GET /user-management-v2/client/oidc
FROM API REVISION 6.0
On this resource, you can retrieve the OIDC client configuration.
When the OIDC client configuration is enabled, the controller will use the OIDC server for authentication.
<span class="glyphicon glyphicon-warning-sign small-warning" aria-hidden="true"> The OIDC client can be enabled only if :
If you want to apply your configuration in one request, you can use the query-parameter force=true, that will disabled the Http protocol if this one is enable and deactivate the user-management server.
Used when you are operating a browser without access to the header parameter. This allows you to choose which encoding you want to use for the response:
All these resources can be used according what the resource allows.
To address the raw value of a primitive property, clients append a path segment containing the string $value to the property URL.
To use this query option you need to use the classic resource and add the element name you want to print followed by the query string name.
<span class="warning"><span class="glyphicon glyphicon-warning-sign" aria-hidden="true"> Be careful, the parameter query string is used in the URL and is not like other parameters.
The $select system query option allows clients to request a limited set of properties for each entity.
The value pass in the parameter can be:
*"(star): This will show all child elements.," (comma).If there is no value after the select query option, the parameter will be ignored. All the values that are not specified will not be printed in the response.
If this parameter is not in the request, the Application/Json will be chosen by default.
There are multiple possible values (according the resource):
The first two are the most often used.
Object Name: OIDC
| Property Name | Type | Description | Method |
|---|---|---|---|
| Enabled (optional) |
boolean | Set this to enable the current mode or not. If set to true this can produce an error according the current configuration. See the description of the resource for more details. |
GET POST |
| IpAddress (optional) |
string | IP address of the RADIUS/OIDC server. This can be the IP address of an ECY series controller that is set as the Server Radius or a suitably-configured RADIUS server on an EC-Net / EC-BOS station. | GET POST |
| AccessToken (optional) |
string | Identifier used by the server that is handling the protected resource to lookup the associated authorization information. The access token is usually a long string made up of 16 to 132 random alphanumeric characters and symbols that would be difficult to guess. |
GET POST |
| HttpsPort (optional) |
integer | Server HTTPS port of the SSO server. By default, this port is set to 443. |
GET POST |
| RecoveryPasswordExists (optional) |
boolean | True if a recovery password is already registered ; False otherwise. | GET |
| RecoveryPassword (optional) |
string | Used to access the controller in recovery mode if ever the server is unavailable. The password needs to be encoded in Base64. Requirements : * At least 1 uppercase * At least 1 lowercase * At least 1 number * Min length : 8 (14 if fips is enabled) * Max length : 64 |
POST |
URL Example: https://0.0.0.0/api/rest/v1/user-management-v2/client/oidc
{
"recoveryPasswordExists": false,
"httpsPort": 443,
"enabled": false,
"accessToken": "RFdkYlhkMDRBdzVmYVBhT0RFd3g4Zw==",
"ipAddress": "10.59.82.67"
}
URL Example: https://0.0.0.0/api/rest/v1/user-management-v2/client/oidc
<?xml version="1.0" encoding="utf-8"?>
<Oidc>
<Enabled>false</Enabled>
<IpAddress>10.59.82.67</IpAddress>
<AccessToken>RFdkYlhkMDRBdzVmYVBhT0RFd3g4Zw==</AccessToken>
<HttpsPort>443</HttpsPort>
<RecoveryPasswordExists>false</RecoveryPasswordExists>
</Oidc>