vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/iam/api-ref/iam_13_0209.html
Wei, Hongmin 80f18fd272 IAM API 2.6 Version 
Reviewed-by: Kabai, Zoltán Gábor <zoltan-gabor.kabai@t-systems.com>
Co-authored-by: Wei, Hongmin <weihongmin1@huawei.com>
Co-committed-by: Wei, Hongmin <weihongmin1@huawei.com>
2023-08-03 03:34:59 +00:00

260 lines
18 KiB
HTML
Raw Blame History

<a name="iam_13_0209"></a><a name="iam_13_0209"></a>
<h1 class="topictitle1">Querying an OpenID Connect Identity Provider</h1>
<div id="body1598526655526"><div class="section" id="iam_13_0209__section155844154423"><h4 class="sectiontitle">Function</h4><p id="iam_13_0209__p1081501514219">This API is provided for the administrator to query an OpenID Connect identity provider.</p>
</div>
<div class="section" id="iam_13_0209__section185871615134210"><h4 class="sectiontitle">URI</h4><p id="iam_13_0209__p12815171515427">GET /v3.0/OS-FEDERATION/identity-providers/{idp_id}/openid-connect-config</p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="iam_13_0209__table858951512424" frame="border" border="1" rules="all"><caption><b>Table 1 </b>URI parameters</caption><thead align="left"><tr id="iam_13_0209__row108151156429"><th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.2.3.2.5.1.1"><p id="iam_13_0209__p20815315134215">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="10%" id="mcps1.3.2.3.2.5.1.2"><p id="iam_13_0209__p1581581518420">Mandatory</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.2.3.2.5.1.3"><p id="iam_13_0209__p581511574216">Type</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.2.3.2.5.1.4"><p id="iam_13_0209__p581551594211">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="iam_13_0209__row3815131510427"><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.2.3.2.5.1.1 "><p id="iam_13_0209__p1181521514213">idp_id</p>
</td>
<td class="cellrowborder" valign="top" width="10%" headers="mcps1.3.2.3.2.5.1.2 "><p id="iam_13_0209__p1081501516428">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.2.3.2.5.1.3 "><p id="iam_13_0209__p981511544215">String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.2.3.2.5.1.4 "><p id="iam_13_0209__p481521511428">Identity provider ID.</p>
<p id="iam_13_0209__p010713391029">Length: 1 to 64 characters</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="section" id="iam_13_0209__section3600215104218"><h4 class="sectiontitle">Request Parameters</h4>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="iam_13_0209__table17601315104214" frame="border" border="1" rules="all"><caption><b>Table 2 </b>Parameters in the request header</caption><thead align="left"><tr id="iam_13_0209__row1981521516422"><th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.2.2.5.1.1"><p id="iam_13_0209__p5815615154214">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="10%" id="mcps1.3.3.2.2.5.1.2"><p id="iam_13_0209__p6815315184218">Mandatory</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.2.2.5.1.3"><p id="iam_13_0209__p1981591519423">Type</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.3.2.2.5.1.4"><p id="iam_13_0209__p12815181574213">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="iam_13_0209__row14815915114210"><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.2.2.5.1.1 "><p id="iam_13_0209__p581571512429">Content-Type</p>
</td>
<td class="cellrowborder" valign="top" width="10%" headers="mcps1.3.3.2.2.5.1.2 "><p id="iam_13_0209__p1381517156429">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.2.2.5.1.3 "><p id="iam_13_0209__p1081521515421">String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.3.2.2.5.1.4 "><p id="iam_13_0209__p1381591516424">Fill <strong id="iam_13_0209__b97820439142">application/json;charset=utf8</strong> in this field.</p>
</td>
</tr>
<tr id="iam_13_0209__row1981518151423"><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.2.2.5.1.1 "><p id="iam_13_0209__p8815131574219">X-Auth-Token</p>
</td>
