PingAM

Dynamic client registration scripting API

The following bindings are available to dynamic client registration scripts.

The dynamic client registration script is a next-generation script and, therefore, has access to all the next-generation common bindings in addition to those described here.
Binding Description

requestProperties

A map of the properties in the request. Always present.

The keys in the map are as follows:

  • requestUri: The URI of the request.

  • realm: The realm where the request was made.

  • requestParams: The request parameters and posted data where each value is a list of one or more properties.

  • requestHeaders: A map of the request headers. Header names are case-sensitive.

  • requestBody: A map representing the body of the request.

    To mitigate the risk of reflection-type attacks, use OWASP best practices when handling these properties. Find an example in Unsafe use of Reflection.

operation

The dynamic client registration request operation as a String. Possible values: CREATE, UPDATE, and DELETE.

clientIdentity

The ScriptedClient that represents the created or updated client.

Use methods such as isAIAgent, setRedirectURIs, and setScope to check or modify the client profile.

Example 
if (clientIdentity != null) {
  clientIdentity.setRedirectURIs(["http://www.example.com/redirect"]);
  clientIdentity.setGrantTypes(["client_credentials", "device_code"]);
  clientIdentity.setClientType("Public");
  clientIdentity.setAuthorizationCodeLifeTime(6000);
  clientIdentity.setClientUri(["http://www.example.com/client"]);
  clientIdentity.setDisplayName(["Test"]);
  clientIdentity.setDefaultScopes(["scope_a", "scope_b"]);
  clientIdentity.setClientDescription(["Test"]);
  clientIdentity.setLogoUri(["http://www.example.com/logo"]);
  clientIdentity.setPolicyUri(["http://www.example.com/policy"]);
  clientIdentity.setTosUri(["http://www.example.com/tos"]);

  if (clientIdentity.isAIAgent()) {
    clientIdentity.setClientName(["Test AI Agent"]);
  } else {
    clientIdentity.setClientName(["Test OAuth2 Client"]);
  }
  clientIdentity.store();
}
This binding is null if the operation is DELETE.

softwareStatement

A map representing the decoded JWT of the software statement from the request, including the issuer and required claims.

This is an empty map if no software statement is provided.