/offer/info
API call. -
info
CredentialOfferInfo info
Information about the credential offer.
-
-
Class com.authlete.common.dto.CredentialRequestInfo extends Object implements Serializable
- serialVersionUID:
- 2L
-
Serialized Fields
-
bindingKey
String bindingKey
The binding key specified by the proof in the credential request. -
bindingKeys
String[] bindingKeys
The binding keys specified by the proofs in the credential request.- Since:
- 4.2
-
details
String details
The details about the credential request. -
format
String format
The value of the format parameter in the credential request. -
identifier
String identifier
The identifier of the credential request.
-
-
Class com.authlete.common.dto.CredentialSingleIssueRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
accessToken
String accessToken
The access token that was presented at the credential endpoint. -
order
CredentialIssuanceOrder order
The instruction for credential issuance.
-
-
Class com.authlete.common.dto.CredentialSingleIssueResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 2L
-
Serialized Fields
-
action
CredentialSingleIssueResponse.Action action
The next action that the implementation of the credential endpoint should take. -
responseContent
String responseContent
The content of the response that the implementation of the credential endpoint should return. -
transactionId
String transactionId
The issued transaction ID.
-
-
Class com.authlete.common.dto.CredentialSingleParseRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.CredentialSingleParseResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
action
CredentialSingleParseResponse.Action action
The next action that the credential endpoint should take. -
info
CredentialRequestInfo info
Information about the credential request. -
responseContent
String responseContent
The content of the response to the request sender.
-
-
Class com.authlete.common.dto.DeveloperAuthenticationCallbackRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.DeveloperAuthenticationCallbackResponse extends Object implements Serializable
- serialVersionUID:
- 3L
-
Class com.authlete.common.dto.DeviceAuthorizationRequest extends Object implements Serializable
- serialVersionUID:
- 2L
-
Serialized Fields
-
clientCertificate
String clientCertificate
Client certificate. -
clientCertificatePath
String[] clientCertificatePath
Client certificate path. -
clientId
String clientId
Client ID extracted from Authorization header. -
clientSecret
String clientSecret
Client secret extracted from Authorization header. -
oauthClientAttestation
String oauthClientAttestation
The value of theOAuth-Client-Attestation
HTTP header.- Since:
- 4.3, Authlete 3.0
- See Also:
- OAuth 2.0 Attestation-Based Client Authentication
-
oauthClientAttestationPop
String oauthClientAttestationPop
The value of theOAuth-Client-Attestation-PoP
HTTP header.- Since:
- 4.3, Authlete 3.0
- See Also:
- OAuth 2.0 Attestation-Based Client Authentication
-
parameters
String parameters
Request parameters of a device authorization request.
-
-
Class com.authlete.common.dto.DeviceAuthorizationResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 9L
-
Serialized Fields
-
acrs
String[] acrs
- Since:
- Authlete 2.0.0
-
action
DeviceAuthorizationResponse.Action action
- Since:
- Authlete 2.0.0
-
authorizationDetails
AuthzDetails authorizationDetails
- Since:
- Authlete 2.2.0
-
claimNames
String[] claimNames
- Since:
- Authlete 2.0.0
-
clientAttributes
Pair[] clientAttributes
- Since:
- Authlete 2.2.3
-
clientAuthMethod
ClientAuthMethod clientAuthMethod
- Since:
- Authlete 2.0.0
-
clientEntityId
URI clientEntityId
- Since:
- Authlete 2.3.0
-
clientEntityIdUsed
boolean clientEntityIdUsed
- Since:
- Authlete 2.3.0
-
clientId
long clientId
- Since:
- Authlete 2.0.0
-
clientIdAlias
String clientIdAlias
- Since:
- Authlete 2.0.0
-
clientIdAliasUsed
boolean clientIdAliasUsed
- Since:
- Authlete 2.0.0
-
clientName
String clientName
- Since:
- Authlete 2.0.0
-
deviceCode
String deviceCode
- Since:
- Authlete 2.0.0
-
dynamicScopes
DynamicScope[] dynamicScopes
- Since:
- Authlete 2.2.8
-
expiresIn
int expiresIn
- Since:
- Authlete 2.0.0
-
gmAction
GMAction gmAction
- Since:
- Authlete 2.3.0
-
grant
Grant grant
- Since:
- Authlete 2.3.0
-
grantId
String grantId
- Since:
- Authlete 2.3.0
-
grantSubject
String grantSubject
- Since:
- Authlete 2.3.0
-
interval
int interval
- Since:
- Authlete 2.0.0
-
resources
URI[] resources
- Since:
- Authlete 2.2.1
-
responseContent
String responseContent
- Since:
- Authlete 2.0.0
-
scopes
Scope[] scopes
- Since:
- Authlete 2.0.0
-
serviceAttributes
Pair[] serviceAttributes
- Since:
- Authlete 2.2.3
-
userCode
String userCode
- Since:
- Authlete 2.0.0
-
verificationUri
URI verificationUri
- Since:
- Authlete 2.0.0
-
verificationUriComplete
URI verificationUriComplete
- Since:
- Authlete 2.0.0
-
warnings
String[] warnings
- Since:
- Authlete 2.0.0
-
-
Class com.authlete.common.dto.DeviceCompleteRequest extends Object implements Serializable
- serialVersionUID:
- 7L
-
Serialized Fields
-
accessTokenDuration
long accessTokenDuration
The duration of the access token that may be issued as a result of the Authlete API call.- Since:
- 4.8, Authlete 2.3.20, Authlete 3.0
-
acr
String acr
The authentication context class reference.- Since:
- 2.44
-
authTime
long authTime
The time at which the end-user was authenticated.- Since:
- 2.44
-
claims
String claims
Additional claims in JSON format.- Since:
- 2.44
-
consentedClaims
String[] consentedClaims
Claims that the user has consented for the client application to know.- Since:
- 3.7
-
errorDescription
String errorDescription
The description of the error. This property is referred to when the result is not AUTHORIZED. -
errorUri
URI errorUri
The URI of a document which describes the error in detail. This property is referred to when the result is not AUTHORIZED. -
idtHeaderParams
String idtHeaderParams
JSON that represents additional JWS header parameters for the ID token which may be issued from the token endpoint.- Since:
- 2.79
-
idTokenAudType
String idTokenAudType
The type of theaud
claim in the ID token being issued.- Since:
- 3.57, Authlete 2.3.3
-
jwtAtClaims
String jwtAtClaims
Additional claims that are added to the payload part of the JWT access token.- Since:
- 3.23
-
properties
Property[] properties
Extra properties associated with the access token. -
refreshTokenDuration
long refreshTokenDuration
The duration of the refresh token that may be issued as a result of the Authlete API call.- Since:
- 4.8, Authlete 2.3.20, Authlete 3.0
-
result
DeviceCompleteRequest.Result result
The result of the end-user authentication and authorization. -
scopes
String[] scopes
Scopes associated with the access token. If this field isnull
, the scopes specified in the original device authorization request are used. In other cases, the scopes here will replace the original scopes contained in the original request. -
sub
String sub
The value of thesub
claim for the ID token. When this field is empty,subject
is used as the value of thesub
claim.- Since:
- 2.44
-
subject
String subject
The subject (= unique identifier) of the end-user. -
userCode
String userCode
The user code input by the end-user.
-
-
Class com.authlete.common.dto.DeviceCompleteResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
action
DeviceCompleteResponse.Action action
-
-
Class com.authlete.common.dto.DeviceVerificationRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
userCode
String userCode
The user code.
-
-
Class com.authlete.common.dto.DeviceVerificationResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 9L
-
Serialized Fields
-
acrs
String[] acrs
- Since:
- Authlete 2.0.0
-
action
DeviceVerificationResponse.Action action
- Since:
- Authlete 2.0.0
-
authorizationDetails
AuthzDetails authorizationDetails
- Since:
- Authlete 2.2.0
-
claimNames
String[] claimNames
- Since:
- Authlete 2.0.0
-
clientAttributes
Pair[] clientAttributes
- Since:
- Authlete 2.2.3
-
clientEntityId
URI clientEntityId
- Since:
- Authlete 2.3.0
-
clientEntityIdUsed
boolean clientEntityIdUsed
- Since:
- Authlete 2.3.0
-
clientId
long clientId
- Since:
- Authlete 2.0.0
-
clientIdAlias
String clientIdAlias
- Since:
- Authlete 2.0.0
-
clientIdAliasUsed
boolean clientIdAliasUsed
- Since:
- Authlete 2.0.0
-
clientName
String clientName
- Since:
- Authlete 2.0.0
-
dynamicScopes
DynamicScope[] dynamicScopes
- Since:
- Authlete 2.2.0
-
expiresAt
long expiresAt
- Since:
- Authlete 2.0.0
-
gmAction
GMAction gmAction
- Since:
- Authlete 2.3.0
-
grant
Grant grant
- Since:
- Authlete 2.3.0
-
grantId
String grantId
- Since:
- Authlete 2.3.0
-
grantSubject
String grantSubject
- Since:
- Authlete 2.3.0
-
resources
URI[] resources
- Since:
- Authlete 2.2.1
-
scopes
Scope[] scopes
- Since:
- Authlete 2.0.0
-
serviceAttributes
Pair[] serviceAttributes
- Since:
- Authlete 2.2.3
-
-
Class com.authlete.common.dto.DynamicScope extends Object implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.FederationConfigurationRequest extends Object implements Serializable
- serialVersionUID:
- 2L
-
Serialized Fields
-
entityTypes
EntityType[] entityTypes
-
-
Class com.authlete.common.dto.FederationConfigurationResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
action
FederationConfigurationResponse.Action action
-
responseContent
String responseContent
-
-
Class com.authlete.common.dto.FederationRegistrationRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.FederationRegistrationResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
action
FederationRegistrationResponse.Action action
-
client
Client client
-
responseContent
String responseContent
-
-
Class com.authlete.common.dto.GMRequest extends Object implements Serializable
- serialVersionUID:
- 2L
-
Serialized Fields
-
accessToken
String accessToken
The access token. -
clientCertificate
String clientCertificate
The client certificate used in the TLS connection established between the client application and the grant management endpoint. -
dpop
String dpop
TheDPoP
HTTP header. -
dpopNonceRequired
boolean dpopNonceRequired
Whether to check if the DPoP proof JWT includes the expected nonce value.- Since:
- 3.82, Authlete 3.0
-
gmAction
GMAction gmAction
A grant management action; either QUERY or REVOKE. -
grantId
String grantId
The grant ID. -
htm
String htm
The HTTP method of the grant management request. -
htu
String htu
The URL of the grant management endpoint.
