...
A command line interface (CLI) is provided for some configuration tasks, which can be accessed like so:
...
The following commands are available for configuration of OIDC clients:
- clients list
- clients show <client_id>
- clients rm <client_id>
- clients add # see below
Use the --help flag for a description of the parameters for each command.
...
Codeblock |
---|
docker exec -it didmos2-demo-auth didmos2-auth-cli clients add --flow code --client-name Foobar --redirect-uri https://foo.bar
--client-secret not provided, but required for --flow = code or both. Generated random value for client_secret: dRWl2zin2VD7AyOOAJghweNF
Generated random value for client_id: 9SHRfIcW034AQY8s
Client successfully created: {'_id': ObjectId('5d5d4eff791d34483ec0bbee'), 'data': {'application_type': 'web', 'client_secret': 'dRWl2zin2VD7AyOOAJghweNF', 'redirect_uris': ['https://foo.bar'], 'client_id': '9SHRfIcW034AQY8s', 'response_types': ['code'], 'client_name': 'Foobar'}, 'lookup_key': '9SHRfIcW034AQY8s'}
# Further parameters
# Client AuthN is client_secret_basic per default. To change this, add:
--token-endpoint-auth-method client_secret_post |
lookup_key is always the client_id of a client and must be unique. If --client-id is empty, a random id is generated. If --client-secret is empty and --flow is either code or both, a random value is generated.
Configuration
On how to connect Clients/SPs, see Connect SAML SPs to SATOSA or didmos2 Authenticator
Full environment variable reference
...