Safe Haskell | Safe-Inferred |
---|---|
Language | Haskell2010 |
- Operations
- OAuth2
- acceptOAuth2ConsentRequest0
- acceptOAuth2LoginRequest0
- acceptOAuth2LogoutRequest
- createOAuth2Client
- deleteOAuth2Client
- deleteOAuth2Token
- deleteTrustedOAuth2JwtGrantIssuer
- getOAuth2Client
- getOAuth2ConsentRequest
- getOAuth2LoginRequest
- getOAuth2LogoutRequest
- getTrustedOAuth2JwtGrantIssuer
- introspectOAuth2Token
- listOAuth2Clients
- listOAuth2ConsentSessions
- listTrustedOAuth2JwtGrantIssuers
- oAuth2Authorize
- oauth2TokenExchange
- patchOAuth2Client
- rejectOAuth2ConsentRequest
- rejectOAuth2LoginRequest
- rejectOAuth2LogoutRequest
- revokeOAuth2ConsentSessions
- revokeOAuth2LoginSessions
- revokeOAuth2Token
- setOAuth2Client
- setOAuth2ClientLifespans
- trustOAuth2JwtGrantIssuer0
- OAuth2
Synopsis
- acceptOAuth2ConsentRequest0 :: Consumes AcceptOAuth2ConsentRequest0 MimeJSON => ConsentChallenge -> OryHydraRequest AcceptOAuth2ConsentRequest0 MimeJSON OAuth2RedirectTo MimeJSON
- data AcceptOAuth2ConsentRequest0
- acceptOAuth2LoginRequest0 :: Consumes AcceptOAuth2LoginRequest0 MimeJSON => LoginChallenge -> OryHydraRequest AcceptOAuth2LoginRequest0 MimeJSON OAuth2RedirectTo MimeJSON
- data AcceptOAuth2LoginRequest0
- acceptOAuth2LogoutRequest :: LogoutChallenge -> OryHydraRequest AcceptOAuth2LogoutRequest MimeNoContent OAuth2RedirectTo MimeJSON
- data AcceptOAuth2LogoutRequest
- createOAuth2Client :: (Consumes CreateOAuth2Client MimeJSON, MimeRender MimeJSON OAuth2Client) => OAuth2Client -> OryHydraRequest CreateOAuth2Client MimeJSON OAuth2Client MimeJSON
- data CreateOAuth2Client
- deleteOAuth2Client :: Id -> OryHydraRequest DeleteOAuth2Client MimeNoContent NoContent MimeNoContent
- data DeleteOAuth2Client
- deleteOAuth2Token :: ClientId -> OryHydraRequest DeleteOAuth2Token MimeNoContent NoContent MimeNoContent
- data DeleteOAuth2Token
- deleteTrustedOAuth2JwtGrantIssuer :: Id -> OryHydraRequest DeleteTrustedOAuth2JwtGrantIssuer MimeNoContent NoContent MimeNoContent
- data DeleteTrustedOAuth2JwtGrantIssuer
- getOAuth2Client :: Id -> OryHydraRequest GetOAuth2Client MimeNoContent OAuth2Client MimeJSON
- data GetOAuth2Client
- getOAuth2ConsentRequest :: ConsentChallenge -> OryHydraRequest GetOAuth2ConsentRequest MimeNoContent OAuth2ConsentRequest MimeJSON
- data GetOAuth2ConsentRequest
- getOAuth2LoginRequest :: LoginChallenge -> OryHydraRequest GetOAuth2LoginRequest MimeNoContent OAuth2LoginRequest MimeJSON
- data GetOAuth2LoginRequest
- getOAuth2LogoutRequest :: LogoutChallenge -> OryHydraRequest GetOAuth2LogoutRequest MimeNoContent OAuth2LogoutRequest MimeJSON
- data GetOAuth2LogoutRequest
- getTrustedOAuth2JwtGrantIssuer :: Id -> OryHydraRequest GetTrustedOAuth2JwtGrantIssuer MimeNoContent TrustedOAuth2JwtGrantIssuer MimeJSON
- data GetTrustedOAuth2JwtGrantIssuer
- introspectOAuth2Token :: Consumes IntrospectOAuth2Token MimeFormUrlEncoded => Token -> OryHydraRequest IntrospectOAuth2Token MimeFormUrlEncoded IntrospectedOAuth2Token MimeJSON
- data IntrospectOAuth2Token
- listOAuth2Clients :: OryHydraRequest ListOAuth2Clients MimeNoContent [OAuth2Client] MimeJSON
- data ListOAuth2Clients
- listOAuth2ConsentSessions :: Subject -> OryHydraRequest ListOAuth2ConsentSessions MimeNoContent [OAuth2ConsentSession] MimeJSON
- data ListOAuth2ConsentSessions
- listTrustedOAuth2JwtGrantIssuers :: OryHydraRequest ListTrustedOAuth2JwtGrantIssuers MimeNoContent [TrustedOAuth2JwtGrantIssuer] MimeJSON