-
-
Class com.authlete.common.dto.GMResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 2L
-
Serialized Fields
-
action
GMResponse.Action action
-
dpopNonce
String dpopNonce
- Since:
- Authlete 3.0.0
-
responseContent
String responseContent
-
-
Class com.authlete.common.dto.Grant extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
authorizationDetails
AuthzDetails authorizationDetails
-
claims
String[] claims
-
scopes
GrantScope[] scopes
-
-
Class com.authlete.common.dto.GrantedScopesGetResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.GrantScope extends Object implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.Hsk extends Object implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.HskCreateRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.HskListResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
action
HskListResponse.Action action
-
hsks
Hsk[] hsks
-
-
Class com.authlete.common.dto.HskResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
action
HskResponse.Action action
-
hsk
Hsk hsk
-
-
Class com.authlete.common.dto.IDTokenReissueRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.IDTokenReissueResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
action
IDTokenReissueResponse.Action action
-
idToken
String idToken
-
responseContent
String responseContent
-
-
Class com.authlete.common.dto.IntrospectionRequest extends Object implements Serializable
- serialVersionUID:
- 7L
-
Serialized Fields
-
acrValues
String[] acrValues
Authentication Context Class Reference values one of which the user authentication performed during the course of issuing the access token must satisfy.- Since:
- 3.40, Authlete 2.3
-
clientCertificate
String clientCertificate
Client certificate used in the mutual TLS connection between the client application and the protected resource endpoint. -
dpop
String dpop
DPoP Header. -
dpopNonceRequired
boolean dpopNonceRequired
Whether to check if the DPoP proof JWT includes the expected nonce value.- Since:
- 3.82, Authlete 3.0
-
headers
Pair[] headers
HTTP headers to be included in processing the signature. If this is a signed request, this must include the Signature and Signature-Input headers, as well as any additional headers covered by the signature.- Since:
- 3.38, Authlete 2.3
-
htm
String htm
HTTP Method (for DPoP validation). -
htu
String htu
HTTP URL base (for DPoP validation). -
maxAge
int maxAge
The maximum authentication age which is the maximum allowable elapsed time since the user authentication was performed during the course of issuing the access token.- Since:
- 3.40, Authlete 2.3
-
message
String message
The HTTP message body of the request, if present.- Since:
- 3.38, Authlete 2.3
-
requiredComponents
String[] requiredComponents
HTTP Message Components required to be in the signature. If absent, defaults to "@method", "@target-uri", and appropriate headers such as "authorization" and "dpop".- Since:
- 3.38, Authlete 2.3
-
resources
URI[] resources
Resource indicators. -
scopes
String[] scopes
Required scopes for access to the protected resource endpoint. -
subject
String subject
Expected identifier of resource owner. -
token
String token
Access token to introspect. -
uri
String uri
The full URL of the resource server.- Since:
- 3.38, Authlete 2.3
-
-
Class com.authlete.common.dto.IntrospectionResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 22L
-
Serialized Fields
-
accessTokenResources
URI[] accessTokenResources
The target resources of the access token.- Since:
- Authlete 2.2.0
-
acr
String acr
The Authentication Context Class Reference of the user authentication that the authorization server performed during the course of issuing the access token.- Since:
- 3.40, Authlete 2.3
-
action
IntrospectionResponse.Action action
The next action the service implementation should take.- Since:
- Authlete 1.1
-
authorizationDetails
AuthzDetails authorizationDetails
The content of the"authorization_details"
request parameter which was included in the request that obtained the token.- Since:
- Authlete 2.2.0
-
authTime
long authTime
The time when the user authentication was performed during the course of issuing the access token.- Since:
- 3.40, Authlete 2.3
-
certificateThumbprint
String certificateThumbprint
Confirmation hash for MTLS-bound access tokens. Currently only the S256 type is supported and is assumed.- Since:
- Authlete 1.1.17
-
clientAttributes
Pair[] clientAttributes
The attributes of the client that the access token has been issued to.- Since:
- Authlete 2.2.3
-
clientEntityId
URI clientEntityId
The entity ID of the client.- Since:
- 3.37, Authlete 2.3
-
clientEntityIdUsed
boolean clientEntityIdUsed
Flag which indicates whether the entity ID of the client was used when the request for the access token was made.- Since:
- 3.37, Authlete 2.3
-
clientId
long clientId
The client ID.- Since:
- Authlete 1.1
-
clientIdAlias
String clientIdAlias
The client ID alias when the authorization request or the token request for the access token was made.- Since:
- Authlete 1.1
-
clientIdAliasUsed
boolean clientIdAliasUsed
Flag which indicates whether the client ID alias was used when the authorization request or the token request for the access token was made.- Since:
- Authlete 1.1
-
cnonce
String cnonce
Thec_nonce
.The
cNonce
field added by the version 3.63 has been renamed tocnonce
by the version 3.90.- Since:
- 3.90, Authlete 3.0
-
cnonceExpiresAt
long cnonceExpiresAt
The time at which thec_nonce
expires.The
cNonceExpiresAt
field added by the version 3.63 has been renamed tocnonceExpiresAt
by the version 3.90.- Since:
- 3.90, Authlete 3.0
-
consentedClaims
String[] consentedClaims
Claims that the user has consented for the client application to know.- Since:
- Authlete 2.3.0
-
dpopNonce
String dpopNonce
The expected nonce value for DPoP proof JWT, which should be used as the value of theDPoP-Nonce
HTTP header.- Since:
- 3.82, Authlete 3.0
-
existent
boolean existent
Flag to indicate whether the access token exists.- Since:
- Authlete 1.1
-
expiresAt
long expiresAt
The time at which the access token expires.- Since:
- Authlete 1.1
-
forCredentialIssuance
boolean forCredentialIssuance
The flag indicating whether the token is for credential issuance.- Since:
- 3.62, Authlete 3.0
-
forExternalAttachment
boolean forExternalAttachment
Flag that indicates whether the token is for an external attachment.- Since:
- 3.16, Authlete 2.3.0
-
grant
Grant grant
Grant that this access token has inherited.- Since:
- Authlete 2.3.0
-
grantId
String grantId
Grant ID that this access token is tied to.- Since:
- Authlete 2.3.0
-
grantType
GrantType grantType
The grant type that was used for the issuance of the access token.- Since:
- 3.41, Authlete 2.1.24, Authlete 2.2.36, Authlete 2.3
-
issuableCredentials
String issuableCredentials
The credentials that can be obtained by presenting the access token.- Since:
- 3.78, Authlete 3.0
-
properties
Property[] properties
Extra properties associated with the access token.- Since:
- Authlete 1.1
-
refreshable
boolean refreshable
Flag to indicate whether the access token is refreshable.- Since:
- Authlete 1.1
-
resources
URI[] resources
The target resources specified by the initial request.- Since:
- Authlete 2.2.1
-
responseContent
String responseContent
Entity body of the response to the client.- Since:
- Authlete 1.1
-
scopeDetails
Scope[] scopeDetails
Scope details.- Since:
- 3.16, Authlete 2.3.0
-
scopes
String[] scopes
Scopes.- Since:
- Authlete 1.1
-
serviceAttributes
Pair[] serviceAttributes
The attributes of the service that the client belongs to.- Since:
- Authlete 2.2.3
-
subject
String subject
Resource owner's user account.- Since:
- Authlete 1.1
-
sufficient
boolean sufficient
Flag to indicate whether the access token covers the required scopes.- Since:
- Authlete 1.1
-
usable
boolean usable
Flag to indicate whether the access token is usable (= exists and has not expired).- Since:
- Authlete 1.1
-
-
Class com.authlete.common.dto.JoseVerifyRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
clientIdentifier
String clientIdentifier
The identifier of the client application. -
clockSkew
int clockSkew
Allowable clock skew in seconds for verification of exp, nbf and iat claims. -
jose
String jose
The JOSE object that will be verified. -
mandatoryClaims
String[] mandatoryClaims
Mandatory claims that must be included in the JOSE object. This assumes that the payload part of the JOSE object can be parsed as JSON. -
signedByClient
boolean signedByClient
The flag which indicates whether the JOSE object has been signed by a client application with the client's private key or a shared symmetric key.
-
-
Class com.authlete.common.dto.JoseVerifyResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
errorDescriptions
String[] errorDescriptions
Error messages. -
invalidClaims
String[] invalidClaims
Invalid claims. -
missingClaims
String[] missingClaims
Claims that are not included although they are specified by the mandatoryClaims request parameter. -
signatureValid
boolean signatureValid
The result of the signature verification. -
valid
boolean valid
The result of the verification on the JOSE object.
-
-
Class com.authlete.common.dto.NamedUri extends Object implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.Pair extends Object implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.Property extends Object implements Serializable
- serialVersionUID:
- 2L
-
Class com.authlete.common.dto.PushedAuthReqRequest extends Object implements Serializable
- serialVersionUID:
- 3L
-
Serialized Fields
-
clientCertificate
String clientCertificate
Client certificate. -
clientCertificatePath
String[] clientCertificatePath
Client certificate path. -
clientId
String clientId
Client ID extracted from the Authorization header. -
clientSecret
String clientSecret
Client secret extracted from the Authorization header. -
dpop
String dpop
DPoP Header -
dpopNonceRequired
boolean dpopNonceRequired
Whether to check if the DPoP proof JWT includes the expected nonce value.- Since:
- 3.82, Authlete 3.0
-
htm
String htm
HTTP Method (for DPoP validation). -
htu
String htu
HTTP URL base (for DPoP validation). -
oauthClientAttestation
String oauthClientAttestation
The value of theOAuth-Client-Attestation
HTTP header.- Since:
- 4.3, Authlete 3.0
- See Also:
- OAuth 2.0 Attestation-Based Client Authentication
-
oauthClientAttestationPop
String oauthClientAttestationPop
The value of theOAuth-Client-Attestation-PoP
HTTP header.- Since:
- 4.3, Authlete 3.0
- See Also:
- OAuth 2.0 Attestation-Based Client Authentication
-
parameters
String parameters
Request parameters of the request to the pushed authorization request endpoint.
