OIDC Dynamic Clients- Update a client
To update a client, issue a HTTP PUT to the clients management endpoint. When we are updating a dynamic client, the client must authenticate as the OAuth client or the owner of the OAuth client. The following attributes in the payload are ignored when we are updating a dynamic client:
- client_id
- client_id_issued_at
- registration_client_uri
- owner_username
- registration_access_token
Any user or administrator provided values in the client metadata that are not presented in the update request is removed from the client metadata.
If the client has a secret, the client_secret must be presented and match the current secret.
When an update occurs, a new client secret and registration_access_token are issued to the client. Example of updating a dynamic client:
$ curl https://www.myidp.ibm.com/mga/sps/oauth/oauth20/register/testDef? client_id=VWM3W8zxlagRrgsnmFGd -H "Accept:application/json" -H "content-type: application/json" -d '{ "registration_client_uri": "https://www.myidp.ibm.com/mga/sps/oauth/oauth20/register/testDef?client_id=VWM3W8zxlagRrgsnmFGd", "client_id": "VWM3W8zxlagRrgsnmFGd", "client_secret":"as9r83nfo312o", "client_id_issued_at": 1537328443, "client_name": "A dynamic client", "grant_types": [ "authorization_code" ], "redirect_uris": [ "https://myapp.com" ], "new_property": "new_value", "company_name": "ORG" }' -X PUT -H "Authorization: Bearer registrationAccessToken" HTTP/1.1 200 OK Content-Type: application/json { "registration_client_uri": "https://www.myidp.ibm.com/mga/sps/oauth/oauth20/register/testDef? client_id=VWM3W8zxlagRrgsnmFGd", "registration_access_token": "newRegistrationAccessToken", "client_id": "VWM3W8zxlagRrgsnmFGd", "client_id_issued_at": 1537328443, "client_name": "A dynamic client", "client_secret": "newClientSecret", "grant_types": [ "authorization_code" ], "redirect_uris": [ "https://myapp.com" ], "new_property": "new_value", "company_name": "ORG" }
Parent topic: OIDC Dynamic Clients