Last modified by messines on 2022/05/25 10:11
From version 2.1
edited by mmorgan
on 2020/07/16 01:43
Change comment: There is no comment for this version
To version 5.1
edited by messines
on 2021/03/18 12:17
Change comment: There is no comment for this version

Summary

Details

Page properties
Title
... ... @@ -1,1 +1,1 @@
1 -Registering an OIDC client
1 +1. Registering an OIDC client
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.mmorgan
1 +XWiki.messines
Content
... ... @@ -1,7 +1,20 @@
1 +== Must read before starting ==
2 +
3 +It's very important to choose the right type of clients and to understand the various OAuth flows.
4 +
5 +A very good documentation is this one :
6 +
7 +[[https:~~/~~/auth0.com/docs/authorization/which-oauth-2-0-flow-should-i-use>>url:https://auth0.com/docs/authorization/which-oauth-2-0-flow-should-i-use]]
8 +
9 +and another one
10 +
11 +[[https:~~/~~/dzone.com/articles/the-right-flow-for-the-job-which-oauth-20-flow-sho>>url:https://dzone.com/articles/the-right-flow-for-the-job-which-oauth-20-flow-sho]]
12 +
1 1  == Creating your OpenID Connect client ==
2 2  
3 3  The steps to create an OpenID Connect (OIDC) client are the following:
4 4  
17 +1. Ask the developer accreditation to be authorize to create client
5 5  1. get an access token from the `developer` client
6 6  1. save your registration access token for further modifications of your client
7 7  1. use the token to call the create endpoint
... ... @@ -8,6 +8,14 @@
8 8  
9 9  Note that a Jupyter Notebook notebook is available in the Drive of this collab to help you create and modify your OIDC client. Its name is: **//Managing an OpenID Connect client.ipynb//** [add link]
10 10  
24 +=== Ask for developer accreditation ===
25 +
26 +To be authorize to create an OIDC client you have to be accredited as developer.
27 +
28 +Please go on this page and "Request to join" the group [[https:~~/~~/wiki.ebrains.eu/bin/view/Identity/#/groups/app-collaboratory-iam~~-~~-service-providers>>https://wiki.ebrains.eu/bin/view/Identity/#/groups/app-collaboratory-iam--service-providers]]
29 +
30 +We will quickly process your request and you will be able to create an OIDC client
31 +
11 11  === Fetching your developer access token ===
12 12  
13 13  Getting your developer token is done in one simple step: authenticate against the developer client with the password grant.
... ... @@ -56,7 +56,7 @@
56 56  
57 57  {{code language="bash"}}
58 58  # Set your developer token
59 -clb_dev_token=...
80 +clb_dev_token="eyJhbGci..."
60 60  
61 61  # Send the creation request
62 62  curl -X POST https://iam.ebrains.eu/auth/realms/hbp/clients-registrations/default/ \
... ... @@ -170,5 +170,3 @@
170 170  {{warning}}
171 171  **⚠  Each time you modify your client, a new registration access token is generated. You need to keep track of your latest token to keep access to your client.  ⚠**
172 172  {{/warning}}
173 -
174 -
Table of content