-
-
Class com.authlete.common.dto.PushedAuthReqResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 2L
-
Serialized Fields
-
action
PushedAuthReqResponse.Action action
- Since:
- Authlete 2.2.0
-
clientAuthMethod
ClientAuthMethod clientAuthMethod
- Since:
- Authlete 2.3.13
-
dpopNonce
String dpopNonce
- Since:
- Authlete 3.0.0
-
requestUri
URI requestUri
- Since:
- Authlete 2.2.0
-
responseContent
String responseContent
- Since:
- Authlete 2.2.0
-
-
Class com.authlete.common.dto.ResourceServerSignatureRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
headers
Pair[] headers
The HTTP response headers, all will be included in the signature. -
message
String message
The HTTP message response body. If included, the response will include the Content-Digest of the message and the digest will be covered in the signature. -
requestSignature
String requestSignature
TheSignature
header value from the request. All signatures in this header will be included in the output signature. -
status
int status
The HTTP status code of the response.
-
-
Class com.authlete.common.dto.ResourceServerSignatureResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
action
ResourceServerSignatureResponse.Action action
The action to take. -
contentDigest
String contentDigest
TheContent-Digest
header value to add to the response message. -
signature
String signature
TheSignature
header value to add to the response message. -
signatureInput
String signatureInput
TheSignature-Input
header value to add to the response message.
-
-
Class com.authlete.common.dto.RevocationRequest extends Object implements Serializable
- serialVersionUID:
- 4L
-
Serialized Fields
-
clientCertificate
String clientCertificate
Client certificate. -
clientCertificatePath
String[] clientCertificatePath
Client certificate path. -
clientId
String clientId
Client ID. -
clientSecret
String clientSecret
Client secret. -
oauthClientAttestation
String oauthClientAttestation
The value of theOAuth-Client-Attestation
HTTP header.- Since:
- 4.3, Authlete 3.0
- See Also:
- OAuth 2.0 Attestation-Based Client Authentication
-
oauthClientAttestationPop
String oauthClientAttestationPop
The value of theOAuth-Client-Attestation-PoP
HTTP header.- Since:
- 4.3, Authlete 3.0
- See Also:
- OAuth 2.0 Attestation-Based Client Authentication
-
parameters
String parameters
OAuth 2.0 token revocation request parameters.
-
-
Class com.authlete.common.dto.RevocationResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
action
RevocationResponse.Action action
-
responseContent
String responseContent
-
-
Class com.authlete.common.dto.Scope extends Object implements Serializable
- serialVersionUID:
- 3L
-
Serialized Fields
-
attributes
Pair[] attributes
Attributes of this scope. -
defaultEntry
boolean defaultEntry
Flag that indicates whether this scope is included in the default scope list. -
description
String description
Description of this scope. -
descriptions
TaggedValue[] descriptions
Descriptions for various languages. -
name
String name
Scope name.
-
-
Class com.authlete.common.dto.Scope.NameComparator extends Object implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.Service extends Object implements Serializable
- serialVersionUID:
- 81L
-
Serialized Fields
-
accessTokenDuration
long accessTokenDuration
Duration of access tokens in seconds.- Since:
- Authlete 1.1
-
accessTokenForExternalAttachmentEmbedded
boolean accessTokenForExternalAttachmentEmbedded
The flag indicating whether Authlete generates access tokens for external attachments and embeds them in ID tokens and userinfo responses.- Since:
- 3.16, Authlete 2.3
-
accessTokenSignAlg
JWSAlg accessTokenSignAlg
Signature algorithm of JWT-based access tokens. When this property is not null, access tokens issued by this service are JWTs. Otherwise, access tokens are random strings as before.Symmetric algorithms are not supported.
- Since:
- 2.37, Authlete 2.0.0
-
accessTokenSignatureKeyId
String accessTokenSignatureKeyId
Key ID to identify a JWK used for access token signature using an asymmetric key.- Since:
- 2.37, Authlete 2.0.0
-
accessTokenType
String accessTokenType
Access token type.- Since:
- Authlete 1.1
- See Also:
- RFC 6749 (OAuth 2.0), 7.1. Access Token Types
-
allowableClockSkew
int allowableClockSkew
The allowable clock skew between the server and clients.- Since:
- 2.32, Authlete 2.0.0
-
apiKey
long apiKey
API key.- Since:
- Authlete 1.1
-
apiSecret
String apiSecret
Deprecated.Authlete 3.0API secret.- Since:
- Authlete 1.1
-
attributes
Pair[] attributes
Arbitrary attributes associated with this service.- Since:
- 2.87, Authlete 2.2.3
-
authenticationCallbackApiKey
String authenticationCallbackApiKey
- Since:
- Authlete 1.1
-
authenticationCallbackApiSecret
String authenticationCallbackApiSecret
- Since:
- Authlete 1.1
-
authenticationCallbackEndpoint
URI authenticationCallbackEndpoint
- Since:
- Authlete 1.1
-
authorityHints
URI[] authorityHints
Identifiers of entities that can issue entity statements for this service. This property corresponds to theauthority_hints
property that appears in a self-signed entity statement that is defined in OpenID Federation 1.0.- Since:
- 3.22, Authlete 2.3
-
authorizationEndpoint
URI authorizationEndpoint
- Since:
- Authlete 1.1
-
authorizationResponseDuration
long authorizationResponseDuration
Duration of authorization response JWTs.- Since:
- 2.28, Authlete 2.0.0
-
authorizationSignatureKeyId
String authorizationSignatureKeyId
Key ID to identify a JWK used for signing authorization responses using an asymmetric key. Regarding "signing the authorization response", see Financial-grade API: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM)- Since:
- 2.28, Authlete 2.0.0
-
backchannelAuthenticationEndpoint
URI backchannelAuthenticationEndpoint
The backchannel authentication endpoint. This property corresponds to thebackchannel_authentication_endpoint
metadata.- Since:
- 2.32, Authlete 2.0.0
-
backchannelAuthReqIdDuration
int backchannelAuthReqIdDuration
Duration of backchannel authentication request IDs issued from the backchannel authentication endpoint in seconds. This is used as the value of theexpires_in
property in responses from the backchannel authentication endpoint.- Since:
- 2.32, Authlete 2.0.0
-
backchannelBindingMessageRequiredInFapi
boolean backchannelBindingMessageRequiredInFapi
Boolean flag which indicates whether thebinding_message
request parameter is always required whenever a backchannel authentication request is judged as a request for Financial-grade API.- Since:
- 2.48, Authlete 2.0.0
-
backchannelPollingInterval
int backchannelPollingInterval
The minimum interval between polling requests to the token endpoint from client applications in seconds. This is used as the value of theinterval
property in responses from the backchannel authentication endpoint.- Since:
- 2.32, Authlete 2.0.0
-
backchannelUserCodeParameterSupported
boolean backchannelUserCodeParameterSupported
Boolean flag which indicates whether "user code" is supported at the backchannel authentication endpoint. This property corresponds to thebackchannel_user_code_parameter_supported
metadata.- Since:
- 2.32, Authlete 2.0.0
-
claimShortcutRestrictive
boolean claimShortcutRestrictive
The flag indicating whether claims specified by shortcut scopes (e.g. profile) are included in the issued ID token only when no access token is issued.- Since:
- 2.81, Authlete 2.2.1
-
clientIdAliasEnabled
boolean clientIdAliasEnabled
- Since:
- Authlete 1.1
-
clientsPerDeveloper
int clientsPerDeveloper
- Since:
- Authlete 1.1
-
cnonceDuration
long cnonceDuration
The duration ofc_nonce
.The
cNonceDuration
field added by the version 3.63 has been renamed tocnonceDuration
by the version 3.90.- Since:
- 3.90, Authlete 3.0
-
createdAt
long createdAt
- Since:
- Authlete 1.1
-
credentialDuration
long credentialDuration
The default duration of credentials in seconds.- Since:
- 3.67, Authlete 3.0
-
credentialIssuerMetadata
CredentialIssuerMetadata credentialIssuerMetadata
Credential issuer metadata.- Since:
- 3.55, Authlete 3.0
-
credentialJwks
String credentialJwks
JWK Set document containing private keys that are used to sign verifiable credentials.- Since:
- 3.67, Authlete 3.0
-
credentialJwksUri
URI credentialJwksUri
The URL at which the JWK Set document of the credential issuer is exposed.- Since:
- 3.79, Authlete 3.0
-
credentialOfferDuration
long credentialOfferDuration
The default duration of credential offers in seconds.- Since:
- 3.59, Authlete 3.0
-
credentialTransactionDuration
long credentialTransactionDuration
The duration of credential transaction in seconds.- Since:
- 3.66, Authlete 3.0
-
dcrDuplicateSoftwareIdBlocked
boolean dcrDuplicateSoftwareIdBlocked
The flag indicating whether to block DCR (Dynamic Client Registration) requests whosesoftware_id
has already been used previously.- Since:
- 3.32, Authlete 2.2.30
-
dcrScopeUsedAsRequestable
boolean dcrScopeUsedAsRequestable
The flag indicating whether thescope
request parameter in dynamic client registration/update requests is used as requestable scopes.- Since:
- 3.5, Authlete 2.3.0
-
description
String description
Description of this service.- Since:
- Authlete 1.1
-
developerAuthenticationCallbackApiKey
String developerAuthenticationCallbackApiKey
Deprecated.Authlete 3.0- Since:
- Authlete 1.1
-
developerAuthenticationCallbackApiSecret
String developerAuthenticationCallbackApiSecret
Deprecated.Authlete 3.0- Since:
- Authlete 1.1
-
developerAuthenticationCallbackEndpoint
URI developerAuthenticationCallbackEndpoint
Deprecated.Authlete 3.0- Since:
- Authlete 1.1
-
developerSnsCredentials
SnsCredentials[] developerSnsCredentials
Deprecated.Authlete 3.0- Since:
- Authlete 1.1
-
deviceAuthorizationEndpoint
URI deviceAuthorizationEndpoint
The device authorization endpoint. This property corresponds to thedevice_authorization_endpoint
metadata.- Since:
- 2.42, Authlete 2.0.0
-
deviceFlowCodeDuration
int deviceFlowCodeDuration
Duration of device verification codes and end-user verification codes issued from the device authorization endpoint in seconds. This is used as the value of theexpires_in
property in responses from the device authorization endpoint.- Since:
- 2.42, Authlete 2.0.0
-
deviceFlowPollingInterval
int deviceFlowPollingInterval
The minimum interval between polling requests to the token endpoint from client applications in seconds in device flow. This is used as the value of theinterval
property in responses from the device authorization endpoint.- Since:
- 2.42, Authlete 2.0.0
-
deviceVerificationUri
URI deviceVerificationUri
The verification URI for the device flow.- Since:
- 2.42, Authlete 2.0.0
-
deviceVerificationUriComplete
URI deviceVerificationUriComplete
The verification URI for the device flow with a placeholder for a user code.- Since:
- 2.42, Authlete 2.0.0
-
directAuthorizationEndpointEnabled
boolean directAuthorizationEndpointEnabled
- Since:
- Authlete 1.1
-
directIntrospectionEndpointEnabled
boolean directIntrospectionEndpointEnabled
- Since:
- Authlete 1.1
-
directJwksEndpointEnabled
boolean directJwksEndpointEnabled
- Since:
- Authlete 1.1
-
directRevocationEndpointEnabled
boolean directRevocationEndpointEnabled
- Since:
- Authlete 1.1
-
directTokenEndpointEnabled
boolean directTokenEndpointEnabled
- Since:
- Authlete 1.1
-
directUserInfoEndpointEnabled
boolean directUserInfoEndpointEnabled
- Since:
- Authlete 1.1
-
dpopNonceDuration
long dpopNonceDuration
The duration of nonce values for DPoP proof JWTs in seconds.- Since:
- 3.82, Authlete 3.0
-
dpopNonceRequired
boolean dpopNonceRequired
Whether to require DPoP proof JWTs to include thenonce
claim whenever they are presented.- Since:
- 3.82, Authlete 3.0
-
dynamicRegistrationSupported
boolean dynamicRegistrationSupported
- Since:
- Authlete 2.0.0
-
endSessionEndpoint
URI endSessionEndpoint
- Since:
- Authlete 2.2.1
-
errorDescriptionOmitted
boolean errorDescriptionOmitted
- Since:
- Authlete 1.1
-
errorUriOmitted
boolean errorUriOmitted
- Since:
- Authlete 1.1
-
fapiModes
FapiMode[] fapiModes
The FAPI modes for this service.- Since:
- 3.80, Authlete 3.0
-
federationConfigurationDuration
long federationConfigurationDuration
The duration of the entity configuration in seconds.- Since:
- 3.31, Authlete 2.3
-
federationEnabled
boolean federationEnabled
The flag indicating whether this service supports OpenID Federation 1E0.- Since:
- 3.22, Authlete 2.3
-
federationJwks
String federationJwks
JWK Set document containing keys that are used to sign (1) self-signed entity statement of this service and (2) the response fromsigned_jwks_uri
.- Since:
- 3.22, Authlete 2.3
-
federationRegistrationEndpoint
URI federationRegistrationEndpoint
The URI of the federation registration endpoint. This property corresponds to thefederation_registration_endpoint
server metadata that is defined in OpenID Federation 1.0.- Since:
- 3.22, Authlete 2.3
-
federationSignatureKeyId
String federationSignatureKeyId
A key ID to identify a JWK used to sign the entity configuration and the signed JWK Set.- Since:
- 3.31, Authlete 2.3
-
frontChannelRequestObjectEncryptionRequired
boolean frontChannelRequestObjectEncryptionRequired
The flag indicating whether encryption of request object is required when the request object is passed through the front channel.- Since:
- 2.96, Authlete 2.2.10
-
grantManagementActionRequired
boolean grantManagementActionRequired
The flag indicating whether every authorization request must include thegrant_management_action
request parameter.- Since:
- 3.1, Authlete 2.3.0
-
grantManagementEndpoint
URI grantManagementEndpoint
The URL of the grant management endpoint.- Since:
- 3.1, Authlete 2.3.0
-
hsks
Hsk[] hsks
Hardware-secured keys. Output only.- Since:
- 2.97, Authlete 2.2.13
-
hsmEnabled
boolean hsmEnabled
The flag indicating whether HSM (Hardware Security Module) support is enabled for this service.- Since:
- 2.97, Authlete 2.2.13
-
idTokenAudType
String idTokenAudType
The type of theaud
claim in ID tokens.- Since:
- 3.57, Authlete 2.3.3
-
idTokenDuration
long idTokenDuration
Duration of ID tokens in seconds.- Since:
- Authlete 1.1
-
idTokenReissuable
boolean idTokenReissuable
The flag indicating whether to enable the feature of ID token reissuance in the refresh token flow.- Since:
- 3.68, Authlete 2.3.8, Authlete 3.0
-
idTokenSignatureKeyId
String idTokenSignatureKeyId
Key ID to identify a JWK used for ID token signature using an asymmetric key.- Since:
- 2.1, Authlete 1.1
-
introspectionEndpoint
URI introspectionEndpoint
- Since:
- Authlete 1.1.19
-
introspectionSignatureKeyId
String introspectionSignatureKeyId
The key ID of the key for signing introspection responses.- Since:
- 3.77, Authlete 3.0
-
issSuppressed
boolean issSuppressed
The flag indicating whether generation of theiss
response parameter is suppressed.- Since:
- 2.86, Authlete 2.2.1
-
issuer
URI issuer
- Since:
- Authlete 1.1
-
jwks
String jwks
- Since:
- Authlete 1.1
-
jwksUri
URI jwksUri
- Since:
- Authlete 1.1
-
jwtGrantByIdentifiableClientsOnly
boolean jwtGrantByIdentifiableClientsOnly
The flag indicating whether to prohibit unidentifiable clients from using the grant type"urn:ietf:params:oauth:grant-type:jwt-bearer"
.- Since:
- 3.30, Authlete 2.3
-
jwtGrantEncryptedJwtRejected
boolean jwtGrantEncryptedJwtRejected
The flag indicating whether to reject token requests that use an encrypted JWT as an authorization grant with the grant type"urn:ietf:params:oauth:grant-type:jwt-bearer"
.- Since:
- 3.30, Authlete 2.3
-
jwtGrantUnsignedJwtRejected
boolean jwtGrantUnsignedJwtRejected
The flag indicating whether to reject token requests that use an unsigned JWT as an authorization grant with the grant type"urn:ietf:params:oauth:grant-type:jwt-bearer"
.- Since:
- 3.30, Authlete 2.3
-
loopbackRedirectionUriVariable
boolean loopbackRedirectionUriVariable
The flag indicating whether the port number component of redirection URIs can be variable when the host component indicates loopback.- Since:
- 3.12, Authlete 2.3.0
-
metadata
Pair[] metadata
Metadata.- Since:
- 1.39, Authlete 1.1
-
missingClientIdAllowed
boolean missingClientIdAllowed
The flag indicating whether token requests from public clients without theclient_id
request parameter are allowed when the client can be guessed fromauthorization_code
orrefresh_token
.Don't set this flag unless you have special reasons.
