Enum RegisterRequestParam

    • Enum Constant Detail

      • REDIRECT_URIS

        public static final RegisterRequestParam REDIRECT_URIS
        Array of redirect URIs values used in the Authorization Code and Implicit grant types. One of the these registered redirect URI values must match the Scheme, Host, and Path segments of the redirect_uri parameter value used in each Authorization Request.
      • CLAIMS_REDIRECT_URIS

        public static final RegisterRequestParam CLAIMS_REDIRECT_URIS
        UMA2 : Array of The Claims Redirect URIs to which the client wishes the authorization server to direct the requesting party's user agent after completing its interaction. The URI MUST be absolute, MAY contain an application/x-www-form-urlencoded-formatted query parameter component that MUST be retained when adding additional parameters, and MUST NOT contain a fragment component. The client SHOULD pre-register its claims_redirect_uri with the authorization server, and the authorization server SHOULD require all clients to pre-register their claims redirection endpoints. Claims redirection URIs are different from the redirection URIs defined in [RFC6749] in that they are intended for the exclusive use of requesting parties and not resource owners. Therefore, authorization servers MUST NOT redirect requesting parties to pre-registered redirection URIs defined in [RFC6749] unless such URIs are also pre-registered specifically as claims redirection URIs. If the URI is pre-registered, this URI MUST exactly match one of the pre-registered claims redirection URIs, with the matching performed as described in Section 6.2.1 of [RFC3986] (Simple String Comparison).
      • RESPONSE_TYPES

        public static final RegisterRequestParam RESPONSE_TYPES
        JSON array containing a list of the OAuth 2.0 response_type values that the Client is declaring that it will restrict itself to using. If omitted, the default is that the Client will use only the code response type.
      • GRANT_TYPES

        public static final RegisterRequestParam GRANT_TYPES
        JSON array containing a list of the OAuth 2.0 grant types that the Client is declaring that it will restrict itself to using.
      • APPLICATION_TYPE

        public static final RegisterRequestParam APPLICATION_TYPE
        Kind of the application. The default if not specified is web. The defined values are native or web. Web Clients using the OAuth implicit grant type must only register URLs using the https scheme as redirect_uris; they may not use localhost as the hostname. Native Clients must only register redirect_uris using custom URI schemes or URLs using the http: scheme with localhost as the hostname.
      • CONTACTS

        public static final RegisterRequestParam CONTACTS
        Array of e-mail addresses of people responsible for this Client. This may be used by some providers to enable a Web user interface to modify the Client information.
      • AUTHORIZATION_DETAILS_TYPES

        public static final RegisterRequestParam AUTHORIZATION_DETAILS_TYPES
        Authorization Details Types (RFC9396). Fine-grained access.
      • CLIENT_NAME

        public static final RegisterRequestParam CLIENT_NAME
        Name of the Client to be presented to the user.
      • LOGO_URI

        public static final RegisterRequestParam LOGO_URI
        URL that references a logo for the Client application.
      • CLIENT_URI

        public static final RegisterRequestParam CLIENT_URI
        URL of the home page of the Client.
      • POLICY_URI

        public static final RegisterRequestParam POLICY_URI
        URL that the Relying Party Client provides to the End-User to read about the how the profile data will be used.
      • TOS_URI

        public static final RegisterRequestParam TOS_URI
        URL that the Relying Party Client provides to the End-User to read about the Relying Party's terms of service.
      • JWKS_URI

        public static final RegisterRequestParam JWKS_URI
        URL for the Client's JSON Web Key Set (JWK) document containing key(s) that are used for signing requests to the OP. The JWK Set may also contain the Client's encryption keys(s) that are used by the OP to encrypt the responses to the Client.
      • JWKS

        public static final RegisterRequestParam JWKS
        Client's JSON Web Key Set (JWK) document, passed by value. The semantics of the jwks parameter are the same as the jwks_uri parameter, other than that the JWK Set is passed by value, rather than by reference. This parameter is intended only to be used by Clients that, for some reason, are unable to use the jwks_uri parameter, for instance, by native applications that might not have a location to host the contents of the JWK Set. If a Client can use jwks_uri, it must not use jwks. One significant downside of jwks is that it does not enable key rotation (which jwks_uri does, as described in Section 10 of OpenID Connect Core 1.0). The jwks_uri and jwks parameters must not be used together.
      • SECTOR_IDENTIFIER_URI

        public static final RegisterRequestParam SECTOR_IDENTIFIER_URI
        URL using the https scheme to be used in calculating Pseudonymous Identifiers by the OP. The URL references a file with a single JSON array of redirect_uri values.
      • SUBJECT_TYPE

        public static final RegisterRequestParam SUBJECT_TYPE
        Subject type requested for the Client ID. Valid types include pairwise and public.
      • RPT_AS_JWT

        public static final RegisterRequestParam RPT_AS_JWT
        Whether to return RPT as signed JWT
      • ACCESS_TOKEN_AS_JWT

        public static final RegisterRequestParam ACCESS_TOKEN_AS_JWT
        Whether to return access token as signed JWT
      • ACCESS_TOKEN_SIGNING_ALG

        public static final RegisterRequestParam ACCESS_TOKEN_SIGNING_ALG
        Algorithm used for signing of JWT
      • AUTHORIZATION_SIGNED_RESPONSE_ALG

        public static final RegisterRequestParam AUTHORIZATION_SIGNED_RESPONSE_ALG
        JWS alg algorithm JWA required for signing authorization responses.
      • AUTHORIZATION_ENCRYPTED_RESPONSE_ALG

        public static final RegisterRequestParam AUTHORIZATION_ENCRYPTED_RESPONSE_ALG
        JWE alg algorithm JWA required for encrypting authorization responses.
      • AUTHORIZATION_ENCRYPTED_RESPONSE_ENC

        public static final RegisterRequestParam AUTHORIZATION_ENCRYPTED_RESPONSE_ENC
        JWE enc algorithm JWA required for encrypting auhtorization responses.
      • ID_TOKEN_SIGNED_RESPONSE_ALG

        public static final RegisterRequestParam ID_TOKEN_SIGNED_RESPONSE_ALG
        JWS alg algorithm (JWA)0 required for the issued ID Token.
      • ID_TOKEN_ENCRYPTED_RESPONSE_ALG

        public static final RegisterRequestParam ID_TOKEN_ENCRYPTED_RESPONSE_ALG
        JWE alg algorithm (JWA) required for encrypting the ID Token.
      • ID_TOKEN_ENCRYPTED_RESPONSE_ENC

        public static final RegisterRequestParam ID_TOKEN_ENCRYPTED_RESPONSE_ENC
        JWE enc algorithm (JWA) required for symmetric encryption of the ID Token.
      • USERINFO_SIGNED_RESPONSE_ALG

        public static final RegisterRequestParam USERINFO_SIGNED_RESPONSE_ALG
        JWS alg algorithm (JWA) required for UserInfo Responses.
      • USERINFO_ENCRYPTED_RESPONSE_ALG

        public static final RegisterRequestParam USERINFO_ENCRYPTED_RESPONSE_ALG
        JWE alg algorithm (JWA) required for encrypting UserInfo Responses.
      • USERINFO_ENCRYPTED_RESPONSE_ENC

        public static final RegisterRequestParam USERINFO_ENCRYPTED_RESPONSE_ENC
        JWE enc algorithm (JWA) required for symmetric encryption of UserInfo Responses.
      • INTROSPECTION_SIGNED_RESPONSE_ALG

        public static final RegisterRequestParam INTROSPECTION_SIGNED_RESPONSE_ALG
        JWS alg algorithm (JWA) required for Introspection Responses.
      • INTROSPECTION_ENCRYPTED_RESPONSE_ALG

        public static final RegisterRequestParam INTROSPECTION_ENCRYPTED_RESPONSE_ALG
        JWE alg algorithm (JWA) required for encrypting Introspection Responses.
      • INTROSPECTION_ENCRYPTED_RESPONSE_ENC

        public static final RegisterRequestParam INTROSPECTION_ENCRYPTED_RESPONSE_ENC
        JWE enc algorithm (JWA) required for symmetric encryption of Introspection Responses.
      • TX_TOKEN_SIGNED_RESPONSE_ALG

        public static final RegisterRequestParam TX_TOKEN_SIGNED_RESPONSE_ALG
        JWS alg algorithm (JWA) required for Transaction Token Responses.
      • TX_TOKEN_ENCRYPTED_RESPONSE_ALG

