This repository has been archived by the owner on Apr 15, 2024. It is now read-only.
forked from ory/hydra
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathapi-spec.yaml.bak
160 lines (154 loc) · 5.97 KB
/
api-spec.yaml.bak
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
# this is an example of the Uber API
# as a demonstration of an API spec in YAML
swagger: '2.0'
info:
title: Hydra API
description: >
An open source OAuth2 and OpenID Connect server for new and existing infrastructures. Visit [**Hydra on GitHub**](https://github.com/ory-am/hydra) or read the [**guide**](https://ory-am.gitbooks.io/hydra/content/index.html).
version: "0.7.0"
# array of all schemes that your API supports
schemes:
- https
- http
# will be prefixed to all paths
basePath: /
produces:
- application/json
paths:
/clients:
get:
description: "Get all OAuth2 Clients."
responses:
200:
description: "List of OAuth2 Clients."
schema:
type: array
items:
$ref: "#/definitions/OAuth2 Client"
401:
description: "Unauthorized"
403:
description: "Forbidden"
post:
description: "Create a OAuth2 Client."
responses:
200:
description: "The created OAuth2 Client."
schema:
$ref: "#/definitions/OAuth2 Client"
401:
description: "Unauthorized"
403:
description: "Forbidden"
/clients/{id}:
parameters:
- name: "id"
in: path
description: "The unique ID of the OAuth2 Client."
required: true
type: string
get:
description: "Get an OAuth2 Client."
responses:
200:
description: OK
schema:
$ref: "#/definitions/OAuth2 Client"
404:
description: "Not found"
401:
description: "Unauthorized"
403:
description: "Forbidden"
put:
description: "Update an OAuth2 Client."
responses:
200:
description: OK
schema:
$ref: "#/definitions/OAuth2 Client"
401:
description: "Unauthorized"
403:
description: "Forbidden"
delete:
description: Delete an OAuth2 Client.
responses:
204:
description: OK
schema:
$ref: "#/definitions/OAuth2 Client"
401:
description: "Unauthorized"
403:
description: "Forbidden"
definitions:
"OAuth2 Client":
type: object
properties:
id:
type: string
description: A unique identitfier which is generated randomly if no id is provided.
client_name:
type: string
description: Human-readable string name of the client to be presented to the end-user during authorization.
client_secret:
type: string
description: "The secret to authenticate the client with. If no secret is provided, a random one will be generated and returned once in the client creation response. If a secret is provided it will never be included in the response. There is no way to recover a lost secret."
redirect_uris:
type: array
items:
type: string
description: "Array of redirection URI strings for use in redirect-based flows such as the authorization code and implicit flows. As required by Section 2 of OAuth 2.0 [RFC6749], clients using flows with redirection MUST register their redirection URI value."
grant_types:
type: array
items:
type: string
description: >
Array of OAuth 2.0 grant type strings that the client can use at the token endpoint. These grant types are defined as follows:
* `authorization_code`: The authorization code grant type defined in OAuth 2.0, Section 4.1.
* `implicit`: The implicit grant type defined in OAuth 2.0, Section 4.2.
* `client_credentials`: The client credentials grant type defined in OAuth 2.0, Section 4.4.
* `refresh_token`: The refresh token grant type defined in OAuth 2.0, Section 6.
response_types:
type: array
items:
type: string
description: >
Array of the OAuth 2.0 response type strings that the client can use at the authorization endpoint. These response types are defined as follows:
* `code`: The authorization code response type defined in OAuth 2.0, Section 4.1.
* `token`: The implicit response type defined in OAuth 2.0, Section 4.2.
scope:
type: array
items:
type: string
description: "An array of scopes that the client will be allowed to used."
policy_uri:
type: string
description: "URL string that points to a human-readable privacy policy document that describes how the deployment organization collects, uses, retains, and discloses personal data."
tos_uri:
type: string
description: "URL string that points to a human-readable terms of service document for the client that describes a contractual relationship between the end-user and the client that the end-user accepts when authorizing the client."
client_uri:
type: string
description: "URL string of a web page providing information about the client. If present, the server SHOULD display this URL to the end-user in a clickable fashion."
logo_uri:
type: string
description: URL string that references a logo for the client. If present, the server SHOULD display this image to the end-user during approval.
contacts:
type: array
items:
type: string
description: Array of strings representing ways to contact people responsible for this client, typically email addresses
public:
type: boolean
description: Set public to true to disable the client secret and allow the client to perform certain OAuth2 flows without a secret. If public is true, the client will not be able to perform the client_credentials grant.
owner:
type: string
description: An arbitrary string that identifies the owner. For example, this could be the owner's user id.
"JSON Web Key Set":
type: object
"JSON Web Key":
type: object
"Access Control Policy":
type: object