Typescript (SDK)

import { Authlete } from "@authlete/typescript-sdk";

const authlete = new Authlete({
  bearer: process.env["AUTHLETE_BEARER"] ?? "",
});

async function run() {
  const result = await authlete.federation.registration({
    serviceId: "<id>",
    federationRegistrationRequest: {},
  });

  console.log(result);
}

run();

{
  "resultCode": "<string>",
  "resultMessage": "<string>",
  "responseContent": "<string>",
  "client": {
    "number": 1140735077,
    "serviceNumber": 715948317,
    "clientName": "My Test Client",
    "clientId": "1140735077",
    "clientSecret": "gXz97ISgLs4HuXwOZWch8GEmgL4YMvUJwu3er_kDVVGcA0UOhA9avLPbEmoeZdagi9yC_-tEiT2BdRyH9dbrQQ",
    "clientType": "PUBLIC",
    "redirectUris": [
      "https://example.com/callback"
    ],
    "responseTypes": [
      "CODE"
    ],
    "grantTypes": [
      "AUTHORIZATION_CODE"
    ]
  }
}

Federation Endpoint

Process Federation Registration Request

The Authlete API is for implementations of the federation registration endpoint that accepts “explicit client registration”. Its details are defined in OpenID Connect Federation 1.0. The endpoint accepts POST requests whose Content-Type is either of the following.

application/entity-statement+jwt- application/trust-chain+json When the Content-Type of a request is application/entity-statement+jwt, the content of the request is the entity configuration of a relying party that is to be registered. In this case, the implementation of the federation registration endpoint should call Authlete’s /federation/registration API with the entity configuration set to the entityConfiguration request parameter. On the other hand, when the Content-Type of a request is application/trust-chain+json, the content of the request is a JSON array that contains entity statements in JWT format. The sequence of the entity statements composes the trust chain of a relying party that is to be registered. In this case, the implementation of the federation registration endpoint should call Authlete’s /federation/registration API with the trust chain set to the trustChain request parameter.

POST

api

{serviceId}

federation

registration

Typescript (SDK)

import { Authlete } from "@authlete/typescript-sdk";

const authlete = new Authlete({
  bearer: process.env["AUTHLETE_BEARER"] ?? "",
});

async function run() {
  const result = await authlete.federation.registration({
    serviceId: "<id>",
    federationRegistrationRequest: {},
  });

  console.log(result);
}

run();

{
  "resultCode": "<string>",
  "resultMessage": "<string>",
  "responseContent": "<string>",
  "client": {
    "number": 1140735077,
    "serviceNumber": 715948317,
    "clientName": "My Test Client",
    "clientId": "1140735077",
    "clientSecret": "gXz97ISgLs4HuXwOZWch8GEmgL4YMvUJwu3er_kDVVGcA0UOhA9avLPbEmoeZdagi9yC_-tEiT2BdRyH9dbrQQ",
    "clientType": "PUBLIC",
    "redirectUris": [
      "https://example.com/callback"
    ],
    "responseTypes": [
      "CODE"
    ],
    "grantTypes": [
      "AUTHORIZATION_CODE"
    ]
  }
}

Authorizations

Authorization

string

header

required

Authenticate every request with a Service Access Token or Organization Token. Set the token value in the Authorization: Bearer <token> header.

Service Access Token: Scoped to a single service. Use when automating service-level configuration or runtime flows.

Organization Token: Scoped to the organization; inherits permissions across services. Use for org-wide automation or when managing multiple services programmatically.

Both token types are issued by the Authlete console or provisioning APIs.

Path Parameters

serviceId

string

required

A service ID.

Body

entityConfiguration

string

The entity configuration of a relying party.

trustChain

string

The trust chain of a relying party.

Response

resultCode

string

The code which represents the result of the API call.

resultMessage

string

A short message which explains the result of the API call.

action

enum<string>

The next action that the authorization server implementation should take.

Available options:

OK,

BAD_REQUEST,

NOT_FOUND,

INTERNAL_SERVER_ERROR

responseContent

string

The content that the authorization server implementation can use as the value of WWW-Authenticate header on errors.

client

object

Show child attributes

Example:

{
  "number": 1140735077,
  "serviceNumber": 715948317,
  "clientName": "My Test Client",
  "clientId": "1140735077",
  "clientSecret": "gXz97ISgLs4HuXwOZWch8GEmgL4YMvUJwu3er_kDVVGcA0UOhA9avLPbEmoeZdagi9yC_-tEiT2BdRyH9dbrQQ",
  "clientType": "PUBLIC",
  "redirectUris": ["https://example.com/callback"],
  "responseTypes": ["CODE"],
  "grantTypes": ["AUTHORIZATION_CODE"]
}

Process Entity Configuration Request Create Security Key

Documentation Index

Authorizations

Path Parameters

Body

Response