<td class="cellrowborder" valign="top" width="10%" headers="mcps1.3.3.2.2.5.1.2 "><p id="iam_13_0209__p11815171564219">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.2.2.5.1.3 "><p id="iam_13_0209__p188151915204212">String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.3.2.2.5.1.4 "><p id="iam_13_0209__p081515154426">Token with <strong id="iam_13_0209__b5563121574810">Security Administrator</strong> permissions.</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="section" id="iam_13_0209__section761391511424"><h4 class="sectiontitle">Response Parameters</h4><p id="iam_13_0209__p4815161514423"><strong id="iam_13_0209__b11384503146">Status code: 200</strong></p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="iam_13_0209__table1615131514216" frame="border" border="1" rules="all"><caption><b>Table 3 </b>Parameters in the response body</caption><thead align="left"><tr id="iam_13_0209__row5815201513425"><th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.4.3.2.4.1.1"><p id="iam_13_0209__p2081541512426">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.4.3.2.4.1.2"><p id="iam_13_0209__p88155151425">Type</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="60%" id="mcps1.3.4.3.2.4.1.3"><p id="iam_13_0209__p4815111513429">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="iam_13_0209__row0815161516425"><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.3.2.4.1.1 "><p id="iam_13_0209__p48158152426"><a href="#iam_13_0209__table106271415184212">openid_connect_config</a></p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.3.2.4.1.2 "><p id="iam_13_0209__p1781561516426">object</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.3.2.4.1.3 "><p id="iam_13_0209__p7815111524213">OpenID Connect configurations.</p>
</td>
</tr>
</tbody>
</table>
</div>
<div class="tablenoborder"><a name="iam_13_0209__table106271415184212"></a><a name="table106271415184212"></a><table cellpadding="4" cellspacing="0" summary="" id="iam_13_0209__table106271415184212" frame="border" border="1" rules="all"><caption><b>Table 4 </b>OpenIDConnectConfig</caption><thead align="left"><tr id="iam_13_0209__row158156159428"><th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.4.4.2.4.1.1"><p id="iam_13_0209__p1815715194210">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.4.4.2.4.1.2"><p id="iam_13_0209__p1281541554218">Type</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="60%" id="mcps1.3.4.4.2.4.1.3"><p id="iam_13_0209__p1815515144219">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="iam_13_0209__row281511554216"><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.1 "><p id="iam_13_0209__p17815915114213">access_mode</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.2 "><p id="iam_13_0209__p10815191574212">String</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.4.2.4.1.3 "><p id="iam_13_0209__p611593517328">Access type. Options:</p>
<ul id="iam_13_0209__ul1166237163218"><li id="iam_13_0209__li8682123913328"><strong id="iam_13_0209__b541115720144">program_console</strong>: programmatic access and management console access.</li><li id="iam_13_0209__li14166837203213"><strong id="iam_13_0209__b173331858101419">program</strong>: programmatic access only.</li></ul>
</td>
</tr>
<tr id="iam_13_0209__row198158157427"><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.1 "><p id="iam_13_0209__p1381561514219">idp_url</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.2 "><p id="iam_13_0209__p138154151424">String</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.4.2.4.1.3 "><p id="iam_13_0209__p1514462119318">URL of the OpenID Connect identity provider. This field corresponds to the <strong id="iam_13_0209__b2779596142">iss</strong> field in the ID token.</p>
</td>
</tr>
<tr id="iam_13_0209__row1481621514425"><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.1 "><p id="iam_13_0209__p6816161511423">client_id</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.2 "><p id="iam_13_0209__p1816181574216">String</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.4.2.4.1.3 "><p id="iam_13_0209__p111454219316">ID of a client registered with the OpenID Connect identity provider.</p>
</td>
</tr>
<tr id="iam_13_0209__row1681681517424"><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.1 "><p id="iam_13_0209__p20816161564210">authorization_endpoint</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.2 "><p id="iam_13_0209__p188168157422">String</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.4.2.4.1.3 "><p id="iam_13_0209__p1427416283317">Authorization endpoint of the OpenID Connect identity provider.</p>
