EndpointOAuthDetails Object
Includes information about the OAuth configuration for an API, such as the supported OAuth version, URLs, and grant types.
Note: You must create the API using the POST /api/apis operation before setting up the OAuth details.
This object is used by the following operations:
- Operations that reference the EndpointsOAuthDetails object
- Operations that reference the APIVersion object
- Operations that reference the TargetAPI object
- Operations that reference the APIImplementation object
The properties included in the EndpointOAuthDetails object are listed below.
| Property | Type | Required | Description |
|---|---|---|---|
| OAuthProvider | string | Required |
Indicates the OAuth provider for this API; for example, com.soa.oauth.provider.third-party or MyOAuthProvider. Note: There is an API call to get a list of OAuth providers supported by the platform. |
| SupportedGrant | string[ ] | Optional |
Used only with third-party OAuth provider (com.soa.oauth.provider.third-party): One or more OAuth grant types supported by this API, if applicable. Valid values:
|
| ClientAuthPolicyOption | string[ ] | Optional |
Used only with third-party OAuth provider (com.soa.oauth.provider.third-party): The client authentication policy supported by the endpoint. Possible choices:
For more information, see Client Authorization Policy Options. |
| OAuth10aSupported | boolean | Optional | Indicates whether the API supports OAuth 1.0a. Defaults to true. |
| OAuth10aSettings | OAuth10aSettings | Optional | Used only with third-party OAuth provider (com.soa.oauth.provider.third-party): The API's OAuth 1.0a settings, if the API supports OAuth 1.0a. |
| OAuth20Supported | boolean | Optional | Indicates whether the API supports OAuth 2.0. Defaults to true. |
| OAuth20Settings | OAuth20Settings | Optional | Used only with third-party OAuth provider (com.soa.oauth.provider.third-party): The API's OAuth 2.0 settings, if the API supports OAuth 2.0. |
| Resource | string[ ] | Optional | An array of one or more resources (grants) that the app can access via OAuth using this API, when an API-wide resource is defined. |
| AuthorizationEndpointParameters | AuthorizationEndpointParameters | Optional |
Used only with third-party OAuth provider (com.soa.oauth.provider.third-party): Custom parameters to be sent to the authorization endpoint, if the third-party requires custom parameters. If custom parameters are specified here, the Test Client displays the parameters, with a place for developers to enter a value, so that developers can test their apps with the API. |
| TokenEndpointParameters | TokenEndpointParameters | Optional |
Used only with third-party OAuth provider (com.soa.oauth.provider.third-party): Custom parameters to be sent to the token endpoint, if the third party requires custom parameters. If custom parameters are specified here, the Test Client displays the parameters, with a place for developers to enter a value, so that developers can test their apps with the API. |
| OAuthTokenResourceURISettings | OAuthTokenResourceURISettings | Optional |
Contains information about the URI for the OAuth Token Resource. Example: com.soa.oauth.token.resource.uri.proxy.url. |
| PlatformAppIdentitiesInUse | boolean | Optional |
Used only with third-party OAuth provider (com.soa.oauth.provider.third-party): indicates that the OAuth implementation uses the platform app identity values (App ID and Shared Secret) for authentication of the app. This corresponds with the following setting in the platform user interface OAuth setup for the API: OAuth Provider uses Platform App identities. If this property is set to true, the Test Client in the user interface prefills the app identity values when the app developer is testing the app with the API. If it's set to false, the Test Client leaves the fields blank for the app developer to enter authentication values provided by the API owner. |