- Since:
- 2.68, Authlete 2.2.1
-
modifiedAt
long modifiedAt
- Since:
- Authlete 1.1
-
mtlsEndpointAliases
NamedUri[] mtlsEndpointAliases
MTLS endpoint aliases.- Since:
- 2.49, Authlete 2.0.0
-
mutualTlsValidatePkiCertChain
boolean mutualTlsValidatePkiCertChain
- Since:
- Authlete 1.1.19
-
nbfOptional
boolean nbfOptional
The flag indicating whether thenbf
claim in the request object is optional even when the authorization request is regarded as a FAPI-Part2 request.- Since:
- 2.86, Authlete 2.2.1
-
number
int number
Service number.- Since:
- Authlete 1.1
-
openidDroppedOnRefreshWithoutOfflineAccess
boolean openidDroppedOnRefreshWithoutOfflineAccess
The flag indicating whether to remove theopenid
scope from a new access token issued by the refresh token flow if the presented refresh token does not contain theoffline_access
scope.- Since:
- 3.42, Authlete 2.2.36
-
organizationName
String organizationName
The human-readable name representing the organization that operates this service. This property corresponds to theorganization_name
server metadata that is defined in OpenID Federation 1.0.- Since:
- 3.22, Authlete 2.3
-
parRequired
boolean parRequired
The flag indicating whether this service requires that clients use the pushed authorization request endpoint.- Since:
- 2.77, Authlete 2.2.1
-
pkceRequired
boolean pkceRequired
- Since:
- Authlete 1.1
-
pkceS256Required
boolean pkceS256Required
- Since:
- Authlete 1.1
-
policyUri
URI policyUri
- Since:
- Authlete 1.1
-
preAuthorizedGrantAnonymousAccessSupported
boolean preAuthorizedGrantAnonymousAccessSupported
The flag indicating whether token requests using the pre-authorized code grant flow by unidentifiable clients are allowed.- Since:
- 3.62, Authlete 3.0
-
predefinedTransformedClaims
String predefinedTransformedClaims
Predefined transformed claims in JSON format. Available from Authlete 2.3 onwards.- Since:
- 3.8, Authlete 2.3.0
-
pushedAuthReqDuration
long pushedAuthReqDuration
Duration of pushed authorization requests.- Since:
- 2.51, Authlete 2.2.0
-
pushedAuthReqEndpoint
URI pushedAuthReqEndpoint
The URI of the pushed authorization request endpoint.- Since:
- 2.52, Authlete 2.2.0
-
refreshTokenDuration
long refreshTokenDuration
Duration of refresh tokens in seconds.- Since:
- Authlete 1.1
-
refreshTokenDurationKept
boolean refreshTokenDurationKept
- Since:
- Authlete 2.2.1
-
refreshTokenDurationReset
boolean refreshTokenDurationReset
- Since:
- Authlete 2.2.13
-
refreshTokenIdempotent
boolean refreshTokenIdempotent
The flag indicating whether refresh token requests with the same refresh token can be made multiple times in quick succession and they can obtain the same renewed refresh token within the short period.- Since:
- 3.21, Authlete 2.3
-
refreshTokenKept
boolean refreshTokenKept
- Since:
- Authlete 1.1
-
registrationEndpoint
URI registrationEndpoint
- Since:
- Authlete 1.1
-
registrationManagementEndpoint
URI registrationManagementEndpoint
- Since:
- Authlete 2.0.0
-
requestObjectAudienceChecked
boolean requestObjectAudienceChecked
The flag indicating whether Authlete checks whether theaud
claim of request objects matches the issuer identifier of this service.- Since:
- 3.14, Authlete 2.3.0
-
requestObjectEncryptionAlgMatchRequired
boolean requestObjectEncryptionAlgMatchRequired
The flag indicating whether the JWEalg
of encrypted request object must match the value of therequest_object_encryption_alg
client metadata.- Since:
- 2.96, Authlete 2.2.10
-
requestObjectEncryptionEncMatchRequired
boolean requestObjectEncryptionEncMatchRequired
The flag indicating whether the JWEenc
of encrypted request object must match the value of therequest_object_encryption_enc
client metadata.- Since:
- 2.96, Authlete 2.2.10
-
requestObjectRequired
boolean requestObjectRequired
The flag indicating whether authorization requests must utilize a request object.- Since:
- 2.80, Authlete 2.2.1
-
resourceSignatureKeyId
String resourceSignatureKeyId
The key ID of a JWK containing the private key used by this service to sign responses from the resource server.- Since:
- 3.39, Authlete 2.3
-
revocationEndpoint
URI revocationEndpoint
- Since:
- Authlete 1.1
-
rsResponseSigned
boolean rsResponseSigned
The flag indicating whether this service signs responses from the resource server.- Since:
- 3.39, Authlete 2.3
-
scopeRequired
boolean scopeRequired
The flag indicating whether requests that request no scope are rejected or not.- Since:
- 2.81, Authlete 2.2.1
-
serviceDocumentation
URI serviceDocumentation
- Since:
- Authlete 1.1
-
serviceName
String serviceName
Service name.- Since:
- Authlete 1.1
-
serviceOwnerNumber
int serviceOwnerNumber
Deprecated.Authlete 3.0Service owner number.- Since:
- Authlete 1.1
-
signedJwksUri
URI signedJwksUri
The URI of the endpoint that returns this service's JWK Set document in the JWT format. This property corresponds to thesigned_jwks_uri
server metadata defined in OpenID Federation 1.0.- Since:
- 3.22, Authlete 2.3
-
singleAccessTokenPerSubject
boolean singleAccessTokenPerSubject
- Since:
- Authlete 1.1
-
snsCredentials
SnsCredentials[] snsCredentials
Deprecated.Authlete 3.0- Since:
- Authlete 1.1
-
supportedAcrs
String[] supportedAcrs
- Since:
- Authlete 1.1
-
supportedAttachments
AttachmentType[] supportedAttachments
Supported attachment types. This property corresponds to theattachments_supported
server metadata which was added by the third implementer's draft of OpenID Connect for Identity Assurance 1.0.- Since:
- 3.13, Authlete 2.3.0
-
supportedAuthorizationDetailsTypes
String[] supportedAuthorizationDetailsTypes
Supported authorization details types for"authorization_details"
.This property was renamed from
supportedAuthorizationDataTypes
to align with the change made by the 5th draft of the RAR specification.- Since:
- 2.91, Authlete 2.2.7
-
supportedBackchannelTokenDeliveryModes
DeliveryMode[] supportedBackchannelTokenDeliveryModes
Supported backchannel token delivery modes. This property corresponds to thebackchannel_token_delivery_modes_supported
metadata.- Since:
- 2.32, Authlete 2.0.0
-
supportedClaimLocales
String[] supportedClaimLocales
- Since:
- Authlete 1.1
-
supportedClaims
String[] supportedClaims
- Since:
- Authlete 1.1
-
supportedClaimTypes
ClaimType[] supportedClaimTypes
- Since:
- Authlete 1.1
-
supportedClientRegistrationTypes
ClientRegistrationType[] supportedClientRegistrationTypes
Supported client registration types. This property corresponds to theclient_registration_types_supported
server metadata that is defined in OpenID Federation 1.0.- Since:
- 3.22, Authlete 2.3
-
supportedCustomClientMetadata
String[] supportedCustomClientMetadata
Custom client metadata supported by this service.- Since:
- 2.93, Authlete 2.2.10
-
supportedDeveloperSnses
Sns[] supportedDeveloperSnses
- Since:
- Authlete 1.1
-
supportedDigestAlgorithms
String[] supportedDigestAlgorithms
Supported algorithms used to compute digest values of external attachments. This property corresponds to thedigest_algorithms_supported
server metadata which was added by the third implementer's draft of OpenID Connect for Identity Assurance 1.0.- Since:
- 3.13, Authlete 2.3.0
-
supportedDisplays
Display[] supportedDisplays
- Since:
- Authlete 1.1
-
supportedDocuments
String[] supportedDocuments
Supported documents. This property corresponds to thedocuments_supported
server metadata which was renamed to fromid_documents_supported
by the third implementer's draft of OpenID Connect for Identity Assurance 1.0.- Since:
- 3.13, Authlete 2.3.0
-
supportedDocumentsCheckMethods
String[] supportedDocumentsCheckMethods
Supported document check methods. This property corresponds to thedocuments_check_methods_supported
server metadata which was added by the fourth implementer's draft of OpenID Connect for Identity Assurance 1.0.The fourth implementer's draft of OpenID Connect for Identity Assurance 1.0 replaced the
documents_validation_methods_supported
server metadata and thedocuments_verification_methods_supported
server metadata with thedocuments_check_methods_supported
server metadata.- Since:
- 3.48, Authlete 2.3.0
-
supportedDocumentsMethods
String[] supportedDocumentsMethods
Supported validation and verification processes. This property corresponds to thedocuments_methods_supported
server metadata which was renamed to fromid_documents_verification_methods_supported
by the third implementer's draft of OpenID Connect for Identity Assurance 1.0.- Since:
- 3.13, Authlete 2.3.0
-
supportedDocumentsValidationMethods
String[] supportedDocumentsValidationMethods
Deprecated.Supported document validation methods. This property corresponds to thedocuments_validation_methods_supported
server metadata which was added by the third implementer's draft of OpenID Connect for Identity Assurance 1.0.The fourth implementer's draft of OpenID Connect for Identity Assurance 1.0 replaced the
documents_validation_methods_supported
server metadata and thedocuments_verification_methods_supported
server metadata with thedocuments_check_methods_supported
server metadata.- Since:
- 3.13, Authlete 2.3.0
-
supportedDocumentsVerificationMethods
String[] supportedDocumentsVerificationMethods
Deprecated.Supported document verification methods. This property corresponds to thedocuments_verification_methods_supported
server metadata which was added by the third implementer's draft of OpenID Connect for Identity Assurance 1.0.The fourth implementer's draft of OpenID Connect for Identity Assurance 1.0 replaced the
documents_validation_methods_supported
server metadata and thedocuments_verification_methods_supported
server metadata with thedocuments_check_methods_supported
server metadata.- Since:
- 3.13, Authlete 2.3.0
-
supportedElectronicRecords
String[] supportedElectronicRecords
Supported electronic record types. This property corresponds to theelectronic_records_supported
server metadata which was added by the third implementer's draft of OpenID Connect for Identity Assurance 1.0.- Since:
- 3.13, Authlete 2.3.0
-
supportedEvidence
String[] supportedEvidence
Supported evidence. This property corresponds to theevidence_supported
server metadata which is defined in OpenID Connect for Identity Assurance 1.0.- Since:
- 2.63, Authlete 2.2.1
-
supportedGrantTypes
GrantType[] supportedGrantTypes
- Since:
- Authlete 1.1
-
supportedIdentityDocuments
String[] supportedIdentityDocuments
Deprecated.Supported ID documents. This property corresponds to theid_documents_supported
server metadata which was defined in old drafts of OpenID Connect for Identity Assurance 1.0.The third implementer's draft of OpenID Connect for Identity Assurance 1.0 renamed the
id_documents_supported
server metadata todocuments_supported
.- Since:
- 2.63, Authlete 2.2.1
- See Also:
Service.supportedDocuments
-
supportedIntrospectionAuthMethods
ClientAuthMethod[] supportedIntrospectionAuthMethods
- Since:
- Authlete 1.1.19
-
supportedPromptValues
Prompt[] supportedPromptValues
Supportedprompt
values.- Since:
- 3.58, Authlete 3.0
-
supportedResponseTypes
ResponseType[] supportedResponseTypes
- Since:
- Authlete 1.1
-
