sec.oauthServer

sec.oauthServer(
   oauth-vendor as String,
   oauth-server-uri as String,
   oauth-authorization-server-uri as String,
   oauth-token-server-uri as String,
   oauth-introspection-server-uri as String,
   oauth-flow-type as String,
   oauth-scope as String,
   oauth-client-authentication-method as String,
   oauth-client-id as String,
   oauth-client-secret as String,
   oauth-redirect-uri as String,
   oauth-token-type as String,
   oauth-username-attribute as String,
   oauth-role-attribute as String,
   oauth-privilege-attribute as String
) as element(sec.oauthServer)

Summary

This function configures an OAuth server for use by the sec:create-external-security function.

Parameters
oauth-vendor	The vendor for the OAuth server ("Ping Identity" or "Other").
oauth-server-uri	Server URI for the identity server (must use HTTPS).
oauth-authorization-server-uri	Authorization server URI endpoint (must use HTTPS).
oauth-token-server-uri	Token server URI endpoint (must use HTTPS).
oauth-introspection-server-uri	Introspection server URI endpoint (must use HTTPS).
oauth-flow-type	Flow type for the OAuth server ("Authorization code" or "Client credentials").
oauth-scope	Scopes for the OAuth server.
oauth-client-authentication-method	Client authentication method for the OAuth server (only "Client secret" currently).
oauth-client-id	Client for the OAuth server.
oauth-client-secret	Client secret for the OAuth server.
oauth-redirect-uri	Redirect URI for the OAuth server (must use HTTPS and only used when "Authorization code" flow is used).
oauth-token-type	Token type for the OAuth server (must be "Internally managed reference tokens" currently).
oauth-username-attribute	Username attributes for the OAuth server.
oauth-role-attribute	Role attributes for the OAuth server.
oauth-privilege-attribute	Privilege attributes for the OAuth server.

Usage Notes

This function must be executed against the security database.

Example



// execute this against the security database

const sec = require('/MarkLogic/security');

sec.oauthServer("Ping Identity", 
                "https://dc1.mltest1.local:9031", 
                "https://dc1.mltest1.local:9031/as/authorization.oauth2", 
                "https://dc1.mltest1.local:9031/as/token.oauth2", 
                "https://dc1.mltest1.local:9031/as/introspection.oauth2", 
                "Authorization code", 
                "test", 
                "Client secret", 
                "cluster", 
                "Insert client secret***", 
                "https://macpro-3912.marklogic.com:8008/test.xqy", 
                "Internally managed reference tokens", 
                "username", 
                "roles", 
                "privileges");

Stack Overflow: Get the most useful answers to questions from the MarkLogic community, or ask your own question.

MarkLogic

Semaphore

OpenEdge

DataDirect

Sitefinity

Telerik

Kendo UI

Corticon

DataDirect

MOVEit

Chef

Flowmon

Kemp LoadMaster

WhatsUp Gold