API Resources Configuration

Configuration Parameters

• Name - The unique name of the API. This value is used for authentication with introspection and will be added to the audience of the outgoing access token.

• Display Name - This value can be used e.g. on the consent screen.

• Description - This value can be used e.g. on the consent screen.

• Show In Discovery Document - Specifies whether this scope is shown in the discovery document. Defaults to true.

• Enabled - Indicates if this resource is enabled and can be requested. Defaults to true.

• Allowed Access Token Signing Algorithms - List of allowed signing algorithms for an access token. If empty, will use the server default signing algorithm.

• User Claims - List of associated user claim types that should be included in the access token.

• Scopes - An API must have at least one scope. Each scope can have different settings.

• Secrets - The API secret is used for the introspection endpoint. The API can authenticate with introspection using the API name and secret.

• Secret Type - Some string that gives the secret validator a hint what type of secret to expect (e.g. "SharedSecret" or "X509CertificateThumbprint").

• Secret Value -The value of the secret. This is being interpreted by the secret validator (e.g. a "password"-like share secret or something else that identifies a credential).

• Hash Type - Hashing Algorithm Type. HashType will be applicable only for the SharedSecret type.

• Expiration - A point in time, where this secret will expire.

• Description - The description of the secret - useful for attaching some extra information to the secret.

• Properties - Dictionary to hold any custom API resource-specific values as needed

  • Key - Key

  • Value - Value