DCR Custom attrib - maduvena/jans-docs GitHub Wiki
Dynamic registration custom attributes Jans-auth server configurations dynamicRegistrationCustomAttributes: Each parameter is added as an item under dynamicRegistrationCustomAttributes. Each item must contain the name of the LDAP attribute storing the corresponding property's value (which is usually different from the displayed name of the property). By default, it allows setting only the "jansAuthTrustedClient" attribute which corresponds to the "Pre-Authorization" property.
Notes from Puja: here are steps to create custom attribute
Create new custom attribute in /opt/opendj/config/schema/77-customAttributes.ldif Append newly created attribute in MAY section of jansClntCustomAttributes restarted opendj Append newly created attribute in auth-config, jansClntCustomAttributes value of dynamicRegistrationCustomAttributes (attrib of client) is jansClntCustomAttributes Ref - https://github.com/JanssenProject/jans/issues/2483
Request
{
"displayName":"Puja Test Client5",
"clientSecret":"password",
"frontChannelLogoutUri":"null",
"frontChannelLogoutSessionRequired":false,
"registrationAccessToken":"",
"clientIdIssuedAt":"",
"clientSecretExpiresAt":"",
"redirectUris":[
"https://jans.server.com/.well-known/abc_3"
],
"claimRedirectUris":[
],
"responseTypes":[
],
"grantTypes":[
"client_credentials"
],
"applicationType":"web",
"contacts":[
],
"idTokenTokenBindingCnf":"",
"jwksUri":"",
"jwks":"",
"sectorIdentifierUri":"",
"subjectType":"pairwise",
"idTokenSignedResponseAlg":"",
"idTokenEncryptedResponseAlg":"",
"idTokenEncryptedResponseEnc":"",
"userInfoSignedResponseAlg":"",
"userInfoEncryptedResponseAlg":"",
"userInfoEncryptedResponseEnc":"",
"requestObjectSigningAlg":"",
"requestObjectEncryptionAlg":"",
"requestObjectEncryptionEnc":"",
"tokenEndpointAuthMethod":"client_secret_basic",
"tokenEndpointAuthSigningAlg":"",
"defaultMaxAge":0,
"requireAuthTime":false,
"defaultAcrValues":[
],
"initiateLoginUri":"",
"postLogoutRedirectUris":[
],
"requestUris":[
],
"scopes":[
],
"claims":[
],
"trustedClient":false,
"lastAccessTime":0,
"lastLogonTime":0,
"persistClientAuthorizations":false,
"includeClaimsInIdToken":false,
"refreshTokenLifetime":0,
"accessTokenLifetime":0,
"customObjectClasses":null,
"rptAsJwt":false,
"accessTokenAsJwt":false,
"accessTokenSigningAlg":"RS256",
"disabled":false,
"authorizedOrigins":[
],
"softwareId":"",
"softwareVersion":"",
"softwareStatement":"",
"attributes":{
"tlsClientAuthSubjectDn":"",
"runIntrospectionScriptBeforeAccessTokenAsJwtCreationAndIncludeClaims":false,
"keepClientAuthorizationAfterExpiration":false,
"allowSpontaneousScopes":false,
"spontaneousScopes":null,
"spontaneousScopeScriptDns":null,
"updateTokenScriptDns":null,
"backchannelLogoutUri":null,
"backchannelLogoutSessionRequired":false,
"additionalAudience":null,
"postAuthnScripts":null,
"consentGatheringScripts":null,
"introspectionScripts":null,
"rptClaimsScripts":null,
"ropcScripts":null,
"parLifetime":600,
"requirePar":false,
"jansAuthSignedRespAlg":"",
"jansAuthEncRespAlg":"",
"jansAuthEncRespEnc":"",
"jansSubAttr":"",
"redirectUrisRegex":"",