        public static final RegisterRequestParam TX_TOKEN_ENCRYPTED_RESPONSE_ALG
        JWE alg algorithm (JWA) required for encrypting Transaction Token Responses.
      • TX_TOKEN_ENCRYPTED_RESPONSE_ENC

        public static final RegisterRequestParam TX_TOKEN_ENCRYPTED_RESPONSE_ENC
        JWE enc algorithm (JWA) required for symmetric encryption of Transaction Token Responses.
      • REQUEST_OBJECT_SIGNING_ALG

        public static final RegisterRequestParam REQUEST_OBJECT_SIGNING_ALG
        JWS alg algorithm (JWA) that must be required by the Authorization Server.
      • REQUEST_OBJECT_ENCRYPTION_ALG

        public static final RegisterRequestParam REQUEST_OBJECT_ENCRYPTION_ALG
        JWS alg algorithm (JWA) that must be used for signing Request Objects sent to the OP.
      • REQUEST_OBJECT_ENCRYPTION_ENC

        public static final RegisterRequestParam REQUEST_OBJECT_ENCRYPTION_ENC
        JWE enc algorithm (JWA) the RP is declaring that it may use for encrypting Request Objects sent to the OP.
      • TOKEN_ENDPOINT_AUTH_METHOD

        public static final RegisterRequestParam TOKEN_ENDPOINT_AUTH_METHOD
        Requested authentication method for the Token Endpoint.
      • ADDITIONAL_TOKEN_ENDPOINT_AUTH_METHODS

        public static final RegisterRequestParam ADDITIONAL_TOKEN_ENDPOINT_AUTH_METHODS
        Requested authentication methods for the Token Endpoint.
      • TOKEN_ENDPOINT_AUTH_SIGNING_ALG

        public static final RegisterRequestParam TOKEN_ENDPOINT_AUTH_SIGNING_ALG
        JWS alg algorithm (JWA) that MUST be used for signing the JWT used to authenticate the Client at the Token Endpoint for the private_key_jwt and client_secret_jwt authentication methods.
      • DEFAULT_MAX_AGE

        public static final RegisterRequestParam DEFAULT_MAX_AGE
        Default Maximum Authentication Age. Specifies that the End-User must be actively authenticated if the End-User was authenticated longer ago than the specified number of seconds. The max_age request parameter overrides this default value.
      • REQUIRE_AUTH_TIME

        public static final RegisterRequestParam REQUIRE_AUTH_TIME
        Boolean value specifying whether the auth_time Claim in the ID Token is required. It is required when the value is true. The auth_time Claim request in the Request Object overrides this setting.
      • DEFAULT_ACR_VALUES

        public static final RegisterRequestParam DEFAULT_ACR_VALUES
        Default requested Authentication Context Class Reference values. Array of strings that specifies the default acr values that the Authorization Server must use for processing requests from the Client.
      • MINIMUM_ACR_LEVEL

        public static final RegisterRequestParam MINIMUM_ACR_LEVEL
        Integer value which sets minimum acr level.
      • MINIMUM_ACR_LEVEL_AUTORESOLVE

        public static final RegisterRequestParam MINIMUM_ACR_LEVEL_AUTORESOLVE
        Boolean value, - if false and minimumAcrLevel is higher then current acr_values then reject request - if true - resolve acr according to either client's minimumAcrPriorityList or AS auth_level_mapping
      • MINIMUM_ACR_PRIORITY_LIST

        public static final RegisterRequestParam MINIMUM_ACR_PRIORITY_LIST
        Array of strings, - enables client to specify the acr order of preference, rather then just the next lowest integer value
      • INITIATE_LOGIN_URI

        public static final RegisterRequestParam INITIATE_LOGIN_URI
        URI using the https scheme that the Authorization Server can call to initiate a login at the Client.
      • POST_LOGOUT_REDIRECT_URIS

        public static final RegisterRequestParam POST_LOGOUT_REDIRECT_URIS
        URL supplied by the RP to request that the user be redirected to this location after a logout has been performed,
      • FRONT_CHANNEL_LOGOUT_URI

