Add a new OAuth Identity Domain
post
/oam/services/rest/ssa/api/v1/oauthpolicyadmin/oauthidentitydomain
Request
Supported Media Types
- application/json
- application/xml
Identity Domain that needs to be created
Root Schema : IdentityDomain
Type:
Show Source
object-
consentPageURL:
string
Fully qualified URL of the customized consent page
-
customAttrs:
string
Attribute of user in IDStore to store the encrypted secretkey for TOTP
-
description:
string
-
errorPageURL:
string
Fully qualified URL of the customized error page
-
identityProvider:
string
Name of the identity store against which authentication is completed
-
name(required):
string
Name of the Identity Domain
-
oldSecretRetentionTimeInDays:
integer
Specifies the rollover period for previous client secret to continue working. The previous client secret is assigned when a client secret is changed.
-
tokenSettings:
array tokenSetting
Nested Schema : TokenSettings
Type:
Show Source
object-
lifeCycleEnabled:
boolean
Default Value:
false -
refreshTokenEnabled(required):
boolean
Default Value:
false -
refreshTokenExpiry(required):
integer(int64)
-
refreshTokenLifeCycleEnabled:
boolean
Default Value:
false -
tokenExpiry(required):
integer(int64)
-
tokenType(required):
string
Allowed Values:
[ "ACCESS_TOKEN", "AUTHZ_CODE", "SSO_LINK_TOKEN" ]Type of the token
Response
Supported Media Types
- application/json
200 Response
Sucessfully created entity - OAuthIdentityDomain, detail
Root Schema : IdentityDomain
Type:
Show Source
object-
consentPageURL:
string
Fully qualified URL of the customized consent page
-
customAttrs:
string
Attribute of user in IDStore to store the encrypted secretkey for TOTP
-
description:
string
-
errorPageURL:
string
Fully qualified URL of the customized error page
-
identityProvider:
string
Name of the identity store against which authentication is completed
-
name(required):
string
Name of the Identity Domain
-
oldSecretRetentionTimeInDays:
integer
Specifies the rollover period for previous client secret to continue working. The previous client secret is assigned when a client secret is changed.
-
tokenSettings:
array tokenSetting
Nested Schema : TokenSettings
Type:
Show Source
object-
lifeCycleEnabled:
boolean
Default Value:
false -
refreshTokenEnabled(required):
boolean
Default Value:
false -
refreshTokenExpiry(required):
integer(int64)
-
refreshTokenLifeCycleEnabled:
boolean
Default Value:
false -
tokenExpiry(required):
integer(int64)
-
tokenType(required):
string
Allowed Values:
[ "ACCESS_TOKEN", "AUTHZ_CODE", "SSO_LINK_TOKEN" ]Type of the token
422 Response
Failed to create OAuth entity "IdentityDomain" - name "NameofIdentityDomain"
Examples
There are 2 ways to create the Identity Domain
-
Simple: In this mode, just the name and description of the IdentityDomain to be created are used. The rest of the values are defaulted.
-
Detailed: In this mode, you can give specific values to the different parameters.
cURL Example
This example demonstrates a sample request against the server for creating the Identity Domain in Simple mode.
curl -i -H 'Content-Type: application/json' -H 'Authorization:Basic d2VibG9naWM6V2VsY29tZTE='
--request POST http:<Servername>:<Port>/oam/services/rest/ssa/api/v1/oauthpolicyadmin/oauthidentitydomain -d
'{"name":"TestDomain","description":"Test Domain"}' cURL Example
This example demonstrates a sample request against the server for creating the Identity Domain in Detailed mode.
curl -i -H 'Content-Type: application/json' -H 'Authorization:Basic d2VibG9naWM6V2VsY29tZTE='
--request POST http:<Servername>:<Port>/oam/services/rest/ssa/api/v1/oauthpolicyadmin/oauthidentitydomain -d
'{"name":"TestDomain","identityProvider":"UserIdentityStore1","description":"TestDomain","tokenSettings":[{"tokenType":"ACCESS_TOKEN","tokenExpiry":3600,"lifeCycleEnabled":false,"refreshTokenEnabled":false,"refreshTokenExpiry":86400,"refreshTokenLifeCycleEnabled":false}, {"tokenType":"AUTHZ_CODE","tokenExpiry":3600,
"lifeCycleEnabled":false,"refreshTokenEnabled":false,"refreshTokenExpiry":86400,"refreshTokenLifeCycleEnabled":false}, {"tokenType":"SSO_LINK_TOKEN","tokenExpiry":3600,"lifeCycleEnabled":false,"refreshTokenEnabled":false,"refreshTokenExpiry":86400,"refreshTokenLifeCycleEnabled":false}],"errorPageURL":"/oam/pages/error.jsp",
"consentPageURL":"/oam/pages/consent.jsp","customAttrs":"{\"domainCertValidityInDays\":\"30\", \"consentExpiryTimeInMinutes\":\"10\"}"}
'
Example of Response Body
The following example shows the contents of the response body for creating the Identity Domain in Detailed mode in JSON format.
HTTP/1.1 200 OK
Date: Fri, 28 Jul 2017 13:01:41 GMT
Content-Length: 860
Content-Type: text/plain
X-ORACLE-DMS-ECID: 78d30c19-07b6-4ac2-a39b-f1cbd8182ebb-000003fd
X-ORACLE-DMS-RID: 0
Set-Cookie: JSESSIONID=_oGJSc7Vt2vIWLNQ_uwYCZz151JqOXewJRIkyvstnnio8WsNborT!-1875566563; path=/; HttpOnly
Sucessfully created entity - OAuthIdentityDomain, detail - OAuth Identity Domain :: Name - TestDomain, Id - 0b5f3fd731e44ae09c5b8bd1f4cfc355, Description - TestDomain, TrustStore Identifiers - [TestDomain], Identity Provider - UserIdentityStore1, TokenSettings - [{"tokenType":"ACCESS_TOKEN","tokenExpiry":3600,
"lifeCycleEnabled":false,"refreshTokenEnabled":false,"refreshTokenExpiry":86400,"refreshTokenLifeCycleEnabled":false}, {"tokenType":"AUTHZ_CODE","tokenExpiry":3600,"lifeCycleEnabled":false,"refreshTokenEnabled":false,"refreshTokenExpiry":86400,"refreshTokenLifeCycleEnabled":false}, {"tokenType":"SSO_LINK_TOKEN",
"tokenExpiry":3600,"lifeCycleEnabled":false,"refreshTokenEnabled":false,"refreshTokenExpiry":86400,"refreshTokenLifeCycleEnabled":false}], ConsentPageURL - /oam/pages/consent.jsp, ErrorPageURL - /oam/pages/error.jsp, CustomAttrs - {"domainCertValidityInDays":"30", "consentExpiryTimeInMinutes":"10"}