Skip to content

Latest commit

 

History

History
35 lines (24 loc) · 1.93 KB

IAM-back-channel-apis.md

File metadata and controls

35 lines (24 loc) · 1.93 KB

Back Channel REST APIs

  • Provider configuration as required by RFC8414, OpenID or Provider Meta-Data
    GET http://localhost:8080/services/oauth2/{organization-id}/{project-id}/.well-known/openid-configuration

  • Provider configuration jwks_uri as specified by RFC7517 JSON Web Key (JWK).
    GET http://localhost:8080/services/oauth2/{organization-id}/{project-id}/.well-known/jwks.json

  • UserInfo verification endpoint as specified in OIDC core 1.0
    GET http://localhost:8080/services/oauth2/{organization-id}/{project-id}/userinfo

  • Introspect (validate) issued JWTs as specified here.
    POST http://localhost:8080/services/oauth2/{organization-id}/{project-id}/introspect

Service discovery

  • Get IAM-service instance info.
    GET http://localhost:8080/services/discovery/build-info

  • Get all organizations managed by this instance of IAM-service.
    GET http://localhost:8080/services/discovery

  • Get organization by ID managed by this instance of IAM-service.
    GET http://localhost:8080/services/discovery/{organization-id}

  • Get project within organization.
    GET http://localhost:8080/services/discovery/{organization-id}/{project-id}

  • Get user info for organization and project and user with unique id provided.
    GET http://localhost:8080/services/discovery/{organization-id}/{project-id}/users/{user-id}

  • Get client info for organization and project and client with unique id provided.
    GET http://localhost:8080/services/discovery/{organization-id}/{project-id}/clients/{client-id}