oauth client
/oauth/members/{member}/clients/{client} [PATCH]
| API Support | Available since | Last updated | Output |
|---|---|---|---|
| 5.8900 | 5.9801 | xml, json |
Description
Updates an OAuth client.
If the client URI changes, this service updates the CORS origin accordingly.
Parameters
| Name | Description | Required | Type | Default value |
|---|---|---|---|---|
| access-token-max-age | The max age of the access tokens in seconds | no | long | |
| app | The name of the app (informational) | no | string | |
| client-secret | The client secret | no | string | |
| client-uri | The URL for the client app (informational) | no | url | |
| description | The description of this client (informational) | no | string | |
| grant-type | The grant type allowed for this client | no | enum | |
| identifier | The OAuth 2.0 client ID - 16 digit hexadecimal number (admin only) | no | string | |
| member | The member ID or username for this client (admin only) | no | string | |
| name | The name of the client (informational) | no | string | |
| redirect-uri | The redirection URI specific to this client | no | url | |
| refresh-token-max-age | The max age of the refresh tokens in seconds | no | long | |
| scope | A space separated list of scopes allowed for this client e.g. openid profile email | no | string | |
| webhook-secret | The secret used for signing webhook requests (between 24 and 64 characters long) | no | string |
The valid grant types are: authorization_code|password|client_credentials
Support for the implicit grant type has been removed in version 6.
Permission
Members can update their own OAuth client but cannot change its member or client ID (member and identifier parameters).
An administrators can update any client.
Response
This service returns a <client> element wrapped in a <client-modification>.
<client-modification>
<client id="1"
identifier="2aa92c5a79baf3fe"
requires-consent="false"
confidential="false"
name="My app"
grant-type="authorization_code"
[created="2020-03-08T12:34:00+10:00"]
[modified="2020-03-10T11:24:00+10:00"]
[last-token="2020-05-10T10:28:00+10:00"]
[app="Timesheet"]
[webhook-secret="S0meP@ssw0d"]
[redirect-uri="http://example.org/login"]
[description="My example timesheet"]
[client-uri="http://example.org"]
[scope="openid profile email"]
access-token-max-age="7200"
refresh-token-max-age="0">
<member id="45" ...>
<fullname>John Smith</fullname>
</member>
</client>
</client-modification>
Error Handling
| HTTP code | Condition |
|---|---|
| 400 | The name is already in use |
| 400 | Maximum number of clients for this member has been reached |
| 400 | Invalid grant-type, member or client-uri or redirect-uri parameter |
| 403 | The client is not owned by the member |
| 400 | No matching client for ID |
The maximum number of clients a non-administrator member can have is 10.