<p id="iam_13_0209__p714514217312">This field is required only if <strong id="iam_13_0209__b19390145181513">access_mode</strong> is set to <strong id="iam_13_0209__b33961953150">program_console</strong>.</p>
</td>
</tr>
<tr id="iam_13_0209__row3816141519424"><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.1 "><p id="iam_13_0209__p981621574219">scope</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.2 "><p id="iam_13_0209__p7816121512421">String</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.4.2.4.1.3 "><p id="iam_13_0209__p1460272123315">Scope of authorization requests.</p>
<p id="iam_13_0209__p217382453312">This field is required only if <strong id="iam_13_0209__b153292811518">access_mode</strong> is set to <strong id="iam_13_0209__b1433415881511">program_console</strong>.</p>
<p id="iam_13_0209__p137881118173510">Enumerated values:</p>
<ul id="iam_13_0209__ul182672313510"><li id="iam_13_0209__li4262237352">openid</li><li id="iam_13_0209__li1526723103517">email</li><li id="iam_13_0209__li12662315356">profile</li></ul>
</td>
</tr>
<tr id="iam_13_0209__row681641518428"><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.1 "><p id="iam_13_0209__p58161915124214">response_type</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.2 "><p id="iam_13_0209__p1781611155420">String</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.4.2.4.1.3 "><p id="iam_13_0209__p1841811576348">Response type.</p>
<p id="iam_13_0209__p15291049103419">This field is required only if <strong id="iam_13_0209__b1178891131515">access_mode</strong> is set to <strong id="iam_13_0209__b1578991151519">program_console</strong>.</p>
<p id="iam_13_0209__p3145192183119">Enumerated value:</p>
<ul id="iam_13_0209__ul71451221133119"><li id="iam_13_0209__li9145152116319">id_token</li></ul>
</td>
</tr>
<tr id="iam_13_0209__row178161715124216"><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.1 "><p id="iam_13_0209__p11816101518423">response_mode</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.2 "><p id="iam_13_0209__p981613151427">String</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.4.2.4.1.3 "><p id="iam_13_0209__p1155410285350">Response mode.</p>
<p id="iam_13_0209__p914520214311">This field is required only if <strong id="iam_13_0209__b109847158158">access_mode</strong> is set to <strong id="iam_13_0209__b199899155157">program_console</strong>.</p>
<p id="iam_13_0209__p01451621113115">Enumerated values:</p>
<ul id="iam_13_0209__ul914502123116"><li id="iam_13_0209__li101452212315">fragment</li><li id="iam_13_0209__li1014502110317">form_post</li></ul>
</td>
</tr>
<tr id="iam_13_0209__row158161615124211"><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.1 "><p id="iam_13_0209__p9816171519421">signing_key</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.4.2.4.1.2 "><p id="iam_13_0209__p1881611155422">String</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.4.2.4.1.3 "><p id="iam_13_0209__p414552115316">Public key used to sign the ID token of the OpenID Connect identity provider.</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="section" id="iam_13_0209__section76561415104211"><h4 class="sectiontitle">Example Request</h4><pre class="screen" id="iam_13_0209__screen1142516214438">GET https://{address}/v3.0/OS-FEDERATION/identity-providers/{idp_id}/openid-connect-config</pre>
</div>
<div class="section" id="iam_13_0209__section196571215184212"><h4 class="sectiontitle">Example Response</h4><p id="iam_13_0209__p13816111564213"><strong id="iam_13_0209__b423392191514">Status code: 200</strong></p>
<p id="iam_13_0209__p11816121584213">The request is successful.</p>
<pre class="screen" id="iam_13_0209__screen11816615134218">{
"openid_connect_config" : {
"access_mode" : "program_console",
"idp_url" : "https://accounts.example.com",
"client_id" : "client_id_example",
"authorization_endpoint" : "https://accounts.example.com/o/oauth2/v2/auth",
"scope" : "openid",
"response_type" : "id_token",
"response_mode" : "form_post",
"signing_key" : "{\"keys\":[{\"kty\":\"RSA\",\"e\":\"AQAB\",\"use\":\"sig\",\"n\":\"example\",\"kid\":\"kid_example\",\"alg\":\"RS256\"}]}"
}
}</pre>
<p id="iam_13_0209__p208161159421"><strong id="iam_13_0209__b22177331152">Status code: 400</strong></p>