"jansAuthorizedAcr":null,
"jansDefaultPromptLogin":false
},
"backchannelTokenDeliveryMode":"",
"backchannelClientNotificationEndpoint":"",
"backchannelAuthenticationRequestSigningAlg":"",
"backchannelUserCodeParameter":"",
"expirationDate":"",
"deletable":false,
"jansId":"",
"description":"",
"authenticationMethod":"client_secret_basic",
"tokenBindingSupported":false,
"customAttributes":[
{
"name":"myCustomAttr1",
"multiValued":false,
"values":[
"custom1_abc1"
]
},
{
"name":"myCustomAttr2",
"multiValued":false,
"values":[
"custom2_xyz2"
]
},
{
"name":"passportNumber",
"multiValued":false,
"values":[
123
]
}
]
}
Response
{
"dn": "inum=7681027b-6ae9-4481-8819-e9cd8bf57715,ou=clients,o=jans",
"deletable": false,
"clientSecret": "password",
"frontChannelLogoutUri": "null",
"frontChannelLogoutSessionRequired": false,
"redirectUris": [
"https://jans.server.com/.well-known/abc_3"
],
"grantTypes": [
"client_credentials"
],
"applicationType": "web",
"clientName": {
"values": {
"": "Puja Test Client5"
},
"value": "Puja Test Client5",
"languageTags": [
""
]
},
"logoUri": {},
"clientUri": {},
"policyUri": {},
"tosUri": {},
"subjectType": "pairwise",
"tokenEndpointAuthMethod": "client_secret_basic",
"defaultMaxAge": 0,
"scopes": [
"inum=F0C4,ou=scopes,o=jans",
"inum=43F1,ou=scopes,o=jans",
"inum=C4F5,ou=scopes,o=jans",
"inum=6D99,ou=scopes,o=jans",
"inum=7D02,ou=scopes,o=jans",
"inum=D491,ou=scopes,o=jans",
"inum=C17A,ou=scopes,o=jans",
"inum=0465-1DEA,ou=scopes,o=jans",
"inum=10B2,ou=scopes,o=jans",
"inum=764C,ou=scopes,o=jans",
"inum=341A,ou=scopes,o=jans",
"inum=7D01,ou=scopes,o=jans",
"inum=6D90,ou=scopes,o=jans",
"inum=C4F6,ou=scopes,o=jans"
],
"trustedClient": false,
"lastAccessTime": "1970-01-01T05:30:00",
"lastLogonTime": "1970-01-01T05:30:00",
"persistClientAuthorizations": false,
"includeClaimsInIdToken": false,
"refreshTokenLifetime": 0,
"accessTokenLifetime": 0,
"customAttributes": [
{
"name": "displayName",
"multiValued": false,
"values": [
"Puja Test Client5"
],
"value": "Puja Test Client5",
"displayValue": "Puja Test Client5"
},
{
"name": "myCustomAttr1",
"multiValued": false,
"values": [
"custom1_abc1"
],
"value": "custom1_abc1",
"displayValue": "custom1_abc1"
},
{
"name": "myCustomAttr2",
"multiValued": false,
"values": [
"custom2_xyz2"
],
"value": "custom2_xyz2",
"displayValue": "custom2_xyz2"
},
{
"name": "passportNumber",
"multiValued": false,
"values": [
"123"
],
"value": "123",
"displayValue": "123"
}
],
"customObjectClasses": [
"top",
"jansClntCustomAttributes"
],
"rptAsJwt": false,
"accessTokenAsJwt": false,
"accessTokenSigningAlg": "RS256",
"disabled": false,
"attributes": {
"runIntrospectionScriptBeforeJwtCreation": false,
"keepClientAuthorizationAfterExpiration": false,
"allowSpontaneousScopes": false,
"backchannelLogoutSessionRequired": false,
"parLifetime": 600,
"requirePar": false,
"jansDefaultPromptLogin": false
},
"displayName": "Puja Test Client5",
"authenticationMethod": "client_secret_basic",
"tokenBindingSupported": false,
"baseDn": "inum=7681027b-6ae9-4481-8819-e9cd8bf57715,ou=clients,o=jans",
"inum": "7681027b-6ae9-4481-8819-e9cd8bf57715"
}