Authorization Server Client API
The Authorization Server exposes a number of endpoints to register, update, and delete clients of the Telicent CORE platform. Clients are applications which have a need to access Telicent CORE and its data.
There are API methods to perform the following tasks:
- Register a new client
- Delete a client
- Get a client by ID
- Get all clients
- Update a client
To access any of these API methods you must have the ADMIN_SYSTEM role.
The following table lists the specific permissions required to use the API methods:
| API method | Endpoint | Required permission |
|---|---|---|
| Register a new client | POST /clients | client.write |
| Delete a client | DELETE /clients/{clientId} | client.write |
| Get a client by ID | GET /clients/{clientId} | client.read |
| Get all clients | GET /clients | client.read |
| Update a client | PUT /clients/{clientId} | client.write |
Further information on the roles and permissions can be found on the Roles and Permissions page.
The remainder of this page provides further information on the API methods, including example JSON requests and responses (including error codes).
Important note on logout
postLogoutRedirectUris define where the user is redirected after Auth Server logout. They do not instruct the external Identity Provider (IdP) to end its own session. If the IdP session is still valid, a subsequent login can be completed automatically.
Register a new client
To access this endpoint you must have client.write permission.
POST /clients
Request body example:
{ "clientId": "demo-client-1", "clientName": "Demo Client", "authorizationGrantTypes": [ "client_credentials", "refresh_token" ], "scopes": [ "read", "write" ], "redirectUris": [ "https://app.example.com/callback" ], "postLogoutRedirectUris": [ "https://app.example.com/logout" ], "clientSettings": [ { "key": "settings.require-proof-key", "value": "false" }, { "key": "settings.require-authorization-consent", "value": "false" } ], "tokenSettings": [ { "key": "settings.access-token-time-to-live", "value": "PT30M" }, { "key": "settings.refresh-token-time-to-live", "value": "P7D" } ] }
Responses:
Status: 200 - client added and returned
Status: 403 - insufficient permissions to add client
Delete a client
To access this endpoint you must have client.write permission.
DELETE /clients/{clientId}
Responses:
Status: 204 - client deleted
Status: 403 - insufficient permissions to delete client
Status: 404 - client not found
Get client by ID
To access this endpoint you must have client.read permission.
GET /clients/{clientId}
Responses:
Status: 200 - client details returned
Response body example:
{ "clientId": "demo-client-1", "clientName": "Demo Client", "authorizationGrantTypes": [ "client_credentials", "refresh_token" ], "scopes": [ "read", "write" ], "clientIdIssuedAt": "2025-11-25T16:42:36.259102Z", "id": "26dd21f1-1c1a-4912-be0e-f54e842d6326", "clientSecretExpiresAt": null, "redirectUris": [ "https://app.example.com/callback" ], "postLogoutRedirectUris": [ "https://app.example.com/logout" ], "clientSettings": [ { "key": "settings.client.require-authorization-consent", "value": "false" } ], "tokenSettings": [ { "key": "settings.access-token-time-to-live", "value": "PT30M" } ] }
Status: 404 - client not found
Get all clients
To access this endpoint you must have client.read permission.
GET /clients
Responses:
Status: 200 - clients returned
This endpoint does not provide the same level of detail for clients as the Get client by ID endpoint.
Response body example:
{ "clients": [ { "clientId": "demo-client-1", "clientName": "Demo Client", "authorizationGrantTypes": [ "client_credentials", "refresh_token" ], "scopes": [ "read", "write" ], "clientIdIssuedAt": "2025-11-25T16:42:36.259102Z", "id": "26dd21f1-1c1a-4912-be0e-f54e842d6326" } ], "count": 1 }
Update a client
To access this endpoint you must have client.write permission.
PUT /clients/{clientId}
Request body example:
{ "clientId": "demo-client-1", "clientName": "Demo Client", "authorizationGrantTypes": [ "client_credentials", "refresh_token" ], "scopes": [ "read", "write" ], "clientIdIssuedAt": "2025-11-25T16:42:36.259102Z", "id": "26dd21f1-1c1a-4912-be0e-f54e842d6326", "clientSecretExpiresAt": null, "redirectUris": [ "https://app.example.com/callback" ], "postLogoutRedirectUris": [ "https://app.example.com/logout" ], "clientSettings": [ { "key": "settings.client.require-authorization-consent", "value": "true" } ], "tokenSettings": [ { "key": "settings.access-token-time-to-live", "value": "PT30M" } ] }Responses:
Status: 200 - client updated and returned
Response body example:
{ "clientId": "demo-client-1", "clientName": "Demo Client", "authorizationGrantTypes": [ "client_credentials", "refresh_token" ], "scopes": [ "read", "write" ], "clientIdIssuedAt": "2025-11-25T16:42:36.259102Z", "id": "26dd21f1-1c1a-4912-be0e-f54e842d6326", "clientSecretExpiresAt": null, "redirectUris": [ "https://app.example.com/callback" ], "postLogoutRedirectUris": [ "https://app.example.com/logout" ], "clientSettings": [ { "key": "settings.client.require-authorization-consent", "value": "true" } ], "tokenSettings": [ { "key": "settings.access-token-time-to-live", "value": "PT30M" } ] }
Status: 403 - insufficient permissions to update client
Status: 404 - client not found