Smile CDR v2024.05.PRE
On this page:

35.8.1OpenID Connect Servers Endpoint

 

The OpenID Connect Servers Endpoint can be used to create, read, and update server definitions that are stored in Smile CDR.

35.8.2Fetch All OpenID Connect Server Definitions

 
This method requires the OPENID_CONNECT_VIEW_SERVER_LIST permission.

This method will fetch all servers stored in the system.


Request:

GET http://localhost:9000/openid-connect-servers/

You may also add the following URL parameters:

  • pageIndex=[index] – The index of the page to return to the user (0 is the first page)
  • pageSize=[size] – The size of the page to return to the user (e.g. 100)

Response:

This operation returns a JSON document object of type OAuth2Servers. This object will then contain individual definitions of the type OAuth2Server.

Note that server secrets are not included in response objects.

Example:

{
  "servers" : [ {
    "pid" : 1,
    "nodeId" : "Master",
    "moduleId" : "smart_inbound",
    "issuer" : "http://example.com",
    "name" : "FOO Issuer",
    "validationJwkFile" : "classpath:mykeyset.jwks"
  } ],
  "pageIndex" : 0,
  "totalPages" : 1
}

35.8.3Find OpenID Connect Server Definition

 
This method requires the OPENID_CONNECT_VIEW_SERVER_LIST permission.

This method will fetch a single server stored in the system.


Request:

GET http://localhost:9000/openid-connect-servers/[node_id]/[module_id]?issuer_url=[issuer URL]

Note that the node_id and module_id refer to the master node and module IDs for the SMART Inbound Security module that contains the server definition. The issuer_url is the specific issuer that is being searched for.

Response:

This operation returns a JSON document object of type OAuth2Server.

Note that server secrets are not included in response objects.

35.8.4Create OpenID Connect Server Definition

 
This method requires the OPENID_CONNECT_ADD_SERVER permission.

This method will create a new server definition.


Request:

POST http://localhost:9000/openid-connect-servers/[node_id]/[module_id]

Note that the node_id and module_id refer to the master node and module IDs for the SMART Inbound Security module that contains the server definition.

Example:

{
   "nodeId" : "Master",
   "moduleId" : "smart_inbound",
   "name" : "FOO Issuer",
   "issuer" : "http://example.com",
   "validationJwkFile" : "classpath:mykeyset.jwks"
}

Response:

This operation returns a JSON document object of type OAuth2Server. This document contains the same definition that was supplied in the server request.

35.8.5Update OpenID Connect Server Definition

 
This method requires the OPENID_CONNECT_EDIT_SERVER permission.

This method update an existing server definition.


Request:

POST http://localhost:9000/openid-connect-servers/[node_id]/[module_id]/[pid]

Note that the node_id and module_id refer to the master node and module IDs for the SMART Inbound Security module that contains the server definition, and the pid refers to the Persistent ID of the server definition (this is a number that can be obtained by fetching the definition).

Example:

{
   "nodeId" : "Master",
   "moduleId" : "smart_inbound",
   "issuer" : "http://example.com",
   "name" : "FOO Issuer",
   "validationJwkFile" : "classpath:mykeyset.jwks"
}

Response:

This operation returns a JSON document object of type OAuth2Server. This document contains the same definition that was supplied in the server request.

Note that server secrets are not included in response objects.