OAuth Clients

List OAuth Clients

iam.oauth_clients.list() -> SyncSinglePage[OAuthClientListResponse]

GET/accounts/{account_id}/oauth_clients

OAuth Client Details

iam.oauth_clients.get(, ) -> OAuthClientGetResponse

GET/accounts/{account_id}/oauth_clients/{oauth_client_id}

Create OAuth Client

iam.oauth_clients.create() -> OAuthClientCreateResponse

POST/accounts/{account_id}/oauth_clients

Update OAuth Client

iam.oauth_clients.update(, ) -> OAuthClientUpdateResponse

PATCH/accounts/{account_id}/oauth_clients/{oauth_client_id}

Delete OAuth Client

iam.oauth_clients.delete(, ) -> OAuthClientDeleteResponse

DELETE/accounts/{account_id}/oauth_clients/{oauth_client_id}

Rotate OAuth Client Secret

iam.oauth_clients.rotate_secret(, ) -> OAuthClientRotateSecretResponse

POST/accounts/{account_id}/oauth_clients/{oauth_client_id}/rotate_secret

Delete Rotated OAuth Client Secret

iam.oauth_clients.delete_rotated_secret(, ) -> OAuthClientDeleteRotatedSecretResponse

DELETE/accounts/{account_id}/oauth_clients/{oauth_client_id}/rotate_secret

ModelsExpand Collapse

class OAuthClientListResponse: …

Fields shared by OAuth client responses and create/update requests.

client_id: str

The unique identifier for an OAuth client.

visibility: Literal["public", "private"]

Visibility of the OAuth client.

One of the following:

"public"

"private"

allowed_cors_origins: Optional[List[str]]

Array of allowed CORS origins.

client_name: Optional[str]

Human-readable name of the OAuth client.

client_uri: Optional[str]

URL of the home page of the client.

client_uri_verification: Optional[ClientURIVerification]

Client URI domain control verification state.

status: Optional[Literal["pending", "in_progress", "verified", "failed"]]

Current verification status for the client URI host.

One of the following:

"pending"

"in_progress"

"verified"

"failed"

text: Optional[str]

Exact TXT record value that must be added to DNS to prove ownership of the client URI host.

created_at: Optional[datetime]

Timestamp when the OAuth client was created.

formatdate-time

grant_types: Optional[List[Literal["authorization_code", "refresh_token"]]]

Array of OAuth grant types the client is allowed to use. authorization_code is required; refresh_token may be included optionally.

One of the following:

"authorization_code"

"refresh_token"

has_rotated_secret: Optional[bool]

Indicates whether the client has a rotated secret that has not yet been deleted.

logo_uri: Optional[str]

URL of the client’s logo.

policy_uri: Optional[str]

URL that points to a privacy policy document.

post_logout_redirect_uris: Optional[List[str]]

Array of allowed post-logout redirect URIs.

promoted_at: Optional[datetime]

Timestamp when the OAuth client was promoted to public visibility.

formatdate-time

redirect_uris: Optional[List[str]]

Array of allowed redirect URIs for the client.

response_types: Optional[List[Literal["token", "id_token", "code"]]]

Array of OAuth response types the client is allowed to use.

One of the following:

"token"

"id_token"

"code"

scopes: Optional[List[str]]

Array of OAuth scopes the client is allowed to request. Colon-delimited scopes are not accepted. Dot-delimited scopes are validated against available OAuth API scopes; simple identity scopes are allowed. Protocol scopes offline_access and openid are added or removed automatically based on grant_types and response_types.

token_endpoint_auth_method: Optional[Literal["none", "client_secret_basic", "client_secret_post"]]

The authentication method the client uses at the token endpoint.

One of the following:

"none"

"client_secret_basic"

"client_secret_post"

tos_uri: Optional[str]

URL that points to a terms of service document.

updated_at: Optional[datetime]

Timestamp when the OAuth client was last updated.

formatdate-time

class OAuthClientGetResponse: …

Fields shared by OAuth client responses and create/update requests.

client_id: str

The unique identifier for an OAuth client.

visibility: Literal["public", "private"]

Visibility of the OAuth client.

One of the following:

"public"

"private"

allowed_cors_origins: Optional[List[str]]

Array of allowed CORS origins.

client_name: Optional[str]

Human-readable name of the OAuth client.

client_uri: Optional[str]

URL of the home page of the client.

client_uri_verification: Optional[ClientURIVerification]

Client URI domain control verification state.

status: Optional[Literal["pending", "in_progress", "verified", "failed"]]

Current verification status for the client URI host.

One of the following:

"pending"

"in_progress"

"verified"

"failed"

text: Optional[str]

Exact TXT record value that must be added to DNS to prove ownership of the client URI host.

created_at: Optional[datetime]

Timestamp when the OAuth client was created.

formatdate-time

grant_types: Optional[List[Literal["authorization_code", "refresh_token"]]]

Array of OAuth grant types the client is allowed to use. authorization_code is required; refresh_token may be included optionally.

One of the following:

"authorization_code"

"refresh_token"

has_rotated_secret: Optional[bool]

Indicates whether the client has a rotated secret that has not yet been deleted.

logo_uri: Optional[str]

URL of the client’s logo.

policy_uri: Optional[str]

URL that points to a privacy policy document.

post_logout_redirect_uris: Optional[List[str]]

Array of allowed post-logout redirect URIs.

promoted_at: Optional[datetime]

Timestamp when the OAuth client was promoted to public visibility.

formatdate-time

redirect_uris: Optional[List[str]]

Array of allowed redirect URIs for the client.

response_types: Optional[List[Literal["token", "id_token", "code"]]]

Array of OAuth response types the client is allowed to use.