supportedRevocationAuthMethods
ClientAuthMethod[] supportedRevocationAuthMethods
- Since:
- Authlete 1.1.19
-
supportedScopes
Scope[] supportedScopes
- Since:
- Authlete 1.1
-
supportedServiceProfiles
ServiceProfile[] supportedServiceProfiles
- Since:
- Authlete 1.1.19
-
supportedSnses
Sns[] supportedSnses
- Since:
- Authlete 1.1
-
supportedTokenAuthMethods
ClientAuthMethod[] supportedTokenAuthMethods
- Since:
- Authlete 1.1
-
supportedTrustFrameworks
String[] supportedTrustFrameworks
Supported trust frameworks. This property corresponds to thetrust_frameworks_supported
server metadata which is defined in OpenID Connect for Identity Assurance 1.0.- Since:
- 2.63, Authlete 2.2.1
-
supportedUiLocales
String[] supportedUiLocales
- Since:
- Authlete 1.1
-
supportedVerificationMethods
String[] supportedVerificationMethods
Deprecated.Supported verification methods. This property corresponds to theid_documents_verification_methods_supported
server metadata which was defined in old drafts of OpenID Connect for Identity Assurance 1.0.The third implementer's draft of OpenID Connect for Identity Assurance 1.0 renamed the
id_documents_verification_methods_supported
server metadata todocuments_methods_supported
.- Since:
- 2.63, Authlete 2.2.1
- See Also:
Service.supportedDocumentsMethods
-
supportedVerifiedClaims
String[] supportedVerifiedClaims
Supported verified claims. This property corresponds to theclaims_in_verified_claims_supported
server metadata which is defined in OpenID Connect for Identity Assurance 1.0.- Since:
- 2.63, Authlete 2.2.1
-
tlsClientCertificateBoundAccessTokens
boolean tlsClientCertificateBoundAccessTokens
- Since:
- Authlete 1.1.19
-
tokenBatchNotificationEndpoint
URI tokenBatchNotificationEndpoint
The URI of the endpoint that receives token batch results.- Since:
- 3.96, Authlete 3.0
-
tokenEndpoint
URI tokenEndpoint
- Since:
- Authlete 1.1
-
tokenExchangeByConfidentialClientsOnly
boolean tokenExchangeByConfidentialClientsOnly
The flag indicating whether to prohibit public clients from making token exchange requests.- Since:
- 3.26, Authlete 2.3
-
tokenExchangeByIdentifiableClientsOnly
boolean tokenExchangeByIdentifiableClientsOnly
The flag indicating whether to prohibit unidentifiable clients from making token exchange requests.- Since:
- 3.26, Authlete 2.3
-
tokenExchangeByPermittedClientsOnly
boolean tokenExchangeByPermittedClientsOnly
The flag indicating whether to prohibit clients that have no explicit permission from making token exchange requests.- Since:
- 3.26, Authlete 2.3
-
tokenExchangeEncryptedJwtRejected
boolean tokenExchangeEncryptedJwtRejected
The flag indicating whether to reject token exchange requests which use encrypted JWTs as input tokens.- Since:
- 3.27, Authlete 2.3
-
tokenExchangeUnsignedJwtRejected
boolean tokenExchangeUnsignedJwtRejected
The flag indicating whether to reject token exchange requests which use unsigned JWTs as input tokens.- Since:
- 3.27, Authlete 2.3
-
tokenExpirationLinked
boolean tokenExpirationLinked
The flag indicating whether the expiration date of an access token never exceeds that of the corresponding refresh token.- Since:
- 2.95, Authlete 2.2.12
-
tosUri
URI tosUri
- Since:
- Authlete 1.1
-
traditionalRequestObjectProcessingApplied
boolean traditionalRequestObjectProcessingApplied
The flag indicating whether traditional request object processing (rules defined in OIDC Core 1.0) is applied.- Since:
- 2.80, Authlete 2.2.1
-
trustAnchors
TrustAnchor[] trustAnchors
Trust anchors that are referenced when this service resolves trust chains of relying parties.- Since:
- 3.22, Authlete 2.3
-
trustedRootCertificates
String[] trustedRootCertificates
- Since:
- Authlete 1.1.19
-
unauthorizedOnClientConfigSupported
boolean unauthorizedOnClientConfigSupported
The flag indicating whether to let /api/client/registration API use ClientRegistrationResponse.Action.UNAUTHORIZED whenever appropriate.- Since:
- 3.4, Authlete 2.3.0
-
userCodeCharset
UserCodeCharset userCodeCharset
Character set for end-user verification codes (user_code) for Device Flow.- Since:
- 2.43, Authlete 2.0.0
-
userCodeLength
int userCodeLength
Length of end-user verification codes (user_code) for Device Flow.- Since:
- 2.43, Authlete 2.0.0
-
userInfoEndpoint
URI userInfoEndpoint
- Since:
- Authlete 1.1
-
userInfoSignatureKeyId
String userInfoSignatureKeyId
Key ID to identify a JWK used for User Info signature using an asymmetric key.- Since:
- 2.1, Authlete 1.1
-
userPinLength
int userPinLength
Deprecated.The default length of user PINs.- Since:
- 3.59, Authlete 3.0
-
verifiableCredentialsEnabled
boolean verifiableCredentialsEnabled
The flag indicating whether the feature of Verifiable Credentials for this service is enabled or not.- Since:
- 3.55, Authlete 3.0
-
verifiedClaimsValidationSchemaSet
String verifiedClaimsValidationSchemaSet
The name of the validation schema set that is used to validate the content of"verified_claims"
.- Since:
- 3.61, Authlete 2.3.0
-
-
Class com.authlete.common.dto.ServiceConfigurationRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
patch
String patch
-
pretty
boolean pretty
-
-
Class com.authlete.common.dto.ServiceCreatableResponse extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
count
int count
-
creatable
boolean creatable
-
limit
int limit
-
plan
Plan plan
-
-
Class com.authlete.common.dto.ServiceListResponse extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
end
int end
The end index (exclusive) for the result set of the query. -
services
Service[] services
The service list extracted from the database. -
start
int start
The start index (inclusive) for the result set of the query. -
totalCount
int totalCount
The total count of services.
-
-
Class com.authlete.common.dto.ServiceOwner extends Object implements Serializable
- serialVersionUID:
- 2L
-
Class com.authlete.common.dto.SnsCredentials extends Object implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.StandardIntrospectionRequest extends Object implements Serializable
- serialVersionUID:
- 4L
-
Serialized Fields
-
httpAcceptHeader
String httpAcceptHeader
The value of the HTTPAccept
header in the introspection request.- Since:
- 3.76, Authlete 3.0
-
introspectionEncryptionAlg
JWEAlg introspectionEncryptionAlg
The JWEalg
algorithm for encrypting the content encryption key for the introspection response.- Since:
- 3.76, Authlete 3.0
-
introspectionEncryptionEnc
JWEEnc introspectionEncryptionEnc
The JWEenc
algorithm for encrypting the content of the introspection response.- Since:
- 3.76, Authlete 3.0
-
introspectionSignAlg
JWSAlg introspectionSignAlg
The JWSalg
algorithm for signing the introspection response.- Since:
- 3.76, Authlete 3.0
-
parameters
String parameters
OAuth 2.0 token introspection request parameters. -
publicKeyForEncryption
String publicKeyForEncryption
The public key for encrypting the introspection response with an asymmetric algorithm.- Since:
- 3.76, Authlete 3.0
-
rsUri
URI rsUri
The URI of the resource server making the introspection request.- Since:
- 3.76, Authlete 3.0
-
sharedKeyForEncryption
String sharedKeyForEncryption
The shared key for encrypting the introspection response with a symmetric algorithm.- Since:
- 3.76, Authlete 3.0
-
sharedKeyForSign
String sharedKeyForSign
The shared key for signing the introspection response with a symmetric algorithm.- Since:
- 3.76, Authlete 3.0
-
withHiddenProperties
boolean withHiddenProperties
Flag indicating whether to include hidden properties in the output.- Since:
- 2.83
-
-
Class com.authlete.common.dto.StandardIntrospectionResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 2L
-
Serialized Fields
-
action
StandardIntrospectionResponse.Action action
-
responseContent
String responseContent
-
-
Class com.authlete.common.dto.StringArray extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
array
String[] array
-
-
Class com.authlete.common.dto.TaggedValue extends Object implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.TokenBatchStatus extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
batchKind
TokenBatchStatus.BatchKind batchKind
-
createdAt
long createdAt
-
errorCode
String errorCode
-
errorDescription
String errorDescription
-
modifiedAt
long modifiedAt
-
requestId
String requestId
-
result
TokenBatchStatus.Result result
-
tokenCount
long tokenCount
-
-
Class com.authlete.common.dto.TokenCreateBatchResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
requestId
String requestId
-
-
Class com.authlete.common.dto.TokenCreateBatchStatusRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
requestId
String requestId
-
-
Class com.authlete.common.dto.TokenCreateBatchStatusResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
status
TokenBatchStatus status
-
-
Class com.authlete.common.dto.TokenCreateRequest extends Object implements Serializable
- serialVersionUID:
- 14L
-
Serialized Fields
-
accessToken
String accessToken
-
accessTokenDuration
long accessTokenDuration
-
accessTokenPersistent
boolean accessTokenPersistent
-
acr
String acr
-
authorizationDetails
AuthzDetails authorizationDetails
-
authTime
long authTime
-
certificateThumbprint
String certificateThumbprint
-
clientEntityIdUsed
boolean clientEntityIdUsed
-
clientId
long clientId
-
clientIdAliasUsed
boolean clientIdAliasUsed
-
clientIdentifier
String clientIdentifier
-
dpopKeyThumbprint
String dpopKeyThumbprint
-
forExternalAttachment
boolean forExternalAttachment
-
grantType
GrantType grantType
-
jwtAtClaims
String jwtAtClaims
-
properties
Property[] properties
-
refreshToken
String refreshToken
-
refreshTokenDuration
long refreshTokenDuration
-
resources
URI[] resources
-
scopes
String[] scopes
-
subject
String subject
-
-
Class com.authlete.common.dto.TokenCreateResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 9L
-
Serialized Fields
-
accessToken
String accessToken
- Since:
- Authlete 1.1
-
action
TokenCreateResponse.Action action
- Since:
- Authlete 1.1
-
authorizationDetails
AuthzDetails authorizationDetails
- Since:
- Authlete 2.2.14
-
clientId
long clientId
- Since:
- Authlete 1.1
-
clientIdentifier
String clientIdentifier
- Since:
- Authlete 3.0.0
-
expiresAt
long expiresAt
- Since:
- Authlete 1.1
-
expiresIn
long expiresIn
- Since:
- Authlete 1.1
-
forExternalAttachment
boolean forExternalAttachment
- Since:
- Authlete 2.3.0
-
grantType
GrantType grantType
- Since:
- Authlete 1.1
-
jwtAccessToken
String jwtAccessToken
- Since:
- Authlete 2.3.0
-
properties
Property[] properties
- Since:
- Authlete 1.1
-
refreshToken
String refreshToken
- Since:
- Authlete 1.1
-
refreshTokenScopes
String[] refreshTokenScopes
- Since:
- Authlete 3.0.0
-
scopes
String[] scopes
- Since:
- Authlete 1.1
-
subject
String subject
- Since:
- Authlete 1.1
-
tokenId
String tokenId
- Since:
- Authlete 3.0.0
-
tokenType
String tokenType
- Since:
- Authlete 1.1
-
-
Class com.authlete.common.dto.TokenFailRequest extends Object implements Serializable
- serialVersionUID:
- 2L
-
Serialized Fields
-
reason
TokenFailRequest.Reason reason
The reason of the failure. -
ticket
String ticket
The ticket issued by Authlete's /auth/token API.
