GET /api/apps/versions/{AppVersionID}/oauthprofile/choices
Returns information about the choices available for a specific app, for the app's OAuth Profile. These are the options that are available for the app developer to choose from.
This operation looks at all OAuth providers that are configured, including the platform's OAuth Provider and any PingFederate or external OAuth provider domains that are configured, and returns a summary of all available choices, to be displayed on the App OAuth Profile page in the Community Manager developer portal.
Authorization Roles/Permissions: App team member, Business Admin, Site Admin
This topic includes the following sections:
HTTP Method
GET
URL
https://{hostname}/api/apps/versions/{AppVersionID}/oauthprofile/choices
Sample Request
The examples below show requests for app OAuth profile choices.
Request URL #1
Requests all properties.
https://{hostname}/api/apps/versions/7mUCQU4xmU18TKMMbjqauA2k.acmepaymentscorp/oauthprofile/choices
Request URL #2
Uses the optional OAuthClientProperty parameter to request two specific properties.
https://{hostname}/api/apps/versions/7mUCQU4xmU18TKMMbjqauA2k.acmepaymentscorp/oauthprofile/choices?OAuthClientProperty=grant_types_supported&OAuthClientProperty=id_token_signing_alg_values_supported
Sample request headers
GET /api/apps/versions/6NGw7XEtXYy8KZwF7EOxvT2V.acmepaymentscorp/oauthprofile/choices HTTP/1.1
Host: {hostname}
Accept: application/json
Sample request body
Not applicable.
Request Headers
For general information on request header values, refer to HTTP Request Headers.
| Header | Description |
|---|---|
| Accept | application/json, application/vnd.soa.v72+json, application/vnd.soa.v80+json, application/vnd.soa.v81+json |
| Cookie | AtmoAuthToken_{fedmemberid}={cookie value, which usually starts with TokenID}—The platform cookie. This is the Akana API Platform authorization token, and must be sent with every API request that requires login. For more information and an example, see Session cookies. |
| X-Csrf-Token_{fedmemberID} | The CSRF prevention header; may or may not be required, depending on platform settings. See CSRF Prevention on the Platform. By default, the CSRF header is not required for GET operations and is required for all others, with a few exceptions relating to user login. |
Request Parameters
| Parameter | Parm Type | Data Type | Required | Description |
|---|---|---|---|---|
| AppVersionID | Path | string | Required | The unique ID for a specific app version. |
| OAuthClientProperty | Query | string | Optional | Specific OAuth client properties. For multiple properties, include multiple parameters with one property for each. |
Response
If successful, this operation returns HTTP status code 200, with the available properties for the specified app version's OAuth profile.
Sample Response
The sample response below shows successful completion of this operation. This example returns all properties (response to sample request #1)
Sample response headers: application/json
Status Code: 200 OK Content-Type: application/json Date: TThu, 21 Jun 2018 22:17:23 GMT
Sample response body: application/json
{
"oidc10_supported": true,
"id_token_encryption_alg_values_supported": [
"A256GCMKW",
"dir"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:jwt-bearer",
"urn:ietf:params:oauth:grant-type:saml2-bearer"
],
"id_token_signing_alg_values_supported": [
"PS384",
"PS512"
],
"token_endpoint_auth_methods_supported": [
"client_secret_jwt",
"private_key_jwt"
],
"isAdmin": true,
"scopes_supported": [
"address",
"edit",
"phone",
"openid",
"profile",
"name",
"admin",
"email"
],
"id_token_encryption_enc_values_supported": [
"A192GCM",
"A256GCM"
],
"response_types": [
"code",
"id_token",
"token"
]
}
Response Headers
For general information on response header values, refer to HTTP Response Headers.
| Header | Description |
|---|---|
| Content-Type | application/json, application/vnd.soa.v72+json, application/vnd.soa.v80+json, application/vnd.soa.v81+json |
Response Body
The response is a JSON object, dynamically constructed based on the properties available in the platform instance. Possible properties are described below.
| Name | Type | Description |
|---|---|---|
| oidc10_supported | Boolean | Indicates whether OpenID Connect is supported. |
| id_token_encryption_alg_values_supported | string[ ] | Indicates the ID token encryption key management algorithms that are supported. |
| grant_types_supported | string[ ] | Indicates the OAuth grant types/extension grant types that are supported. |
| id_token_signing_alg_values_supported | string[ ] | Indicates the ID token signing algorithms that are supported. |
| token_endpoint_auth_methods_supported | string[ ] | Indicates the authentication methods supported. |
| isAdmin | string | Indicates whether the user running the operation is an Administrator. A subset of properties is sent if the user is not an Administrator. |
| scopes_supported | string[ ] | Indicates that only the specified scopes are supported for the app. |
| id_token_encryption_enc_values_supported | string[ ] | Indicates the ID token content encryption algorithms that are supported. |
| response_types | string[ ] | Indicates that only the specified response types are supported for the app. |
| access_token_types_supported | Boolean | Indicates the access token types that are supported. |
Error Codes/Messages
If the call is unsuccessful an error code/message is returned. One or more examples of possible errors for this operation are shown below.
| Item | Value |
|---|---|
| 401 | Unauthorized. For example, you would get this response if you didn't include the custom X-Csrf-Token_{fedmemberID} header in the request, when it was required by the platform settings; or if you included an invalid or expired value for this header. You would also get this response for any operation that requires login (almost all) if the login cookie was missing. |
| 500 | An error occurred processing the call. |
More information about Akana API Platform API error messages.