One of the following:

"token"

"id_token"

"code"

scopes: Optional[List[str]]

token_endpoint_auth_method: Optional[Literal["none", "client_secret_basic", "client_secret_post"]]

The authentication method the client uses at the token endpoint.

One of the following:

"none"

"client_secret_basic"

"client_secret_post"

tos_uri: Optional[str]

URL that points to a terms of service document.

updated_at: Optional[datetime]

Timestamp when the OAuth client was last updated.

formatdate-time

class OAuthClientCreateResponse: …

Fields shared by OAuth client responses and create/update requests.

client_id: str

The unique identifier for an OAuth client.

visibility: Literal["public", "private"]

Visibility of the OAuth client.

One of the following:

"public"

"private"

allowed_cors_origins: Optional[List[str]]

Array of allowed CORS origins.

client_name: Optional[str]

Human-readable name of the OAuth client.

client_secret: Optional[str]

The client secret. This is the only time the secret is returned in a response.

client_uri: Optional[str]

URL of the home page of the client.

client_uri_verification: Optional[ClientURIVerification]

Client URI domain control verification state.

status: Optional[Literal["pending", "in_progress", "verified", "failed"]]

Current verification status for the client URI host.

One of the following:

"pending"

"in_progress"

"verified"

"failed"

text: Optional[str]

Exact TXT record value that must be added to DNS to prove ownership of the client URI host.

created_at: Optional[datetime]

Timestamp when the OAuth client was created.

formatdate-time

grant_types: Optional[List[Literal["authorization_code", "refresh_token"]]]

Array of OAuth grant types the client is allowed to use. authorization_code is required; refresh_token may be included optionally.

One of the following:

"authorization_code"

"refresh_token"

has_rotated_secret: Optional[bool]

Indicates whether the client has a rotated secret that has not yet been deleted.

logo_uri: Optional[str]

URL of the client’s logo.

policy_uri: Optional[str]

URL that points to a privacy policy document.

post_logout_redirect_uris: Optional[List[str]]

Array of allowed post-logout redirect URIs.

promoted_at: Optional[datetime]

Timestamp when the OAuth client was promoted to public visibility.

formatdate-time

redirect_uris: Optional[List[str]]

Array of allowed redirect URIs for the client.

response_types: Optional[List[Literal["token", "id_token", "code"]]]

Array of OAuth response types the client is allowed to use.

One of the following:

"token"

"id_token"

"code"

scopes: Optional[List[str]]

token_endpoint_auth_method: Optional[Literal["none", "client_secret_basic", "client_secret_post"]]

The authentication method the client uses at the token endpoint.

One of the following:

"none"

"client_secret_basic"

"client_secret_post"

tos_uri: Optional[str]

URL that points to a terms of service document.

updated_at: Optional[datetime]

Timestamp when the OAuth client was last updated.

formatdate-time

class OAuthClientUpdateResponse: …

Fields shared by OAuth client responses and create/update requests.

client_id: str

The unique identifier for an OAuth client.

visibility: Literal["public", "private"]

Visibility of the OAuth client.

One of the following:

"public"

"private"

allowed_cors_origins: Optional[List[str]]

Array of allowed CORS origins.

client_name: Optional[str]

Human-readable name of the OAuth client.

client_uri: Optional[str]

URL of the home page of the client.

client_uri_verification: Optional[ClientURIVerification]

Client URI domain control verification state.

status: Optional[Literal["pending", "in_progress", "verified", "failed"]]

Current verification status for the client URI host.

One of the following:

"pending"

"in_progress"

"verified"

"failed"

text: Optional[str]

Exact TXT record value that must be added to DNS to prove ownership of the client URI host.

created_at: Optional[datetime]

Timestamp when the OAuth client was created.

formatdate-time

grant_types: Optional[List[Literal["authorization_code", "refresh_token"]]]

Array of OAuth grant types the client is allowed to use. authorization_code is required; refresh_token may be included optionally.

One of the following:

"authorization_code"

"refresh_token"

has_rotated_secret: Optional[bool]

Indicates whether the client has a rotated secret that has not yet been deleted.

logo_uri: Optional[str]

URL of the client’s logo.

policy_uri: Optional[str]

URL that points to a privacy policy document.

post_logout_redirect_uris: Optional[List[str]]

Array of allowed post-logout redirect URIs.

promoted_at: Optional[datetime]

Timestamp when the OAuth client was promoted to public visibility.

formatdate-time

redirect_uris: Optional[List[str]]

Array of allowed redirect URIs for the client.

response_types: Optional[List[Literal["token", "id_token", "code"]]]

Array of OAuth response types the client is allowed to use.

One of the following:

"token"

"id_token"

"code"

scopes: Optional[List[str]]

token_endpoint_auth_method: Optional[Literal["none", "client_secret_basic", "client_secret_post"]]

The authentication method the client uses at the token endpoint.

One of the following:

"none"

"client_secret_basic"

"client_secret_post"

tos_uri: Optional[str]

URL that points to a terms of service document.

updated_at: Optional[datetime]

Timestamp when the OAuth client was last updated.

formatdate-time

class OAuthClientDeleteResponse: …

id: str

Identifier

maxLength32

minLength32

class OAuthClientRotateSecretResponse: …

client_secret: Optional[str]

The new client secret.

class OAuthClientDeleteRotatedSecretResponse: …

id: str

Identifier

maxLength32

minLength32