- data ListTrustedOAuth2JwtGrantIssuers
- oAuth2Authorize :: OryHydraRequest OAuth2Authorize MimeNoContent ErrorOAuth2 MimeJSON
- data OAuth2Authorize
- oauth2TokenExchange :: Consumes Oauth2TokenExchange MimeFormUrlEncoded => GrantType -> OryHydraRequest Oauth2TokenExchange MimeFormUrlEncoded OAuth2TokenExchange MimeJSON
- data Oauth2TokenExchange
- patchOAuth2Client :: (Consumes PatchOAuth2Client MimeJSON, MimeRender MimeJSON JsonPatch2) => JsonPatch2 -> Id -> OryHydraRequest PatchOAuth2Client MimeJSON OAuth2Client MimeJSON
- data PatchOAuth2Client
- rejectOAuth2ConsentRequest :: Consumes RejectOAuth2ConsentRequest MimeJSON => ConsentChallenge -> OryHydraRequest RejectOAuth2ConsentRequest MimeJSON OAuth2RedirectTo MimeJSON
- data RejectOAuth2ConsentRequest
- rejectOAuth2LoginRequest :: Consumes RejectOAuth2LoginRequest MimeJSON => LoginChallenge -> OryHydraRequest RejectOAuth2LoginRequest MimeJSON OAuth2RedirectTo MimeJSON
- data RejectOAuth2LoginRequest
- rejectOAuth2LogoutRequest :: LogoutChallenge -> OryHydraRequest RejectOAuth2LogoutRequest MimeNoContent NoContent MimeNoContent
- data RejectOAuth2LogoutRequest
- revokeOAuth2ConsentSessions :: Subject -> OryHydraRequest RevokeOAuth2ConsentSessions MimeNoContent NoContent MimeNoContent
- data RevokeOAuth2ConsentSessions
- revokeOAuth2LoginSessions :: Subject -> OryHydraRequest RevokeOAuth2LoginSessions MimeNoContent NoContent MimeNoContent
- data RevokeOAuth2LoginSessions
- revokeOAuth2Token :: Consumes RevokeOAuth2Token MimeFormUrlEncoded => Token -> OryHydraRequest RevokeOAuth2Token MimeFormUrlEncoded NoContent MimeNoContent
- data RevokeOAuth2Token
- setOAuth2Client :: (Consumes SetOAuth2Client MimeJSON, MimeRender MimeJSON OAuth2Client) => OAuth2Client -> Id -> OryHydraRequest SetOAuth2Client MimeJSON OAuth2Client MimeJSON
- data SetOAuth2Client
- setOAuth2ClientLifespans :: Consumes SetOAuth2ClientLifespans MimeJSON => Id -> OryHydraRequest SetOAuth2ClientLifespans MimeJSON OAuth2Client MimeJSON
- data SetOAuth2ClientLifespans
- trustOAuth2JwtGrantIssuer0 :: Consumes TrustOAuth2JwtGrantIssuer0 MimeJSON => OryHydraRequest TrustOAuth2JwtGrantIssuer0 MimeJSON TrustedOAuth2JwtGrantIssuer MimeJSON
- data TrustOAuth2JwtGrantIssuer0
Operations
OAuth2
acceptOAuth2ConsentRequest0
acceptOAuth2ConsentRequest0 Source #
:: Consumes AcceptOAuth2ConsentRequest0 MimeJSON | |
=> ConsentChallenge | "consentChallenge" - OAuth 2.0 Consent Request Challenge |
-> OryHydraRequest AcceptOAuth2ConsentRequest0 MimeJSON OAuth2RedirectTo MimeJSON |
PUT /admin/oauth2/auth/requests/consent/accept
Accept OAuth 2.0 Consent Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell Ory now about it. If the subject authenticated, heshe must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject's behalf. The consent challenge is appended to the consent provider's URL to which the subject's user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted or rejected the request. This endpoint tells Ory that the subject has authorized the OAuth 2.0 client to access resources on hisher behalf. The consent provider includes additional information, such as session data for access and ID tokens, and if the consent request should be used as basis for future requests. The response contains a redirect URL which the consent provider should redirect the user-agent to. The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please head over to the OAuth 2.0 documentation.