<p id="iam_13_0209__p58161215184212">The server failed to process the request.</p>
<pre class="screen" id="iam_13_0209__screen1381671519428">{
"error_msg" : "Request body is invalid.",
"error_code" : "IAM.0011"
}</pre>
<p id="iam_13_0209__p1381661564214"><strong id="iam_13_0209__b17122340101516">Status code: 401</strong></p>
<p id="iam_13_0209__p08161315174217">Authentication failed.</p>
<pre class="screen" id="iam_13_0209__screen1581651504216">{
"error_msg" : "Request parameter %(key)s is invalid.",
"error_code" : "IAM.0007"
}</pre>
<p id="iam_13_0209__p1981614153423"><strong id="iam_13_0209__b983284171515">Status code: 403</strong></p>
<p id="iam_13_0209__p16816111534218">Access denied.</p>
<pre class="screen" id="iam_13_0209__screen5816101574219">{
"error_msg" : "Policy doesn't allow %(actions)s to be performed.",
"error_code" : "IAM.0003"
}</pre>
<p id="iam_13_0209__p081631594214"><strong id="iam_13_0209__b89201343171516">Status code: 404</strong></p>
<p id="iam_13_0209__p58161415124215">The requested resource cannot be found.</p>
<pre class="screen" id="iam_13_0209__screen188161415114210">{
"error_msg" : "Could not find %(target)s: %(target_id)s.",
"error_code" : "IAM.0004"
}</pre>
<p id="iam_13_0209__p1081681517425"><strong id="iam_13_0209__b159437476156">Status code: 500</strong></p>
<p id="iam_13_0209__p2816815164218">Internal system error.</p>
<pre class="screen" id="iam_13_0209__screen38168158421">{
"error_msg" : "An unexpected error prevented the server from fulfilling your request.",
"error_code" : "IAM.0006"
}</pre>
</div>
<div class="section" id="iam_13_0209__section14696415124219"><h4 class="sectiontitle">Status Codes</h4>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="iam_13_0209__table12697201511420" frame="border" border="1" rules="all"><thead align="left"><tr id="iam_13_0209__row16816151512424"><th align="left" class="cellrowborder" valign="top" width="15%" id="mcps1.3.7.2.1.3.1.1"><p id="iam_13_0209__p6816415194211">Status Code</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="85%" id="mcps1.3.7.2.1.3.1.2"><p id="iam_13_0209__p9816171574220">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="iam_13_0209__row118162151429"><td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.7.2.1.3.1.1 "><p id="iam_13_0209__p381631510426">200</p>
</td>
<td class="cellrowborder" valign="top" width="85%" headers="mcps1.3.7.2.1.3.1.2 "><p id="iam_13_0209__p11816315184217">The request is successful.</p>
</td>
</tr>
<tr id="iam_13_0209__row58168157424"><td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.7.2.1.3.1.1 "><p id="iam_13_0209__p1081615152426">400</p>
</td>
<td class="cellrowborder" valign="top" width="85%" headers="mcps1.3.7.2.1.3.1.2 "><p id="iam_13_0209__p15816315154212">The server failed to process the request.</p>
</td>
</tr>
<tr id="iam_13_0209__row118161415124212"><td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.7.2.1.3.1.1 "><p id="iam_13_0209__p88161015144215">401</p>
</td>
<td class="cellrowborder" valign="top" width="85%" headers="mcps1.3.7.2.1.3.1.2 "><p id="iam_13_0209__p981691514421">Authentication failed.</p>
</td>
</tr>
<tr id="iam_13_0209__row14817151514420"><td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.7.2.1.3.1.1 "><p id="iam_13_0209__p15817141524213">403</p>
</td>
<td class="cellrowborder" valign="top" width="85%" headers="mcps1.3.7.2.1.3.1.2 "><p id="iam_13_0209__p18817121514423">Access denied.</p>
</td>
</tr>
<tr id="iam_13_0209__row16817141594214"><td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.7.2.1.3.1.1 "><p id="iam_13_0209__p1881714156424">404</p>
</td>
<td class="cellrowborder" valign="top" width="85%" headers="mcps1.3.7.2.1.3.1.2 "><p id="iam_13_0209__p178179151428">The requested resource cannot be found.</p>
</td>
</tr>
<tr id="iam_13_0209__row58171915164216"><td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.7.2.1.3.1.1 "><p id="iam_13_0209__p14817171504218">500</p>
</td>
<td class="cellrowborder" valign="top" width="85%" headers="mcps1.3.7.2.1.3.1.2 "><p id="iam_13_0209__p11817171534219">Internal system error.</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="en-us_topic_0057845605.html">Identity Provider</a></div>
</div>
</div>
View Git Blame Copy Permalink