Create a customer client
Learn about creating one or more clients as specified in the request body for a customer.
Request
POST https://auth.reltio.com/oauth/customers/{customerId}/clients
- ROLE_ADMIN_CUSTOMER
- Auth.Customer.Clients CREATE
Name | Required | Description | |
---|---|---|---|
Headers | Authorization | Yes | Information about the authentication access token should be in the format: "Bearer {accessToken}". For more information, see topic Authentication API. |
URL Parameters | customerId
| Yes | A valid customer ID. The created client ID is automatically associated with your customer ID. |
Body Parameters | accessTokenValidity
| No | The validity time for the issued token. If you don’t specify a time, the default time is 3600 seconds (one hour). |
authorizedGrantTypes
| Yes | This specifies the grant type, which must be the client_credentials grant type. | |
clientAuthenticationMethods
| Yes | This parameter contains the client_secret_basic and client_secret_post sub-parameters. Use the client_secret_basic sub-parameter to pass the secret via the Authorization Basic header. Use the client_secret_post sub-parameter to pass the secret in the request body of the token request. | |
clientDescription
| No | The description of the client system. | |
clientId
| Yes | The client identifier that is unique across all customers. | |
clientName
| No | The name of the client. | |
clientEmail
| No | The email address of the user who’s responsible for client management in your organization. | |
clientSecret
| No | The secret that is assigned to a client. If you don’t specify a secret, a random secret is generated. | |
enabled | No | If the value is not specified, then it is true by default. If the value is set to false , then the client is disabled and cannot create tokens. | |
defaultRolesAssignmentEnabled
| No | If true , ROLE_API is automatically added to the list of roles for this client credentials (even if it is not part of the scope parameter). If this parameter is not included in the request, the value is considered to be true . | |
clientPermissions | No | This parameter contains the roles sub-parameters. Use the roles sub-parameter to chose a list of roles that are associated with the client and the tenants associated with each role. |
Response
The response body contains the list of clients that have been created and associated with the customer.Example 1
This example shows a request to provide tenant specific access to the client.
RequestPOST https://auth.reltio.com/oauth/customers/ABC/clients
Headers: Authorization: Bearer <Access-Token>
Body:
[
{
"clientId": "test_client",
"clientPermissions":
{
"roles":{
"ROLE_ADMIN_TENANT": ["tenant1"],
"ROLE_API": ["tenant1"]
}
},
"authorities": [],
"resourceIds": [],
"authorizedGrantTypes": [
"client_credentials"
],
"clientDescription": null,
"clientName": null,
"clientEmail": null,
"redirectUri": [],
"accessTokenValidity": null,
"refreshTokenValidity": null,
"defaultRolesAssignmentEnabled": false,
"clientAuthenticationMethods": [
"client_secret_post",
"client_secret_basic"
]
}
]
Response
{
"clientId": "test_client",
"clientSecret": "YZze8&7EU%xqH3%8",
"scope":[],
"clientPermissions":
{
"roles":{
"ROLE_ADMIN_TENANT": ["tenant1"],
"ROLE_API": ["tenant1"]
}
},
"authorities": [],
"resourceIds": [],
"authorizedGrantTypes": [
"client_credentials"
],
"clientDescription": null,
"clientName": null,
"clientEmail": null,
"redirectUri": [
"http://localhost"
],
"clientSecret": "generated_secret",
"accessTokenValidity": null,
"refreshTokenValidity": null,
"defaultRolesAssignmentEnabled": false,
"clientAuthenticationMethods": [
"client_secret_post",
"client_secret_basic"
],
"enabled" : true
}