- Managing issued tokens granted by each user (obtaining a list of clients, and updating scopes and revoking permissions for a particular client)
- Hybrid Flow: Issuing access tokens with subset of requested scopes
- Authlete's policy on sweeping unused tokens
- Introspection response for expired access token
- Refreshing a refresh token when the grant type is "refresh_token"
- How to specify token(s) on updating its information
- Getting a list of issued access tokens
- Enabling single access token per subject
- Ticket Parameter in Authorization Endpoint
- Changing signing key for ID token
- Client Management
- Error Handling
- Client Authentication
- Userinfo Endpoint
Client ID Alias
If the "Client ID Alias" is Enabled, each client can have a client ID alias in addition to the client ID. This function would be useful when migrating from the existing authorization sever to Authlete.
When a new client is created, Authlete generates a random numeric value and assigns it as a client ID to the newly created client. The client ID alias can be used as a value of the client_id request parameter of authorization requests and token requests. Also, it can be used as a client ID embedded in Authorization header in token requests.
When to use
This function would be useful when you migrate from the existing authorization server to Authete and keep using the existing client IDs in the new Authlete system.
How to use
Make this parameter Enabled in both a service and its clients.
How did we do with this article?