RegisterClient - AWS SSO OIDC

RegisterClient

Registers a client with AWS SSO. This allows clients to initiate device authorization. The output should be persisted for reuse through many authentication requests.

Request Syntax

POST /client/register HTTP/1.1 Content-type: application/json { "clientName": "string", "clientType": "string", "scopes": [ "string" ] }

URI Request Parameters

The request does not use any URI parameters.

Request Body

The request accepts the following data in JSON format.

clientName

The friendly name of the client.

Type: String

Required: Yes

clientType

The type of client. The service supports only public as a client type. Anything other than public will be rejected by the service.

Type: String

Required: Yes

scopes

The list of scopes that are defined by the client. Upon authorization, this list is used to restrict permissions when granting an access token.

Type: Array of strings

Required: No

Response Syntax

HTTP/1.1 200 Content-type: application/json { "authorizationEndpoint": "string", "clientId": "string", "clientIdIssuedAt": number, "clientSecret": "string", "clientSecretExpiresAt": number, "tokenEndpoint": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

authorizationEndpoint

The endpoint where the client can request authorization.

Type: String

clientId

The unique identifier string for each client. This client uses this identifier to get authenticated by the service in subsequent calls.

Type: String

clientIdIssuedAt

Indicates the time at which the clientId and clientSecret were issued.

Type: Long

clientSecret

A secret string generated for the client. The client will use this string to get authenticated by the service in subsequent calls.

Type: String

clientSecretExpiresAt

Indicates the time at which the clientId and clientSecret will become invalid.

Type: Long

tokenEndpoint

The endpoint where the client can get an access token.

Type: String

Errors

For information about the errors that are common to all actions, see Common Errors.

InternalServerException

Indicates that an error from the service occurred while trying to process a request.

HTTP Status Code: 500

InvalidClientMetadataException

Indicates that the client information sent in the request during registration is invalid.

HTTP Status Code: 400

InvalidRequestException

Indicates that something is wrong with the input to the request. For example, a required parameter might be missing or out of range.

HTTP Status Code: 400

InvalidScopeException

Indicates that the scope provided in the request is invalid.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: