Last modified by bougault on 2022/03/02 11:58
From version 3.1
edited by allan
on 2019/09/19 11:16
Change comment: Creating the client
To version 4.2
edited by allan
on 2019/09/19 14:22
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -6,7 +6,7 @@
6 6  
7 7  == Becoming a contributor ==
8 8  
9 -The first step is for you to be recognised as a contributor. Contributors can register and manage applications within the Community Apps Catalogue.
9 +The first step is for you to be **recognised as a contributor**. Contributors can register and manage applications within the Community Apps Catalogue.
10 10  
11 11  To become a contributor, send an email to [[support@humanbrainproject.eu>>mailto:support@humanbrainproject.eu]] with a short summary of your intentions.
12 12  
... ... @@ -29,15 +29,15 @@
29 29  
30 30  The steps to create an OpenID Connect client are the following:
31 31  
32 -* get an access token from the `developer` client
33 -* use the token to call the create endpoint
34 -* save your registration access token for further modifications of your client
32 +1. get an access token from the `developer` client
33 +1. use the token to call the create endpoint
34 +1. save your registration access token for further modifications of your client
35 35  
36 36  === Fetching your developer access token ===
37 37  
38 38  In order to get your developer token, you need to authenticate against the developer client with the password grant.
39 39  
40 -This can be achieved with this sample bash script:
40 +This can be achieved with this sample shell script:
41 41  
42 42  {{code language="bash"}}
43 43  # Gather username and password from user
... ... @@ -77,7 +77,7 @@
77 77  
78 78  === Creating the client ===
79 79  
80 -Clients can be created by sending a JSON representation to a specific endpoint:
80 +With your developer token, you can now create clients by sending a JSON representation to a specific endpoint:
81 81  
82 82  {{code language="bash"}}
83 83  # Set your developer token
... ... @@ -160,5 +160,36 @@
160 160  
161 161  Among all the attributes, you should securely save:
162 162  
163 -* your client secret ("secret" attribute) which is needed by your application to authenticate to the IAM server when making backend calls
164 -* your client registration access token ("registrationAccessToken")  which is the token you will need to authenticate when modifying your client in the future
163 +* your client **secret** ("secret" attribute) which is needed by your application to **authenticate to the IAM server** when making backend calls
164 +* your client **registration access token** ("registrationAccessToken")  which is the token you will need to authenticate when **modifying your client in the future**
165 +
166 +=== Modifying your client ===
167 +
168 +Updating a client is done with a PUT request:
169 +
170 +{{code language="bash"}}
171 +# Set your registration token and client id
172 +clb_reg_token=...
173 +
174 +# Update the client
175 +curl -X PUT https://iam.humanbrainproject.eu/auth/realms/hbp/clients-registrations/default/my-awesome-client \
176 + -H "Authorization: Bearer ${clb_reg_token}" \
177 + -H 'Content-Type: application/json' \
178 + -d '{
179 + "clientId": "my-awesome-client",
180 + "redirectUris": [
181 + "/relative/redirect/path",
182 + "/these/can/use/wildcards/*",
183 + "/a/new/redirect/uri"
184 + ]
185 + }' |
186 +
187 +# Prettify the JSON response
188 +json_pp;
189 +{{/code}}
190 +
191 + Note that your client id must be provided both in the endpoint URL and within the body of the request.
192 +
193 +{{warning}}
194 +/!\ ** Each time you modify your client, a new registration access token will be generated. You need to track of your token changes in order to keep access to your client.   **/!\
195 +{{/warning}}