OIDC Dynamic Clients- Update a client
To update a client, issue a HTTP PUT to the clients management endpoint.
About this task
When you are updating a dynamic client, the client must authenticate as the OAuth client or the owner of the OAuth client. The following attributes in the payload are ignored when you are updating a dynamic client:
- client_id
- owner_username
- registration_access_token
Any user or administrator provided values in the client metadata that are not presented in the update request is removed from the client metadata.
If the client has a secret, the client_secret must be presented and match the current secret.
When an update occurs, a new client secret and registration_access_token are issued to the client.
Example of updating a dynamic client:
$ curl https://www.myidp.ibm.com/mga/sps/oauth/oauth20/register/testDef?
client_id=VWM3W8zxlagRrgsnmFGd -H "Accept:application/json" -H "content-type: application/json" -d
'{
"client_id": "VWM3W8zxlagRrgsnmFGd",
"client_secret":"as9r83nfo312o",
"client_name": "A dynamic client",
"grant_types": [
"authorization_code"
],
"redirect_uris": [
"https://myapp.com"
], "new_property": "new_value",
"company_name": "ORG"
}' -X PUT -H "Authorization: Bearer registrationAccessToken"
HTTP/1.1 200 OK
Content-Type: application/json
{
"registration_client_uri": "https://www.myidp.ibm.com/mga/sps/oauth/oauth20/register/testDef?
client_id=VWM3W8zxlagRrgsnmFGd",
"registration_access_token": "newRegistrationAccessToken",
"client_id": "VWM3W8zxlagRrgsnmFGd",
"client_id_issued_at": 1537328443,
"client_name": "A dynamic client",
"client_secret": "newClientSecret",
"grant_types": [
"authorization_code"
],
"redirect_uris": [
"https://myapp.com"
],
"new_property": "new_value",
"company_name": "ORG"
}Update the HTTP-transformation configuration stanza to accept requests from the dynamic client with the format, https://www.myidp.ibm.com/mga/sps/oauth/oauth20/register/OIDCDefinition/{clientId}. See OIDC Dynamic Client - Updating URL format.