GET /api/apps/versions/{AppVersionID}/oauthprofile/choices

Returns information about the choices available for a specific app, for the app's OAuth Profile. These are the options that are available for the app developer to choose from.

This operation looks at all OAuth providers that are configured, including the platform's OAuth Provider and any PingFederate or external OAuth provider domains that are configured, and returns a summary of all available choices, to be displayed on the App OAuth Profile page in the Community Manager developer portal.

Authorization Roles/Permissions: App team member, Business Admin, Site Admin

This topic includes the following sections:

HTTP Method

GET

URL

https://{hostname}/api/apps/versions/{AppVersionID}/oauthprofile/choices

Sample Request

The examples below show requests for app OAuth profile choices.

Request URL #1

Requests all properties.

https://{hostname}/api/apps/versions/7mUCQU4xmU18TKMMbjqauA2k.acmepaymentscorp/oauthprofile/choices

Request URL #2

Uses the optional OAuthClientProperty parameter to request two specific properties.

https://{hostname}/api/apps/versions/7mUCQU4xmU18TKMMbjqauA2k.acmepaymentscorp/oauthprofile/choices?OAuthClientProperty=grant_types_supported&OAuthClientProperty=id_token_signing_alg_values_supported

Sample request headers

GET /api/apps/versions/6NGw7XEtXYy8KZwF7EOxvT2V.acmepaymentscorp/oauthprofile/choices HTTP/1.1
Host: {hostname}
Accept: application/json

Sample request body

Not applicable.

Request Headers

For general information on request header values, refer to HTTP Request Headers.

Header Description
Accept application/json, application/vnd.soa.v72+json, application/vnd.soa.v80+json, application/vnd.soa.v81+json
Cookie AtmoAuthToken_{fedmemberid}={cookie value, which usually starts with TokenID}—The platform cookie. This is the Akana API Platform authorization token, and must be sent with every API request that requires login. For more information and an example, see Session cookies.
X-Csrf-Token_{fedmemberID} The CSRF prevention header; may or may not be required, depending on platform settings. See CSRF Prevention on the Platform. By default, the CSRF header is not required for GET operations and is required for all others, with a few exceptions relating to user login.

Request Parameters

Parameter Parm Type Data Type Required Description
AppVersionID Path string Required The unique ID for a specific app version.
OAuthClientProperty Query string Optional Specific OAuth client properties. For multiple properties, include multiple parameters with one property for each.

Response

If successful, this operation returns HTTP status code 200, with the available properties for the specified app version's OAuth profile.

Sample Response

The sample response below shows successful completion of this operation. This example returns all properties (response to sample request #1)

Sample response headers: application/json

Status Code: 200 OK
Content-Type: application/json
Date: TThu, 21 Jun 2018 22:17:23 GMT

Sample response body: application/json

{
    "oidc10_supported": true,
    "id_token_encryption_alg_values_supported": [
        "A256GCMKW",
        "dir"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:jwt-bearer",
        "urn:ietf:params:oauth:grant-type:saml2-bearer"
    ],
    "id_token_signing_alg_values_supported": [
        "PS384",
        "PS512"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "isAdmin": true,
    "scopes_supported": [
        "address",
        "edit",
        "phone",
        "openid",
        "profile",
        "name",
        "admin",
        "email"
    ],
    "id_token_encryption_enc_values_supported": [
        "A192GCM",
        "A256GCM"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ]
}

Response Headers

For general information on response header values, refer to HTTP Response Headers.

Header Description
Content-Type application/json, application/vnd.soa.v72+json, application/vnd.soa.v80+json, application/vnd.soa.v81+json

Response Body

The response is a JSON object, dynamically constructed based on the properties available in the platform instance. Possible properties are described below.

Name Type Description
oidc10_supported Boolean Indicates whether OpenID Connect is supported.
id_token_encryption_alg_values_supported string[ ] Indicates the ID token encryption key management algorithms that are supported.
grant_types_supported string[ ] Indicates the OAuth grant types/extension grant types that are supported.
id_token_signing_alg_values_supported string[ ] Indicates the ID token signing algorithms that are supported.
token_endpoint_auth_methods_supported string[ ] Indicates the authentication methods supported.
isAdmin string Indicates whether the user running the operation is an Administrator. A subset of properties is sent if the user is not an Administrator.
scopes_supported string[ ] Indicates that only the specified scopes are supported for the app.
id_token_encryption_enc_values_supported string[ ] Indicates the ID token content encryption algorithms that are supported.
response_types string[ ] Indicates that only the specified response types are supported for the app.
access_token_types_supported Boolean Indicates the access token types that are supported.

Error Codes/Messages

If the call is unsuccessful an error code/message is returned. One or more examples of possible errors for this operation are shown below.

Item Value
401 Unauthorized. For example, you would get this response if you didn't include the custom X-Csrf-Token_{fedmemberID} header in the request, when it was required by the platform settings; or if you included an invalid or expired value for this header. You would also get this response for any operation that requires login (almost all) if the login cookie was missing.
500 An error occurred processing the call.

More information about Akana API Platform API error messages.