VMware Cloud Director API - OpenIdProviderConfiguration

VMware Cloud Director API - OpenIdProviderConfiguration

OpenIdProviderConfigurationType

Element:
OpenIdProviderConfiguration
Type:
OpenIdProviderConfigurationType
Namespace:
http://www.vmware.com/vcloud/v1.5
Description:
Result from reading the IDP's openId provider config endpoint
Since:
36.0
Schema:
vCloudEntities.xsd
Media type(s):
application/vnd.vmware.vcloud.admin.openIdProviderConfiguration+xml
application/vnd.vmware.vcloud.admin.openIdProviderConfiguration+json
Extends:
ResourceType
XML Representation:
<OpenIdProviderConfiguration xmlns="http://www.vmware.com/vcloud/v1.5" href="xs:anyURI" type="xs:string">
    <Link href="xs:anyURI" id="xs:string" type="xs:string" name="xs:string"
            rel="xs:string" model="xs:string"/>
    <OrgOAuthSettings href="xs:anyURI" type="xs:string">
        <Link href="xs:anyURI" id="xs:string" type="xs:string" name="xs:string"
                rel="xs:string" model="xs:string"/>
        <OrgRedirectUri> xs:string </OrgRedirectUri>
        <IssuerId> xs:string </IssuerId>
        <OAuthKeyConfigurations href="xs:anyURI" type="xs:string">
            <Link href="xs:anyURI" id="xs:string" type="xs:string" name="xs:string"
                    rel="xs:string" model="xs:string"/>
            <OAuthKeyConfiguration href="xs:anyURI" type="xs:string">
                <Link href="xs:anyURI" id="xs:string" type="xs:string" name="xs:string"
                        rel="xs:string" model="xs:string"/>
                <KeyId> xs:string </KeyId>
                <Algorithm> xs:string </Algorithm>
                <Key> xs:string </Key>
                <ExpirationDate> xs:dateTime </ExpirationDate>
            </OAuthKeyConfiguration>
        </OAuthKeyConfigurations>
        <Enabled> xs:boolean </Enabled>
        <ClientId> xs:string </ClientId>
        <ClientSecret> xs:string </ClientSecret>
        <UserAuthorizationEndpoint> xs:anyURI </UserAuthorizationEndpoint>
        <AccessTokenEndpoint> xs:anyURI </AccessTokenEndpoint>
        <UserInfoEndpoint> xs:anyURI </UserInfoEndpoint>
        <ScimEndpoint> xs:anyURI </ScimEndpoint>
        <Scope> xs:string </Scope>
        <OIDCAttributeMapping href="xs:anyURI" type="xs:string">
            <Link href="xs:anyURI" id="xs:string" type="xs:string" name="xs:string"
                    rel="xs:string" model="xs:string"/>
            <SubjectAttributeName> xs:string </SubjectAttributeName>
            <EmailAttributeName> xs:string </EmailAttributeName>
            <FullNameAttributeName> xs:string </FullNameAttributeName>
            <FirstNameAttributeName> xs:string </FirstNameAttributeName>
            <LastNameAttributeName> xs:string </LastNameAttributeName>
            <GroupsAttributeName> xs:string </GroupsAttributeName>
            <RolesAttributeName> xs:string </RolesAttributeName>
        </OIDCAttributeMapping>
        <MaxClockSkew> xs:int </MaxClockSkew>
        <JwksUri> xs:anyURI </JwksUri>
        <AutoRefreshKey> xs:boolean </AutoRefreshKey>
        <KeyRefreshStrategy> xs:string </KeyRefreshStrategy>
        <KeyRefreshFrequencyInHours> OrgOAuthSettingsType/KeyRefreshFrequencyInHours </KeyRefreshFrequencyInHours>
        <KeyExpireDurationInHours> OrgOAuthSettingsType/KeyExpireDurationInHours </KeyExpireDurationInHours>
        <WellKnownEndpoint> xs:anyURI </WellKnownEndpoint>
        <LastKeyRefreshAttempt> xs:dateTime </LastKeyRefreshAttempt>
        <LastKeySuccessfulRefresh> xs:dateTime </LastKeySuccessfulRefresh>
        <EnableIdTokenClaims> xs:boolean </EnableIdTokenClaims>
        <UsePKCE> xs:boolean </UsePKCE>
        <SendClientCredentialsAsAuthorizationHeader> xs:boolean </SendClientCredentialsAsAuthorizationHeader>
    </OrgOAuthSettings>
    <ProviderConfigResponse> xs:string </ProviderConfigResponse>
</OpenIdProviderConfiguration>

Attributes

Attribute Type Required Modifiable Since Deprecated Description
href anyURI No always 36.0 The URI of the entity.
type string No always 36.0 The MIME type of the entity.

Elements

Element Type Required Modifiable Since Deprecated Description
Link LinkType No none 36.0 A reference to an entity or operation associated with this object.
OrgOAuthSettings OrgOAuthSettingsType No none 36.0 OrgOauthSettings object configured using information from the IDP
ProviderConfigResponse string No always 36.0 Raw response from the IDP's provider config endpoint
VCloudExtension VCloudExtensionType No always 36.0 An optional extension element that can contain an arbitrary number of elements and attributes. Not related to extension services.

Operations

CRUD Operation Description Since Deprecated
as output POST /admin/org/{id}/settings/oauth/openIdProviderConfig Reads an OpenID configuring from a well-known endpoint and responds with the raw information from the IDP as well as VCD's interpretation of that information. 36.0