        public static final RegisterRequestParam FRONT_CHANNEL_LOGOUT_URI
        RP URL that will cause the RP to log itself out when rendered in an iframe by the OP. A sid (session ID) query parameter MAY be included by the OP to enable the RP to validate the request and to determine which of the potentially multiple sessions is to be logged out.
      • FRONT_CHANNEL_LOGOUT_SESSION_REQUIRED

        public static final RegisterRequestParam FRONT_CHANNEL_LOGOUT_SESSION_REQUIRED
        Boolean value specifying whether the RP requires that a sid (session ID) query parameter be included to identify the RP session at the OP when the logout_uri is used. If omitted, the default value is false.
      • BACKCHANNEL_LOGOUT_URI

        public static final RegisterRequestParam BACKCHANNEL_LOGOUT_URI
        RP URL that will cause the RP to log itself out when sent a Logout Token by the OP.
      • BACKCHANNEL_LOGOUT_SESSION_REQUIRED

        public static final RegisterRequestParam BACKCHANNEL_LOGOUT_SESSION_REQUIRED
        Boolean value specifying whether the RP requires that a sid (session ID) Claim be included in the Logout Token to identify the RP session with the OP when the backchannel_logout_uri is used. If omitted, the default value is false.
      • REQUEST_URIS

        public static final RegisterRequestParam REQUEST_URIS
        Array of request_uri values that are pre-registered by the Client for use at the Authorization Server.
      • EVIDENCE

        public static final RegisterRequestParam EVIDENCE
        Evidence is a set of claims generated by an attester to be appraised by a verifier. Evidence may include configuration data, measurements, telemetry, or inferences. This is a string value containing the evidence, as produced by the selected attestation technology
      • CLAIMS

        public static final RegisterRequestParam CLAIMS
        String containing a space-separated list of claims that can be requested individually.
      • ID_TOKEN_TOKEN_BINDING_CNF

        public static final RegisterRequestParam ID_TOKEN_TOKEN_BINDING_CNF
        Optional string value specifying the JWT Confirmation Method member name (e.g. tbh) that the Relying Party expects when receiving Token Bound ID Tokens. The presence of this parameter indicates that the Relying Party supports Token Binding of ID Tokens. If omitted, the default is that the Relying Party does not support Token Binding of ID Tokens.
      • TLS_CLIENT_AUTH_SUBJECT_DN

        public static final RegisterRequestParam TLS_CLIENT_AUTH_SUBJECT_DN
        string representation of the expected subject distinguished name of the certificate, which the OAuth client will use in mutual TLS authentication.
      • ALLOW_SPONTANEOUS_SCOPES

        public static final RegisterRequestParam ALLOW_SPONTANEOUS_SCOPES
        boolean, whether to allow spontaneous scopes for client
      • SPONTANEOUS_SCOPES

        public static final RegisterRequestParam SPONTANEOUS_SCOPES
        list of spontaneous scopes
      • ADDITIONAL_AUDIENCE

        public static final RegisterRequestParam ADDITIONAL_AUDIENCE
        list of additional audiences
      • SPONTANEOUS_SCOPE_SCRIPT_DNS

        public static final RegisterRequestParam SPONTANEOUS_SCOPE_SCRIPT_DNS
        list of spontaneous scope script dns
      • UPDATE_TOKEN_SCRIPT_DNS

        public static final RegisterRequestParam UPDATE_TOKEN_SCRIPT_DNS
        list of update token script dns
      • POST_AUTHN_SCRIPT_DNS

        public static final RegisterRequestParam POST_AUTHN_SCRIPT_DNS
        list of post authn script dns
      • CONSENT_GATHERING_SCRIPT_DNS

        public static final RegisterRequestParam CONSENT_GATHERING_SCRIPT_DNS
        list of consent gathering script dns
      • INTROSPECTION_SCRIPT_DNS

        public static final RegisterRequestParam INTROSPECTION_SCRIPT_DNS
        list of introspection script dns
      • RPT_CLAIMS_SCRIPT_DNS

        public static final RegisterRequestParam RPT_CLAIMS_SCRIPT_DNS
        list of rpt claims script dns
      • RUN_INTROSPECTION_SCRIPT_BEFORE_JWT_CREATION