data AcceptOAuth2ConsentRequest0 Source #
Instances
HasBodyParam AcceptOAuth2ConsentRequest0 AcceptOAuth2ConsentRequest Source # | |
Defined in OryHydra.API.OAuth2 setBodyParam :: (Consumes AcceptOAuth2ConsentRequest0 contentType, MimeRender contentType AcceptOAuth2ConsentRequest) => OryHydraRequest AcceptOAuth2ConsentRequest0 contentType res accept -> AcceptOAuth2ConsentRequest -> OryHydraRequest AcceptOAuth2ConsentRequest0 contentType res accept Source # | |
Consumes AcceptOAuth2ConsentRequest0 MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 | |
Produces AcceptOAuth2ConsentRequest0 MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 |
acceptOAuth2LoginRequest0
acceptOAuth2LoginRequest0 Source #
:: Consumes AcceptOAuth2LoginRequest0 MimeJSON | |
=> LoginChallenge | "loginChallenge" - OAuth 2.0 Login Request Challenge |
-> OryHydraRequest AcceptOAuth2LoginRequest0 MimeJSON OAuth2RedirectTo MimeJSON |
PUT /admin/oauth2/auth/requests/login/accept
Accept OAuth 2.0 Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell the Ory OAuth2 Service about it. The authentication challenge is appended to the login provider URL to which the subject's user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. This endpoint tells Ory that the subject has successfully authenticated and includes additional information such as the subject's ID and if Ory should remember the subject's subject agent for future authentication attempts by setting a cookie. The response contains a redirect URL which the login provider should redirect the user-agent to.
data AcceptOAuth2LoginRequest0 Source #
Instances
HasBodyParam AcceptOAuth2LoginRequest0 AcceptOAuth2LoginRequest Source # | |
Defined in OryHydra.API.OAuth2 setBodyParam :: (Consumes AcceptOAuth2LoginRequest0 contentType, MimeRender contentType AcceptOAuth2LoginRequest) => OryHydraRequest AcceptOAuth2LoginRequest0 contentType res accept -> AcceptOAuth2LoginRequest -> OryHydraRequest AcceptOAuth2LoginRequest0 contentType res accept Source # | |
Consumes AcceptOAuth2LoginRequest0 MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 | |
Produces AcceptOAuth2LoginRequest0 MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 |
acceptOAuth2LogoutRequest
acceptOAuth2LogoutRequest Source #
:: LogoutChallenge | "logoutChallenge" - OAuth 2.0 Logout Request Challenge |
-> OryHydraRequest AcceptOAuth2LogoutRequest MimeNoContent OAuth2RedirectTo MimeJSON |
PUT /admin/oauth2/auth/requests/logout/accept
Accept OAuth 2.0 Session Logout Request
When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this endpoint is used to confirm that logout request. The response contains a redirect URL which the consent provider should redirect the user-agent to.
data AcceptOAuth2LogoutRequest Source #
Instances
Produces AcceptOAuth2LogoutRequest MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 |
createOAuth2Client
:: (Consumes CreateOAuth2Client MimeJSON, MimeRender MimeJSON OAuth2Client) | |
=> OAuth2Client | "oAuth2Client" - OAuth 2.0 Client Request Body |
-> OryHydraRequest CreateOAuth2Client MimeJSON OAuth2Client MimeJSON |
POST /admin/clients
Create OAuth 2.0 Client
Create a new OAuth 2.0 client. If you pass client_secret
the secret is used, otherwise a random secret is generated. The secret is echoed in the response. It is not possible to retrieve it later on.
