Service: OAuth2 Client List

** DEPRECATED: `authorized_only` is deprecated and will be removed in the upcoming API v1.1. Please use `filter_by` instead.

** WARNING: This service is experimental and may change without any notice.

This service returns a list of all user registered or authorized clients. It is not part of the general OAuth2 specification. Only super clients are allowed to use this service for client management, e.g.to facilitate users revoking any suspicious and misused access or refresh tokens. User and super client authentications are required.

The client list can be filtered by using the parameter filter_by with value authorized_only to show only authorized clients having active refresh tokens (not revoked, not expired), except the requesting super clients. Alternatively, it can show only user-registered (user-owned) clients by setting filter_by with value owned_only.

Some information are only shown for clients registered by the authenticated user, for instance registration info and refresh token expiry setting.

Available in: full version

Method: POST

Service URL: root/oauth2/client/list

Parameters

Header Parameters

Name	Required	Description	Value
Authorization	yes	HTTP authentication with scheme: Bearer	OAuth2 access token
Content-Type	yes	content type of the input data	application/x-www-form-urlencoded

Request body URL-encoded form parameters

Name	Required	Description	Type	Value
super_client_id	yes	A super client identifier obtained on client registration.	String
super_client_secret	yes, for confidential clients	A super client secret obtained on client registration.	String
filter_by	no	Filter the list to show user-authorized or user-owned only clients.	String	authorized_only owned_only
authorized_only (DEPRECATED)	no, default:false	If true, list user-authorized clients only, otherwise list all user-registered (user-owned) clients.	Boolean

Examples

Request

List both owned and authorized clients (v1.1)

curl -H 'Content-Type: application/x-www-form-urlencoded' 
     -H 'Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=' 
     -d 'super_client_id=fCBbQkA2YzIxYmY1Ng==&super_client_secret=
         Z0yTxWfoVPT3APmkU8mQoc7lyA9LvUmJQADwHhFLNIeOARoF0T47gc4hPXm9fwHV' 
     http://localhost:8089/api/v1.1/oauth2/client/list

List clients registered and owned by an authenticated user with filter_by=owned_only

curl -H 'Content-Type: application/x-www-form-urlencoded' 
     -H 'Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=' 
     -d 'filter_by=owned_only&super_client_id=fCBbQkA2YzIxYmY1Ng==
         &super_client_secret=Z0yTxWfoVPT3APmkU8mQoc7lyA9LvUmJQADw
         HhFLNIeOARoF0T47gc4hPXm9fwHV' 
     http://localhost:8089/api/v1.0/oauth2/client/list

List clients authorized by an authenticated user with filter_by=authorized_only

curl -H 'Content-Type: application/x-www-form-urlencoded' 
     -H 'Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=' 
     -d 'filter_by=authorized_only&super_client_id=fCBbQkA2YzIxYmY1Ng==
     &super_client_secret=Z0yTxWfoVPT3APmkU8mQoc7lyA9LvUmJQADwHhFLNIeO
     ARoF0T47gc4hPXm9fwHV' 
     http://localhost:8089/api/v1.0/oauth2/client/list

Response

[ {
   "permitted": true,
   "super": false,
   "client_id": "MfJMHP77FrM4pbN46rtHdM",
   "client_name": "Confidential client",
   "client_type": "CONFIDENTIAL",
   "client_description": "This is a confidential test client.",
   "client_url": "http://example.client.com",
   "client_redirect_uri": "https://example.client.com/redirect"        
}, {
   "permitted": true,
   "super": false,
   "client_id": "JR9JGf6FmTp7bNR4H7NbPb",
   "client_name": "Public client",
   "client_type": "PUBLIC",
   "client_description": "This is a public client.",
   "registration_date": "2022-05-04T13:02:38.558+02:00[Europe/Berlin]",
   "registered_by": "username",
   "refresh_token_expiry": 0
}, {
   "source": {"plugin": "source"},
   "permitted": true,
   "super": false,
   "client_id": "6PM7bhd9JrJ6rmJmLf9Jnr",
   "client_name": "Plugin",
   "client_type": "CONFIDENTIAL",
   "client_description": "This is a plugin test client."
} ]

Service: OAuth2 Client List

** DEPRECATED: authorized_only is deprecated and will be removed in the upcoming API v1.1. Please use filter_by instead.

** WARNING: This service is experimental and may change without any notice.

Parameters

Examples

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

** DEPRECATED: `authorized_only` is deprecated and will be removed in the upcoming API v1.1. Please use `filter_by` instead.