        public static final RegisterRequestParam RUN_INTROSPECTION_SCRIPT_BEFORE_JWT_CREATION
        boolean property which indicates whether to run introspection script and then include claims from result into access_token as JWT
      • KEEP_CLIENT_AUTHORIZATION_AFTER_EXPIRATION

        public static final RegisterRequestParam KEEP_CLIENT_AUTHORIZATION_AFTER_EXPIRATION
        boolean property which indicates whether to keep client authorization after expiration
      • DPOP_BOUND_ACCESS_TOKEN

        public static final RegisterRequestParam DPOP_BOUND_ACCESS_TOKEN
        boolean value specifying whether the client always uses DPoP for token requests. If omitted, the default value is false.
      • SCOPE

        public static final RegisterRequestParam SCOPE
        String containing a space-separated list of scope values.
      • AUTHORIZED_ORIGINS

        public static final RegisterRequestParam AUTHORIZED_ORIGINS
        Authorized JavaScript origins.
      • ACCESS_TOKEN_LIFETIME

        public static final RegisterRequestParam ACCESS_TOKEN_LIFETIME
        Client-specific access token expiration. Set this value to null or zero to use the default value.
      • ID_TOKEN_LIFETIME

        public static final RegisterRequestParam ID_TOKEN_LIFETIME
        Client-specific id_token expiration in seconds. Set this value to null or zero to use the default value.
      • TX_TOKEN_LIFETIME

        public static final RegisterRequestParam TX_TOKEN_LIFETIME
        Client-specific tx_token expiration in seconds. Set this value to null or zero to use the default value.
      • SOFTWARE_ID

        public static final RegisterRequestParam SOFTWARE_ID
        A unique identifier string (UUID) assigned by the client developer or software publisher used by registration endpoints to identify the client software to be dynamically registered.
      • SOFTWARE_VERSION

        public static final RegisterRequestParam SOFTWARE_VERSION
        A version identifier string for the client software identified by "software_id". The value of the "software_version" should change on any update to the client software identified by the same "software_id".
      • SOFTWARE_STATEMENT

        public static final RegisterRequestParam SOFTWARE_STATEMENT
        A software statement containing client metadata values about the client software as claims. This is a string value containing the entire signed JWT.
      • BACKCHANNEL_TOKEN_DELIVERY_MODE

        public static final RegisterRequestParam BACKCHANNEL_TOKEN_DELIVERY_MODE
      • BACKCHANNEL_CLIENT_NOTIFICATION_ENDPOINT

        public static final RegisterRequestParam BACKCHANNEL_CLIENT_NOTIFICATION_ENDPOINT
      • BACKCHANNEL_AUTHENTICATION_REQUEST_SIGNING_ALG

        public static final RegisterRequestParam BACKCHANNEL_AUTHENTICATION_REQUEST_SIGNING_ALG
      • BACKCHANNEL_USER_CODE_PARAMETER

        public static final RegisterRequestParam BACKCHANNEL_USER_CODE_PARAMETER
      • PUBLIC_SUBJECT_IDENTIFIER_ATTRIBUTE

        public static final RegisterRequestParam PUBLIC_SUBJECT_IDENTIFIER_ATTRIBUTE
    • Method Detail

      • values

        public static RegisterRequestParam[] values()
        Returns an array containing the constants of this enum type, in the order they are declared. This method may be used to iterate over the constants as follows:
        for (RegisterRequestParam c : RegisterRequestParam.values())
            System.out.println(c);
        
        Returns:
        an array containing the constants of this enum type, in the order they are declared
      • valueOf

        public static RegisterRequestParam valueOf​(String name)
        Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)
        Parameters:
        name - the name of the enum constant to be returned.
        Returns:
        the enum constant with the specified name
        Throws:
        IllegalArgumentException - if this enum type has no constant with the specified name
        NullPointerException - if the argument is null
      • getName

        public String getName()
        Gets parameter name.
        Returns:
        parameter name
      • isStandard

        public static boolean isStandard​(String parameterName)
        Returns whether parameter is standard
        Parameters:
        parameterName - parameter name
        Returns:
        whether parameter is standard
      • isCustomParameterValid

        public static boolean isCustomParameterValid​(String parameterName)
        Returns whether custom parameter is valid.
        Parameters:
        parameterName - parameter name
        Returns:
        whether custom parameter is valid