data CreateOAuth2Client Source #
Instances
HasBodyParam CreateOAuth2Client OAuth2Client Source # | Body Param OAuth2Client - OAuth 2.0 Client Request Body |
Defined in OryHydra.API.OAuth2 setBodyParam :: (Consumes CreateOAuth2Client contentType, MimeRender contentType OAuth2Client) => OryHydraRequest CreateOAuth2Client contentType res accept -> OAuth2Client -> OryHydraRequest CreateOAuth2Client contentType res accept Source # | |
Consumes CreateOAuth2Client MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 | |
Produces CreateOAuth2Client MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 |
deleteOAuth2Client
:: Id | "id" - The id of the OAuth 2.0 Client. |
-> OryHydraRequest DeleteOAuth2Client MimeNoContent NoContent MimeNoContent |
DELETE /admin/clients/{id}
Delete OAuth 2.0 Client
Delete an existing OAuth 2.0 Client by its ID. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. Make sure that this endpoint is well protected and only callable by first-party components.
data DeleteOAuth2Client Source #
Instances
deleteOAuth2Token
:: ClientId | "clientId" - OAuth 2.0 Client ID |
-> OryHydraRequest DeleteOAuth2Token MimeNoContent NoContent MimeNoContent |
DELETE /admin/oauth2/tokens
Delete OAuth 2.0 Access Tokens from specific OAuth 2.0 Client
This endpoint deletes OAuth2 access tokens issued to an OAuth 2.0 Client from the database.
data DeleteOAuth2Token Source #
Instances
Produces DeleteOAuth2Token MimeNoContent Source # | |
Defined in OryHydra.API.OAuth2 |
deleteTrustedOAuth2JwtGrantIssuer
deleteTrustedOAuth2JwtGrantIssuer Source #
:: Id | "id" - The id of the desired grant |
-> OryHydraRequest DeleteTrustedOAuth2JwtGrantIssuer MimeNoContent NoContent MimeNoContent |
DELETE /admin/trust/grants/jwt-bearer/issuers/{id}
Delete Trusted OAuth2 JWT Bearer Grant Type Issuer
Use this endpoint to delete trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you created the trust relationship. Once deleted, the associated issuer will no longer be able to perform the JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grant.
data DeleteTrustedOAuth2JwtGrantIssuer Source #
Instances
getOAuth2Client
:: Id | "id" - The id of the OAuth 2.0 Client. |
-> OryHydraRequest GetOAuth2Client MimeNoContent OAuth2Client MimeJSON |
GET /admin/clients/{id}
Get an OAuth 2.0 Client
Get an OAuth 2.0 client by its ID. This endpoint never returns the client secret. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
data GetOAuth2Client Source #
Instances
Produces GetOAuth2Client MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 |
getOAuth2ConsentRequest
getOAuth2ConsentRequest Source #
:: ConsentChallenge | "consentChallenge" - OAuth 2.0 Consent Request Challenge |
-> OryHydraRequest GetOAuth2ConsentRequest MimeNoContent OAuth2ConsentRequest MimeJSON |
GET /admin/oauth2/auth/requests/consent
Get OAuth 2.0 Consent Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject's behalf. The consent challenge is appended to the consent provider's URL to which the subject's user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted or rejected the request. The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please head over to the OAuth 2.0 documentation.
data GetOAuth2ConsentRequest Source #
Instances
Produces GetOAuth2ConsentRequest MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 |
getOAuth2LoginRequest
getOAuth2LoginRequest Source #
:: LoginChallenge | "loginChallenge" - OAuth 2.0 Login Request Challenge |
-> OryHydraRequest GetOAuth2LoginRequest MimeNoContent OAuth2LoginRequest MimeJSON |
GET /admin/oauth2/auth/requests/login
Get OAuth 2.0 Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell the Ory OAuth2 Service about it. Per default, the login provider is Ory itself. You may use a different login provider which needs to be a web-app you write and host, and it must be able to authenticate ("show the subject a login screen") a subject (in OAuth2 the proper name for subject is "resource owner"). The authentication challenge is appended to the login provider URL to which the subject's user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process.
data GetOAuth2LoginRequest Source #
Instances
Produces GetOAuth2LoginRequest MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 |
getOAuth2LogoutRequest
getOAuth2LogoutRequest Source #
:: LogoutChallenge | "logoutChallenge" |
-> OryHydraRequest GetOAuth2LogoutRequest MimeNoContent OAuth2LogoutRequest MimeJSON |
GET /admin/oauth2/auth/requests/logout
Get OAuth 2.0 Session Logout Request
Use this endpoint to fetch an Ory OAuth 2.0 logout request.
data GetOAuth2LogoutRequest Source #
Instances
Produces GetOAuth2LogoutRequest MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 |
getTrustedOAuth2JwtGrantIssuer
getTrustedOAuth2JwtGrantIssuer Source #
:: Id | "id" - The id of the desired grant |
-> OryHydraRequest GetTrustedOAuth2JwtGrantIssuer MimeNoContent TrustedOAuth2JwtGrantIssuer MimeJSON |
GET /admin/trust/grants/jwt-bearer/issuers/{id}
Get Trusted OAuth2 JWT Bearer Grant Type Issuer
Use this endpoint to get a trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you created the trust relationship.
data GetTrustedOAuth2JwtGrantIssuer Source #
Instances
Produces GetTrustedOAuth2JwtGrantIssuer MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 |
introspectOAuth2Token
introspectOAuth2Token Source #
:: Consumes IntrospectOAuth2Token MimeFormUrlEncoded | |
=> Token | "token" - The string value of the token. For access tokens, this is the \"access_token\" value returned from the token endpoint defined in OAuth 2.0. For refresh tokens, this is the \"refresh_token\" value returned. |
-> OryHydraRequest IntrospectOAuth2Token MimeFormUrlEncoded IntrospectedOAuth2Token MimeJSON |
POST /admin/oauth2/introspect
Introspect OAuth2 Access and Refresh Tokens
The introspection endpoint allows to check if a token (both refresh and access) is active or not. An active token is neither expired nor revoked. If a token is active, additional information on the token will be included. You can set additional data for a token by setting `session.access_token` during the consent flow.
data IntrospectOAuth2Token Source #
Instances
HasOptionalParam IntrospectOAuth2Token Scope Source # | Optional Param "scope" - An optional, space separated list of required scopes. If the access token was not granted one of the scopes, the result of active will be false. |
Defined in OryHydra.API.OAuth2 applyOptionalParam :: OryHydraRequest IntrospectOAuth2Token contentType res accept -> Scope -> OryHydraRequest IntrospectOAuth2Token contentType res accept Source # (-&-) :: OryHydraRequest IntrospectOAuth2Token contentType res accept -> Scope -> OryHydraRequest IntrospectOAuth2Token contentType res accept Source # | |
Consumes IntrospectOAuth2Token MimeFormUrlEncoded Source # | application/x-www-form-urlencoded |
Defined in OryHydra.API.OAuth2 | |
Produces IntrospectOAuth2Token MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 |
listOAuth2Clients
listOAuth2Clients :: OryHydraRequest ListOAuth2Clients MimeNoContent [OAuth2Client] MimeJSON Source #
GET /admin/clients
List OAuth 2.0 Clients
This endpoint lists all clients in the database, and never returns client secrets. As a default it lists the first 100 clients.
data ListOAuth2Clients Source #
Instances
listOAuth2ConsentSessions
listOAuth2ConsentSessions Source #
:: Subject | "subject" - The subject to list the consent sessions for. |
-> OryHydraRequest ListOAuth2ConsentSessions MimeNoContent [OAuth2ConsentSession] MimeJSON |
GET /admin/oauth2/auth/sessions/consent
List OAuth 2.0 Consent Sessions of a Subject
This endpoint lists all subject's granted consent sessions, including client and granted scope. If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an empty JSON array with status code 200 OK.
data ListOAuth2ConsentSessions Source #
Instances
listTrustedOAuth2JwtGrantIssuers
listTrustedOAuth2JwtGrantIssuers :: OryHydraRequest ListTrustedOAuth2JwtGrantIssuers MimeNoContent [TrustedOAuth2JwtGrantIssuer] MimeJSON Source #
GET /admin/trust/grants/jwt-bearer/issuers
List Trusted OAuth2 JWT Bearer Grant Type Issuers
Use this endpoint to list all trusted JWT Bearer Grant Type Issuers.
data ListTrustedOAuth2JwtGrantIssuers Source #
Instances
oAuth2Authorize
oAuth2Authorize :: OryHydraRequest OAuth2Authorize MimeNoContent ErrorOAuth2 MimeJSON Source #
GET /oauth2/auth
OAuth 2.0 Authorize Endpoint
Use open source libraries to perform OAuth 2.0 and OpenID Connect available for any programming language. You can find a list of libraries at https://oauth.net/code/ The Ory SDK is not yet able to this endpoint properly.