-
-
Class com.authlete.common.dto.TokenFailResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
action
TokenFailResponse.Action action
-
responseContent
String responseContent
-
-
Class com.authlete.common.dto.TokenInfo extends Object implements Serializable
- serialVersionUID:
- 2L
-
Serialized Fields
-
authorizationDetails
AuthzDetails authorizationDetails
The content of the"authorization_details"
request parameter which was included in the request that obtained the token. -
clientEntityId
URI clientEntityId
The entity ID of the client.- Since:
- 3.37
-
clientEntityIdUsed
boolean clientEntityIdUsed
Flag which indicates whether the entity ID of the client was used when the request for the token was made.- Since:
- 3.37
-
clientId
long clientId
The client ID. -
clientIdAlias
String clientIdAlias
The client ID alias when the authorization request or the token request for the token was made. -
clientIdAliasUsed
boolean clientIdAliasUsed
Flag which indicates whether the client ID alias was used when the authorization request or the token request for the token was made. -
expiresAt
long expiresAt
The time at which the token expires. -
properties
Property[] properties
Extra properties associated with the token. -
resources
URI[] resources
The target resources of the token. -
scopes
Scope[] scopes
Scopes. -
subject
String subject
Resource owner's unique identifier.
-
-
Class com.authlete.common.dto.TokenIssueRequest extends Object implements Serializable
- serialVersionUID:
- 8L
-
Serialized Fields
-
accessToken
String accessToken
The representation of an access token that may be issued as a result of the Authlete API call.- Since:
- 3.24, Authlete 2.2.27
-
accessTokenDuration
long accessTokenDuration
The duration of the access token that may be issued as a result of the Authlete API call.- Since:
- 3.65, Authlete 2.2.41, Authlete 2.3.5, Authlete 3.0
-
jwtAtClaims
String jwtAtClaims
Additional claims that are added to the payload part of the JWT access token.- Since:
- 3.23
-
properties
Property[] properties
Extra properties to associate with an access token. -
refreshTokenDuration
long refreshTokenDuration
The duration of the refresh token that may be issued as a result of the Authlete API call.- Since:
- 4.8, Authlete 2.3.20, Authlete 3.0
-
subject
String subject
The subject (unique identifier) of the authenticated user. -
ticket
String ticket
The ticket issued by Authlete's endpoint.
-
-
Class com.authlete.common.dto.TokenIssueResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 10L
-
Serialized Fields
-
accessToken
String accessToken
- Since:
- Authlete 1.1
-
accessTokenDuration
long accessTokenDuration
- Since:
- Authlete 1.1
-
accessTokenExpiresAt
long accessTokenExpiresAt
- Since:
- Authlete 1.1
-
accessTokenResources
URI[] accessTokenResources
- Since:
- Authlete 2.2.1
-
action
TokenIssueResponse.Action action
The next action that the service implementation should take.- Since:
- Authlete 1.1
-
authorizationDetails
AuthzDetails authorizationDetails
- Since:
- Authlete 2.2.0
-
clientAttributes
Pair[] clientAttributes
- Since:
- Authlete 2.2.3
-
clientEntityId
URI clientEntityId
- Since:
- Authlete 2.3.0
-
clientEntityIdUsed
boolean clientEntityIdUsed
- Since:
- Authlete 2.3.0
-
clientId
long clientId
- Since:
- Authlete 1.1.9
-
clientIdAlias
String clientIdAlias
- Since:
- Authlete 1.1.9
-
clientIdAliasUsed
boolean clientIdAliasUsed
- Since:
- Authlete 1.1.9
-
jwtAccessToken
String jwtAccessToken
- Since:
- Authlete 2.0.0
-
properties
Property[] properties
- Since:
- Authlete 1.1
-
refreshToken
String refreshToken
- Since:
- Authlete 1.1
-
refreshTokenDuration
long refreshTokenDuration
- Since:
- Authlete 1.1
-
refreshTokenExpiresAt
long refreshTokenExpiresAt
- Since:
- Authlete 1.1
-
refreshTokenScopes
String[] refreshTokenScopes
- Since:
- Authlete 3.0.0
-
responseContent
String responseContent
- Since:
- Authlete 1.1
-
scopes
String[] scopes
- Since:
- Authlete 1.1
-
serviceAttributes
Pair[] serviceAttributes
- Since:
- Authlete 2.2.3
-
subject
String subject
- Since:
- Authlete 1.1
-
-
Class com.authlete.common.dto.TokenListResponse extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
accessTokens
AccessToken[] accessTokens
The access token list extracted from the database. -
client
Client client
The client associated with the access tokens. -
end
int end
The end index (exclusive) for the result set of the query. -
start
int start
The start index (inclusive) for the result set of the query. -
subject
String subject
The identifier of the user associated with the access tokens. -
totalCount
int totalCount
The total count of access tokens.
-
-
Class com.authlete.common.dto.TokenRequest extends Object implements Serializable
- serialVersionUID:
- 12L
-
Serialized Fields
-
accessToken
String accessToken
The representation of an access token that may be issued as a result of the Authlete API call.- Since:
- 3.24, Authlete 2.2.27
-
accessTokenDuration
long accessTokenDuration
The duration of the access token that may be issued as a result of the Authlete API call.- Since:
- 3.64, Authlete 2.2.41, Authlete 2.3.5, Authlete 3.0
-
clientCertificate
String clientCertificate
Client certificate (used in MTLS auth and bound access tokens). -
clientCertificatePath
String[] clientCertificatePath
Client certificate path (used in PKI-based MTLS auth when certificates are validated by the Authlete service). -
clientId
String clientId
Client ID. -
clientSecret
String clientSecret
Client secret. -
dpop
String dpop
DPoP Header -
dpopNonceRequired
boolean dpopNonceRequired
Whether to check if the DPoP proof JWT includes the expected nonce value.- Since:
- 3.82, Authlete 3.0
-
htm
String htm
HTTP Method (for DPoP validation). -
htu
String htu
HTTP URL base (for DPoP validation). -
jwtAtClaims
String jwtAtClaims
Additional claims that are added to the payload part of the JWT access token.- Since:
- 3.35, Authlete 2.3
-
oauthClientAttestation
String oauthClientAttestation
The value of theOAuth-Client-Attestation
HTTP header.- Since:
- 4.3, Authlete 3.0
- See Also:
- OAuth 2.0 Attestation-Based Client Authentication
-
oauthClientAttestationPop
String oauthClientAttestationPop
The value of theOAuth-Client-Attestation-PoP
HTTP header.- Since:
- 4.3, Authlete 3.0
- See Also:
- OAuth 2.0 Attestation-Based Client Authentication
-
parameters
String parameters
OAuth 2.0 token request parameters. -
properties
Property[] properties
Extra properties to associate with an access token. -
refreshTokenDuration
long refreshTokenDuration
The duration of the refresh token that may be issued as a result of the Authlete API call.- Since:
- 4.8, Authlete 2.3.20, Authlete 3.0
-
-
Class com.authlete.common.dto.TokenResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 20L
-
Serialized Fields
-
accessToken
String accessToken
- Since:
- Authlete 2.2.0
-
accessTokenDuration
long accessTokenDuration
- Since:
- Authlete 2.2.0
-
accessTokenExpiresAt
long accessTokenExpiresAt
- Since:
- Authlete 2.2.0
-
accessTokenResources
URI[] accessTokenResources
- Since:
- Authlete 2.2.0
-
action
TokenResponse.Action action
- Since:
- Authlete 1.1
-
actorToken
String actorToken
- Since:
- Authlete 2.3.0
-
actorTokenInfo
TokenInfo actorTokenInfo
- Since:
- Authlete 2.3.0
-
actorTokenType
TokenType actorTokenType
- Since:
- Authlete 2.3.0
-
assertion
String assertion
For RFC 7523 JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants- Since:
- Authlete 2.3.0
-
audiences
String[] audiences
For RFC 8693 OAuth 2.0 Token Exchange- Since:
- Authlete 2.3
-
authorizationDetails
AuthzDetails authorizationDetails
- Since:
- Authlete 2.2.0
-
clientAttributes
Pair[] clientAttributes
- Since:
- Authlete 2.2.3
-
clientAuthMethod
ClientAuthMethod clientAuthMethod
- Since:
- Authlete 2.3.13
-
clientEntityId
URI clientEntityId
- Since:
- Authlete 2.3
-
clientEntityIdUsed
boolean clientEntityIdUsed
- Since:
- Authlete 2.3
-
clientId
long clientId
- Since:
- Authlete 1.1.9
-
clientIdAlias
String clientIdAlias
- Since:
- Authlete 1.1.9
-
clientIdAliasUsed
boolean clientIdAliasUsed
- Since:
- Authlete 1.1.9
-
cnonce
String cnonce
Thec_nonce
.The
cNonce
field added by the version 3.63 has been renamed tocnonce
by the version 3.90.- Since:
- 3.90, Authlete 3.0.0
-
cnonceDuration
long cnonceDuration
The duration ofc_nonce
.The
cNonceDuration
field added by the version 3.63 has been renamed tocnonceDuration
by the version 3.90.- Since:
- 3.90, Authlete 3.0.0
-
cnonceExpiresAt
long cnonceExpiresAt
The time at which thec_nonce
expires.The
cNonceExpiresAt
field added by the version 3.63 has been renamed tocnonceExpiresAt
by the version 3.90.- Since:
- 3.90, Authlete 3.0.0
-
dpopNonce
String dpopNonce
The expected nonce value for DPoP proof JWT, which should be used as the value of theDPoP-Nonce
HTTP header.- Since:
- 3.82, Authlete 3.0
-
grantId
String grantId
- Since:
- Authlete 2.3.0
-
grantType
GrantType grantType
- Since:
- Authlete 1.1.9
-
idToken
String idToken
- Since:
- Authlete 2.2.0
-
jwtAccessToken
String jwtAccessToken
- Since:
- Authlete 2.1
-
password
String password
- Since:
- Authlete 1.1
-
previousRefreshTokenUsed
boolean previousRefreshTokenUsed
A flag indicating whether the previous refresh token that had been kept in the database for a short time was used.- Since:
- Authlete 2.3.0
-
properties
Property[] properties
- Since:
- Authlete 1.1.9
-
refreshToken
String refreshToken
- Since:
- Authlete 2.2.0
-
refreshTokenDuration
long refreshTokenDuration
- Since:
- Authlete 2.2.0
-
refreshTokenExpiresAt
long refreshTokenExpiresAt
- Since:
- Authlete 2.2.0
-
refreshTokenScopes
String[] refreshTokenScopes
Scopes associated with the refresh token.- Since:
- 3.89, Authlete 3.0.0
-
requestedIdTokenClaims
String[] requestedIdTokenClaims
The names of the claims that the authorization request (which resulted in generation of the access token) requested to be embedded in ID tokens.- Since:
- 3.68, Authlete 3.0
-
requestedTokenType
TokenType requestedTokenType
- Since:
- Authlete 2.3.0
-
resources
URI[] resources
- Since:
- Authlete 2.2.1
-
responseContent
String responseContent
- Since:
- Authlete 1.1
-
scopes
String[] scopes
- Since:
- Authlete 1.1.9
-
serviceAttributes
Pair[] serviceAttributes
- Since:
- Authlete 2.2.3
-
subject
String subject
- Since:
- Authlete 1.1.9
-
subjectToken
String subjectToken
- Since:
- Authlete 2.3.0
-
subjectTokenInfo
TokenInfo subjectTokenInfo
- Since:
- Authlete 2.3.0
-
subjectTokenType
TokenType subjectTokenType
- Since:
- Authlete 2.3.0
-
ticket
String ticket
- Since:
- Authlete 1.1
-
username
String username
- Since:
- Authlete 1.1
-
-
Class com.authlete.common.dto.TokenRevokeRequest extends Object implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.TokenRevokeResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
count
int count
-
-
Class com.authlete.common.dto.TokenUpdateRequest extends Object implements Serializable
- serialVersionUID:
- 8L
-
Serialized Fields
-
accessToken
String accessToken
-
accessTokenExpiresAt
long accessTokenExpiresAt
-
accessTokenExpiresAtUpdatedOnScopeUpdate
boolean accessTokenExpiresAtUpdatedOnScopeUpdate
-
accessTokenHash
String accessTokenHash
-
accessTokenPersistent
boolean accessTokenPersistent
-
accessTokenValueUpdated
boolean accessTokenValueUpdated
-
authorizationDetails
AuthzDetails authorizationDetails
-
certificateThumbprint
String certificateThumbprint
-
dpopKeyThumbprint
String dpopKeyThumbprint
-
forExternalAttachment
boolean forExternalAttachment
-
properties
Property[] properties
-
refreshTokenExpiresAt
long refreshTokenExpiresAt
-
refreshTokenExpiresAtUpdatedOnScopeUpdate
boolean refreshTokenExpiresAtUpdatedOnScopeUpdate
-
scopes
String[] scopes
-
tokenId
String tokenId
-
-
Class com.authlete.common.dto.TokenUpdateResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 5L
-
Serialized Fields
-
accessToken
String accessToken
- Since:
- Authlete 1.1
-
accessTokenExpiresAt
long accessTokenExpiresAt
- Since:
- Authlete 1.1
-
action
TokenUpdateResponse.Action action
- Since:
- Authlete 1.1
-
authorizationDetails
AuthzDetails authorizationDetails
- Since:
- Authlete 2.2.14
-
forExternalAttachment
boolean forExternalAttachment
- Since:
- Authlete 2.3.0
-
properties
Property[] properties
- Since:
- Authlete 1.1
-
refreshTokenExpiresAt
long refreshTokenExpiresAt
- Since:
- Authlete 2.1
-
scopes
String[] scopes
- Since:
- Authlete 1.1
-
tokenId
String tokenId
- Since:
- Authlete 3.0.0
-
tokenType
String tokenType
- Since:
- Authlete 2.0.0
-
-
Class com.authlete.common.dto.TrustAnchor extends Object implements Serializable
- serialVersionUID:
- 1L
-
Class com.authlete.common.dto.UserInfoIssueRequest extends Object implements Serializable
- serialVersionUID:
- 7L
-
Serialized Fields
-
claims
String claims
Claims in JSON format. -
claimsForTx
String claimsForTx
Claim key-value pairs that are used to compute transformed claims. -
headers
Pair[] headers
The HTTP headers to include in the signed response.- Since:
- 3.38, Authlete 2.3
-
requestSignature
String requestSignature
TheSignature
header value from the request.- Since:
- 3.38, Authlete 2.3
-
sub
String sub
The value of the 'sub' claim. If this field is empty, the value of the subject that is associated with the access token is used as the value of the 'sub' claim. -
token
String token
The access token. -
verifiedClaimsForTx
String[] verifiedClaimsForTx
Verified claim key-value pairs that are used to compute transformed claims.
-
-
Class com.authlete.common.dto.UserInfoIssueResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 2L
-
Serialized Fields
-
action
UserInfoIssueResponse.Action action
- Since:
- Authlete 1.1
-
contentDigest
String contentDigest
The content-digest header of the response message- Since:
- Authlete 2.3.0
-
responseContent
String responseContent
- Since:
- Authlete 1.1
-
signature
String signature
The signature header of the response message.- Since:
- Authlete 2.3.0
-
signatureInput
String signatureInput
The signature-input header of the response message- Since:
- Authlete 2.3.0
-
-
Class com.authlete.common.dto.UserInfoRequest extends Object implements Serializable
- serialVersionUID:
- 5L
-
Serialized Fields
-
clientCertificate
String clientCertificate
The client certificate used in the TLS connection established between the client application and the userinfo endpoint.- Since:
- 2.37
-
dpop
String dpop
TheDPoP
header.- Since:
- 2.70
-
dpopNonceRequired
boolean dpopNonceRequired
Whether to check if the DPoP proof JWT includes the expected nonce value.- Since:
- 3.82, Authlete 3.0
-
headers
Pair[] headers
The HTTP headers included in the userinfo request. They are used to compute component values, which will be part of the signature base for HTTP message signatures.- Since:
- 3.38, Authlete 2.3
-
htm
String htm
The HTTP method of the userinfo request.- Since:
- 2.70
-
htu
String htu
The URL of the userinfo endpoint, without query or fragment components.- Since:
- 2.70
-
message
String message
Deprecated.The HTTP message body of the request, if present.This parameter has been deprecated. In exchange, the
requestBodyContained
parameter has been introduced.- Since:
- 3.38, Authlete 2.3
-
requestBodyContained
boolean requestBodyContained
The flag indicating whether the userinfo request contains a request body.- Since:
- 4.12, Authlete 2.3.26
-
targetUri
URI targetUri
The full URI of the userinfo request, including the query part, if any.- Since:
- 4.12, Authlete 2.3.26
-
token
String token
The access token. -
uri
String uri
Deprecated.The full URL of the userinfo endpoint.This parameter has been deprecated and replaced with the
targetUri
parameter.- Since:
- 3.38, Authlete 2.3
-
-
Class com.authlete.common.dto.UserInfoResponse extends ApiResponse implements Serializable
- serialVersionUID:
- 7L
-
Serialized Fields
-
action
UserInfoResponse.Action action
The next action the service implementation should take.- Since:
- Authlete 1.1
-
claims
String[] claims
Claims that are requested by the client application.- Since:
- Authlete 1.1
-
clientAttributes
Pair[] clientAttributes
The attributes of the client that the access token has been issued to.- Since:
- Authlete 2.2.3
-
clientEntityId
URI clientEntityId
The entity ID of the client.- Since:
- 3.37, Authlete 2.3
-
clientEntityIdUsed
boolean clientEntityIdUsed
Flag which indicates whether the entity ID of the client was used when the request for the access token was made.- Since:
- 3.37, Authlete 2.3
-
clientId
long clientId
The client ID.- Since:
- Authlete 1.1
-
clientIdAlias
String clientIdAlias
The client ID alias when the authorization request for the access token was made.- Since:
- Authlete 1.1
-
clientIdAliasUsed
boolean clientIdAliasUsed
Flag which indicates whether the client ID alias was used when the authorization request for the access token was made.- Since:
- Authlete 1.1
-
consentedClaims
String[] consentedClaims
Claims that the user has consented for the client application to know.- Since:
- Authlete 2.3
-
dpopNonce
String dpopNonce
The expected nonce value for DPoP proof JWT, which should be used as the value of theDPoP-Nonce
HTTP header.- Since:
- 3.82, Authlete 3.0
-
properties
Property[] properties
Extra properties associated with the access token.- Since:
- Authlete 1.1
-
requestedClaimsForTx
String[] requestedClaimsForTx
Names of claims that will be referenced when transformed claims are computed.- Since:
- Authlete 2.3
-
requestedVerifiedClaimsForTx
StringArray[] requestedVerifiedClaimsForTx
Names of verified claims that will be referenced when transformed claims are computed.- Since:
- Authlete 2.3
-
responseContent
String responseContent
Entity body of the response to the client.- Since:
- Authlete 1.1
-
scopes
String[] scopes
Scopes.- Since:
- Authlete 1.1
-
serviceAttributes
Pair[] serviceAttributes
The attributes of the service that the client belongs to.- Since:
- Authlete 2.2.3
-
subject
String subject
Resource owner's user account.- Since:
- Authlete 1.1
-
token
String token
The access token that came along with the userinfo request.- Since:
- Authlete 1.1
-
transformedClaims
String transformedClaims
"transformed_claims" in "claims" of an authorization request.- Since:
- Authlete 2.3
-
userInfoClaims
String userInfoClaims
"userinfo" in "claims" of an authorization request.- Since:
- Authlete 2.2.1
-
-
-
Package com.authlete.common.util
-
Class com.authlete.common.util.Version extends Object implements Serializable
- serialVersionUID:
- 1L
-
Serialized Fields
-
major
int major
-
minor
int minor
-
patch
int patch
-
string
String string
-
-