/v1/domain/{domain}/client
A client is an application that either authenticates or that acts on behalf of a user.
Manage clients via the /v1/domain/{domain}/client endpoint.
Prerequisites:
GET /v1/domain/{domain}/client
Gets a list of clients registered under the domain specified in the url.
curl -X 'GET' \
'https://api.entrypage.io/v1/domain/your-domain-here/client' \
-H 'accept: text/plain' \
-H 'x-api-key: your-api-key-here'Responses
Response: 200 - OK
[
{
"clientId": "string"
},
{
"clientId": "string"
}
]Response: 401 - Unauthorized
PUT /v1/domain/{domain}/client/{client-id}
Provisions or updates a client. This is an idempotent endpoint that will configure the client to the state that is defined in the request body
curl -X 'PUT' \
'https://api.entrypage.io/v1/domain/your-domain-here/client/your-client-here' \
-H 'accept: text/plain' \
-H 'x-api-key: your-api-key-here' \
-d '{
"clientType": "Public",
"grantType": "AuthorizationCode",
"scope": "string",
"audiences": [
"string"
],
"redirectUris": [
"string"
],
"postSignOutRedirectUris": [
"string"
],
"allowLocalLogin": true,
"providers": [
"string"
],
"policies": [
"string"
],
"allowedOrigins": [
"string"
],
"accessTokenExpiry": 0,
"idTokenExpiry": 0,
"refreshTokenExpiry": 0
}'Parameters
| Name | Type | Values |
|---|---|---|
| grantType | enum | AuthorizationCode, ClientCredentials |
| clientType | enum | Public, Confidential |
| scope | space seperated string | any |
| audiences | array | a number of client ids that are the intended recipient of the tokens requested by the client |
| redirect_uris | array | A number of uris that may be used to redirect to after authentication. Must be URIs in the HTTPS schema or localhost. URI is used to convey information such as authorization codes or errors. As such, redirect URIs may not have query strings or framgements. |
| postSignOutRedirectUris | array | A number of uris that may be used to redirect to after ending the session at the authorization server. Must be URIs in the HTTPS schema or localhost. URI is used to convey information such as errors. As such, redirect URIs may not have query strings or framgements. |
| allowLocalLogin | boolean | true, false, null |
| providers | array | a list of authorities used for federated authentication |
| policies | array | a list of policy ids that the client must verify before granting access |
| accessTokenExpiry | int | The number of minutes an access token is valid. Defaults to 90. |
| idTokenExpiry | int | The number of minutes an id token is valid. Defaults to 90. |
| refreshTokenExpiry | int | The number of minutes a refresh token is valid. Defaults to 1440. |
Responses
Response: 200 - Ok
{
"clientSecret": "*********"
}Response: 400 - Bad Request
Response: 401 - Unauthorized
Response: 409 - Conflict
DELETE /v1/domain/{domain}/client/{client-id}
Deleting a client is irreversible.
Make sure the client is not being used before removing it.
The application that uses this client will immediately stop working. All users that authenticate to this application will not be able to access the application anymore.
curl -X 'DELETE' \
'https://api.entrypage.io/v1/domain/your-domain-here/client/your-client-id-here' \
-H 'accept: */*' \
-H 'x-api-key: your-api-key-here'Responses
Response: 204 - No Content
Response: 401 - Unauthorized
API Documentation (Swagger)
The Entrypage API is hosted at api.entrypage.io, offering documentation to help you get started quickly:
Swagger UI:
Use our interactive interface to browse endpoints, understand parameters, and even make live API calls directly from your browser.
OpenAPI Specification:
Download the latest up-to-date OpenAPI Spec (formerly Swagger Spec) for full programmatic access and integration with your development tools.