data OAuth2Authorize Source #
Instances
Produces OAuth2Authorize MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 |
oauth2TokenExchange
:: Consumes Oauth2TokenExchange MimeFormUrlEncoded | |
=> GrantType | "grantType" |
-> OryHydraRequest Oauth2TokenExchange MimeFormUrlEncoded OAuth2TokenExchange MimeJSON |
POST /oauth2/token
The OAuth 2.0 Token Endpoint
Use open source libraries to perform OAuth 2.0 and OpenID Connect available for any programming language. You can find a list of libraries here https://oauth.net/code/ The Ory SDK is not yet able to this endpoint properly.
AuthMethod: AuthBasicBasic
, AuthOAuthOauth2
data Oauth2TokenExchange Source #
Instances
patchOAuth2Client
:: (Consumes PatchOAuth2Client MimeJSON, MimeRender MimeJSON JsonPatch2) | |
=> JsonPatch2 | "jsonPatch" - OAuth 2.0 Client JSON Patch Body |
-> Id | "id" - The id of the OAuth 2.0 Client. |
-> OryHydraRequest PatchOAuth2Client MimeJSON OAuth2Client MimeJSON |
PATCH /admin/clients/{id}
Patch OAuth 2.0 Client
Patch an existing OAuth 2.0 Client using JSON Patch. If you pass client_secret
the secret will be updated and returned via the API. This is the only time you will be able to retrieve the client secret, so write it down and keep it safe. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
data PatchOAuth2Client Source #
Instances
HasBodyParam PatchOAuth2Client JsonPatch2 Source # | Body Param JsonPatch - OAuth 2.0 Client JSON Patch Body |
Defined in OryHydra.API.OAuth2 setBodyParam :: (Consumes PatchOAuth2Client contentType, MimeRender contentType JsonPatch2) => OryHydraRequest PatchOAuth2Client contentType res accept -> JsonPatch2 -> OryHydraRequest PatchOAuth2Client contentType res accept Source # | |
Consumes PatchOAuth2Client MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 | |
Produces PatchOAuth2Client MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 |
rejectOAuth2ConsentRequest
rejectOAuth2ConsentRequest Source #
:: Consumes RejectOAuth2ConsentRequest MimeJSON | |
=> ConsentChallenge | "consentChallenge" - OAuth 2.0 Consent Request Challenge |
-> OryHydraRequest RejectOAuth2ConsentRequest MimeJSON OAuth2RedirectTo MimeJSON |
PUT /admin/oauth2/auth/requests/consent/reject
Reject OAuth 2.0 Consent Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell Ory now about it. If the subject authenticated, heshe must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject's behalf. The consent challenge is appended to the consent provider's URL to which the subject's user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted or rejected the request. This endpoint tells Ory that the subject has not authorized the OAuth 2.0 client to access resources on hisher behalf. The consent provider must include a reason why the consent was not granted. The response contains a redirect URL which the consent provider should redirect the user-agent to. The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please head over to the OAuth 2.0 documentation.
data RejectOAuth2ConsentRequest Source #
Instances
HasBodyParam RejectOAuth2ConsentRequest RejectOAuth2Request Source # | |
Defined in OryHydra.API.OAuth2 setBodyParam :: (Consumes RejectOAuth2ConsentRequest contentType, MimeRender contentType RejectOAuth2Request) => OryHydraRequest RejectOAuth2ConsentRequest contentType res accept -> RejectOAuth2Request -> OryHydraRequest RejectOAuth2ConsentRequest contentType res accept Source # | |
Consumes RejectOAuth2ConsentRequest MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 | |
Produces RejectOAuth2ConsentRequest MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 |
rejectOAuth2LoginRequest
rejectOAuth2LoginRequest Source #
:: Consumes RejectOAuth2LoginRequest MimeJSON | |
=> LoginChallenge | "loginChallenge" - OAuth 2.0 Login Request Challenge |
-> OryHydraRequest RejectOAuth2LoginRequest MimeJSON OAuth2RedirectTo MimeJSON |
PUT /admin/oauth2/auth/requests/login/reject
Reject OAuth 2.0 Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell the Ory OAuth2 Service about it. The authentication challenge is appended to the login provider URL to which the subject's user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. This endpoint tells Ory that the subject has not authenticated and includes a reason why the authentication was denied. The response contains a redirect URL which the login provider should redirect the user-agent to.
