OidcClientInput
Input type for creating a new OIDC client.
input OidcClientInput {
allowAnyPartner: Boolean
applicationType: OidcApplicationType
backgroundColor: String
backgroundImage: URL
clientSecret: String
clientType: OidcClientType!
credentialTypes: [String!]
logo: URL
name: String!
partnerIds: [ID!]
policyUrl: URL
postLogoutUris: [URL!]!
redirectUris: [URL!]!
requireFaceCheck: Boolean
termsOfServiceUrl: URL
uniqueClaimsForSubjectId: [String!]
}
Fields
OidcClientInput.allowAnyPartner ● Boolean scalar
Indicates whether the client allows presentations of credentials from any configured partner.
OidcClientInput.applicationType ● OidcApplicationType enum
The type of OIDC application, web is the default.
OidcClientInput.backgroundColor ● String scalar
The background color, to be displayed during auth interactions, in hexadecimal format.
OidcClientInput.backgroundImage ● URL scalar
The URL of the background image to be displayed during auth interactions, can be an image encoded as a data URL.
OidcClientInput.clientSecret ● String scalar
The client secret, only applicable to confidential clients. Optional for update operations (existing secret will be retained when not provided).
OidcClientInput.clientType ● OidcClientType! non-null enum
The type of OIDC client.
OidcClientInput.credentialTypes ● [String!] list scalar
The types of credentials that can be presented for authentication with this client.
Note:
- If not specified, any credential type can be presented.
- The client can specify the credential type to use for authentication via the
vc_typeauth request parameter. - If values are defined here and the
vc_typeauth request parameter is provided, it is validated to be from this list.
OidcClientInput.logo ● URL scalar
The URL of the client logo to be displayed during auth interactions, can be an image encoded as a data URL.
OidcClientInput.name ● String! non-null scalar
The name of the client.
OidcClientInput.partnerIds ● [ID!] list scalar
The IDs of the partners that the client allows presentations of credentials from.
OidcClientInput.policyUrl ● URL scalar
The URL of a privacy policy for the client, displayed during auth interactions.
OidcClientInput.postLogoutUris ● [URL!]! non-null scalar
The post-logout URIs that the client is allowed to use.
OidcClientInput.redirectUris ● [URL!]! non-null scalar
The redirect URIs that the client is allowed to use.
OidcClientInput.requireFaceCheck ● Boolean scalar
Indicates this client must use face check with every authentication presentation.
OidcClientInput.termsOfServiceUrl ● URL scalar
The URL of the terms of service for the client, displayed during auth interactions.
OidcClientInput.uniqueClaimsForSubjectId ● [String!] list scalar
The unique claim(s) which can be used to derive the subject identifier (sub claim value) from partner credentials (where no unique claim value is known).
Note:
- This is not needed for authentication using Verified Orchestration credentials, the issuanceId claim is used.
- The authentication client also can specify the claim to use via the
vc_unique_claim_for_subauth request parameter. - Multiple values can be specified here, if not specified via the client
vc_unique_claim_for_subauth request parameter, the first claim that is present in the partner presentation will be used. - If values are defined here and the
vc_unique_claim_for_subauth request parameter is provided, it is validated to be from this list.
Member Of
createOidcClient mutation ● updateOidcClient mutation