Building Your Event-Driven Architecture : Integration Server Administrator’s Guide : Configuring OAuth : Configuring the Authorization Server : Defining Clients : Registering Clients
Registering Clients
Complete the following steps to register a client with the authorization server.
To register a client
1. Open Integration Server Administrator of the Integration Server defined as the authorization server if it is not already open.
2. In the Security menu of the Navigational Panel, click OAuth.
3. Click Client Registration.
4. Click Register Client.
5. Under Client Configuration, complete the fields as follows:
Field
Description
Name
Specifies the name of the client.
The name cannot contain the following characters:
& ( ) \ ; , / " : ' < >
Note:  
You cannot create clients with the same Name and Version combination.
Version
Specifies the version number of the client.
The version cannot contain the following characters:
& ( ) \ ; , / " : ' < >
Note:  
You cannot create clients with the same Name and Version combination.
Type
Specifies the type of the client according to its ability to communicate with the authorization server.
Specify...
When...
Confidential
The client is capable of maintaining secure client authentications. When you select client type as Confidential, Integration Server generates a client secret. This client secret will be required by Integration Server when the client makes requests to the OAuth services. Specify Confidential when the OAuth session uses the authorization code grant type. For more information, see Authorization Code Grant.
Public
The client is not capable of maintaining secure client authentications. Specify Public when the OAuth session uses the implicit grant type. For more information, see Implicit Grant.
Description
Optional. Specifies a description of the client.
Redirect URIs
Specifies the URIs that the authorization server will use to redirect the resource owner's browser during the grant process.
You can add more than one URI at a time by specifying multiple lines, one URI to a line. Press the Enter key to separate lines.
6. Under Token, specify the following information:
Field
Description
Expiration Interval
Specifies the length of time (in seconds) that the access token is valid.
Select...
To...
Use OAuth Global Setting
Use the setting specified in the Access token expiration interval field on the OAuth screen. This setting is shown in angle brackets. For more information about the Access token expiration interval field, see Configuring OAuth Settings.
Never Expires
Indicate that the access token never expires.
Expires in
Specify a specific time interval. Enter the number of seconds that the access token is valid in the field provided. The maximum value is 2147483647. The default is 3600.
Refresh Count
Specifies the number of times the access token can be refreshed.
Note:  
Tokens can only be refreshed when using the authorization code grant flow.
Select...
To...
Unlimited
Refresh the access token an unlimited number of times.
Limit
Specify the number of times Integration Server can refresh the access token.
If you specify any value greater than 0, Integration Server will issue a refresh token to enable the access token to be refreshed the specified number of times. When the access token expires, the client can use the pub.oauth:refreshAccessToken service to submit a token refresh request to the authorization server.
If you specify 0 or leave the Limit field empty, Integration Server does not issue a refresh token.
The maximum value is 2147483647. The default is 0.
7. Click Save Changes.
Integration Server generates a client ID. If you specified Confidential in the Type field, Integration Server also generates a client secret. Integration Server requires the client ID, client secret, or both when the client invokes the OAuth services.
Note:  
When a confidential client is registered, a corresponding Integration Server user account is created. The user name is the client ID and the password is the client secret. If an existing client is changed from confidential to public or vice versa, the corresponding user account is created or deleted.
Copyright © 2016 - 2016 Software AG, Darmstadt, Germany.

Product LogoContact Support   |   Community   |   Feedback