data RejectOAuth2LoginRequest Source #
Instances
HasBodyParam RejectOAuth2LoginRequest RejectOAuth2Request Source # | |
Defined in OryHydra.API.OAuth2 setBodyParam :: (Consumes RejectOAuth2LoginRequest contentType, MimeRender contentType RejectOAuth2Request) => OryHydraRequest RejectOAuth2LoginRequest contentType res accept -> RejectOAuth2Request -> OryHydraRequest RejectOAuth2LoginRequest contentType res accept Source # | |
Consumes RejectOAuth2LoginRequest MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 | |
Produces RejectOAuth2LoginRequest MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 |
rejectOAuth2LogoutRequest
rejectOAuth2LogoutRequest Source #
:: LogoutChallenge | "logoutChallenge" |
-> OryHydraRequest RejectOAuth2LogoutRequest MimeNoContent NoContent MimeNoContent |
PUT /admin/oauth2/auth/requests/logout/reject
Reject OAuth 2.0 Session Logout Request
When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this endpoint is used to deny that logout request. No HTTP request body is required. The response is empty as the logout provider has to chose what action to perform next.
data RejectOAuth2LogoutRequest Source #
Instances
revokeOAuth2ConsentSessions
revokeOAuth2ConsentSessions Source #
:: Subject | "subject" - OAuth 2.0 Consent Subject The subject whose consent sessions should be deleted. |
-> OryHydraRequest RevokeOAuth2ConsentSessions MimeNoContent NoContent MimeNoContent |
DELETE /admin/oauth2/auth/sessions/consent
Revoke OAuth 2.0 Consent Sessions of a Subject
This endpoint revokes a subject's granted consent sessions and invalidates all associated OAuth 2.0 Access Tokens. You may also only revoke sessions for a specific OAuth 2.0 Client ID.
data RevokeOAuth2ConsentSessions Source #
Instances
revokeOAuth2LoginSessions
revokeOAuth2LoginSessions Source #
:: Subject | "subject" - OAuth 2.0 Subject The subject to revoke authentication sessions for. |
-> OryHydraRequest RevokeOAuth2LoginSessions MimeNoContent NoContent MimeNoContent |
DELETE /admin/oauth2/auth/sessions/login
Revokes All OAuth 2.0 Login Sessions of a Subject
This endpoint invalidates a subject's authentication session. After revoking the authentication session, the subject has to re-authenticate at the Ory OAuth2 Provider. This endpoint does not invalidate any tokens and does not work with OpenID Connect Front- or Back-channel logout.
data RevokeOAuth2LoginSessions Source #
Instances
revokeOAuth2Token
:: Consumes RevokeOAuth2Token MimeFormUrlEncoded | |
=> Token | "token" |
-> OryHydraRequest RevokeOAuth2Token MimeFormUrlEncoded NoContent MimeNoContent |
POST /oauth2/revoke
Revoke OAuth 2.0 Access or Refresh Token
Revoking a token (both access and refresh) means that the tokens will be invalid. A revoked access token can no longer be used to make access requests, and a revoked refresh token can no longer be used to refresh an access token. Revoking a refresh token also invalidates the access token that was created with it. A token may only be revoked by the client the token was generated for.
