Defining an OAuth2 / OpenID Connect Client

Defining an OAuth2 Client is generally done by an administrator.

To define a new OAuth2 Client:

curl -XPOST -H"Argus-API-Key: my/api/key" https://api.mnemonic.no/authentication/v1/oauth/client -d
{
    "shortName": "myclient",
    "name": "My OAuth Client",
    "description": "This is the description of the client",
    "customer": "mycustomer",
    "mainURI": "https://my.application",
    "redirectURI": "https://my.application/oauth/callback"
    "requiredFunction":"myAccessFunction",  # define a special access function, which is required for the user to get access
    "permissionScope":"DATASTORE-VIEWER",   # allow the client to access the datastore, read only
    "clientIPRange": ["192.168.1.0/24"],    # I know where this application runs!
    "clientSecret": "mySecretPassword"      # Share this secret with the OAuth2 client, to allow it to contact the Token endpoint
  }
}

The returning OAuth2 Client object contains the client ID, which should be used in the OAuth2 protocol exchange:

{
  "id": "021269c5-04c3-4399-a206-32659c489803", ...
}