Configure an OIDC Client
Configures an OIDC Verifier Client on your tenant.
In order to verify a credential using an OpenID Connect Authorization Code Flow, you need to set up an OIDC Client application. This is the client that will engage with your configured OIDC Verifier to initiate the verification workflow. There is a list of OIDC Client apps, also known as Relying Party Libraries, on the OpenID website. Pick one which you feel comfortable with.
ℹ️ Note: When dealing with personal identity information it is strongly recommended to follow the Authorization Code Flow which ensures sensitive data is transmitted via the /token
endpoint back-channel.
Analytics Events
Roles
/ext/oidc/v1/verifiers/{id}/clients
In: header
Path Parameters
Verifier ID
uuid
The client payload
Insert a meaningful name for your OIDC Client.
This array can include a list of URLs. One of the URIs in that list must match the callback URI configured for your OIDC Client for the Authorization Request:
- Must be a valid URL.
- Must use the HTTPS protocol.
- Must not be an IP address.
- Must not include query parameters.
- For testing, it’s okay to add a localhost uri like https://localhost:9090/callback
Determines the authorization processing flow.
OAuth Grant Type.
OAuth Token Endpoint Authentication Method.
Algorithm must match configured jwks. Defaults to ES256
.
The logo to display above the QR code.
uri
Response Body
curl -X POST "https://example.vii.au01.mattr.global/ext/oidc/v1/verifiers/41458e5a-9092-40b7-9a26-d4eb43c5792f/clients" \ -H "Content-Type: application/json" \ -d '{ "name": "OIDC Client for the verifier", "redirectUris": [ "https://example.com/callback" ], "responseTypes": [ "code" ], "grantTypes": [ "authorization_code" ], "tokenEndpointAuthMethod": "client_secret_post", "idTokenSignedResponseAlg": "ES256", "applicationType": "web", "logoUri": "https://example.com/logo.png" }'
{
"id": "da9bb6e4-c9ae-4468-b6ac-72b90d6efd5d",
"secret": "H2epdcmNJ46hXJo5opdzvhbZK9W2ZGPkQh.E",
"name": "OIDC Client for the verifier",
"redirectUris": [
"https://example.com/callback"
],
"responseTypes": [
"code"
],
"grantTypes": [
"authorization_code"
],
"tokenEndpointAuthMethod": "client_secret_post",
"idTokenSignedResponseAlg": "ES256",
"applicationType": "web",
"logoUri": "https://example.com/logo.png"
}
{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}
How would you rate this page?