AuthMethod: AuthBasicBasic
, AuthOAuthOauth2
data RevokeOAuth2Token Source #
Instances
HasOptionalParam RevokeOAuth2Token ClientId Source # | |
Defined in OryHydra.API.OAuth2 applyOptionalParam :: OryHydraRequest RevokeOAuth2Token contentType res accept -> ClientId -> OryHydraRequest RevokeOAuth2Token contentType res accept Source # (-&-) :: OryHydraRequest RevokeOAuth2Token contentType res accept -> ClientId -> OryHydraRequest RevokeOAuth2Token contentType res accept Source # | |
HasOptionalParam RevokeOAuth2Token ClientSecret Source # | |
Defined in OryHydra.API.OAuth2 applyOptionalParam :: OryHydraRequest RevokeOAuth2Token contentType res accept -> ClientSecret -> OryHydraRequest RevokeOAuth2Token contentType res accept Source # (-&-) :: OryHydraRequest RevokeOAuth2Token contentType res accept -> ClientSecret -> OryHydraRequest RevokeOAuth2Token contentType res accept Source # | |
Consumes RevokeOAuth2Token MimeFormUrlEncoded Source # | application/x-www-form-urlencoded |
Defined in OryHydra.API.OAuth2 | |
Produces RevokeOAuth2Token MimeNoContent Source # | |
Defined in OryHydra.API.OAuth2 |
setOAuth2Client
:: (Consumes SetOAuth2Client MimeJSON, MimeRender MimeJSON OAuth2Client) | |
=> OAuth2Client | "oAuth2Client" - OAuth 2.0 Client Request Body |
-> Id | "id" - OAuth 2.0 Client ID |
-> OryHydraRequest SetOAuth2Client MimeJSON OAuth2Client MimeJSON |
PUT /admin/clients/{id}
Set OAuth 2.0 Client
Replaces an existing OAuth 2.0 Client with the payload you send. If you pass client_secret
the secret is used, otherwise the existing secret is used. If set, the secret is echoed in the response. It is not possible to retrieve it later on. OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
data SetOAuth2Client Source #
Instances
HasBodyParam SetOAuth2Client OAuth2Client Source # | Body Param OAuth2Client - OAuth 2.0 Client Request Body |
Defined in OryHydra.API.OAuth2 setBodyParam :: (Consumes SetOAuth2Client contentType, MimeRender contentType OAuth2Client) => OryHydraRequest SetOAuth2Client contentType res accept -> OAuth2Client -> OryHydraRequest SetOAuth2Client contentType res accept Source # | |
Consumes SetOAuth2Client MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 | |
Produces SetOAuth2Client MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 |
setOAuth2ClientLifespans
setOAuth2ClientLifespans Source #
:: Consumes SetOAuth2ClientLifespans MimeJSON | |
=> Id | "id" - OAuth 2.0 Client ID |
-> OryHydraRequest SetOAuth2ClientLifespans MimeJSON OAuth2Client MimeJSON |
PUT /admin/clients/{id}/lifespans
Set OAuth2 Client Token Lifespans
Set lifespans of different token types issued for this OAuth 2.0 client. Does not modify other fields.
data SetOAuth2ClientLifespans Source #
Instances
HasBodyParam SetOAuth2ClientLifespans OAuth2ClientTokenLifespans Source # | |
Defined in OryHydra.API.OAuth2 setBodyParam :: (Consumes SetOAuth2ClientLifespans contentType, MimeRender contentType OAuth2ClientTokenLifespans) => OryHydraRequest SetOAuth2ClientLifespans contentType res accept -> OAuth2ClientTokenLifespans -> OryHydraRequest SetOAuth2ClientLifespans contentType res accept Source # | |
Consumes SetOAuth2ClientLifespans MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 | |
Produces SetOAuth2ClientLifespans MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 |
trustOAuth2JwtGrantIssuer0
trustOAuth2JwtGrantIssuer0 :: Consumes TrustOAuth2JwtGrantIssuer0 MimeJSON => OryHydraRequest TrustOAuth2JwtGrantIssuer0 MimeJSON TrustedOAuth2JwtGrantIssuer MimeJSON Source #
POST /admin/trust/grants/jwt-bearer/issuers
Trust OAuth2 JWT Bearer Grant Type Issuer
Use this endpoint to establish a trust relationship for a JWT issuer to perform JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants RFC7523.
data TrustOAuth2JwtGrantIssuer0 Source #
Instances
HasBodyParam TrustOAuth2JwtGrantIssuer0 TrustOAuth2JwtGrantIssuer Source # | |
Defined in OryHydra.API.OAuth2 setBodyParam :: (Consumes TrustOAuth2JwtGrantIssuer0 contentType, MimeRender contentType TrustOAuth2JwtGrantIssuer) => OryHydraRequest TrustOAuth2JwtGrantIssuer0 contentType res accept -> TrustOAuth2JwtGrantIssuer -> OryHydraRequest TrustOAuth2JwtGrantIssuer0 contentType res accept Source # | |
Consumes TrustOAuth2JwtGrantIssuer0 MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 | |
Produces TrustOAuth2JwtGrantIssuer0 MimeJSON Source # | application/json |
Defined in OryHydra.API.OAuth2 |