Class Credentials

Get the details of a client credential.

Important: To enable credentials to be used for a client authentication method, set the client_authentication_methods property on the client. To enable credentials to be used for JWT-Secured Authorization requests set the signed_request_object property on the client.

await client.clients.credentials.list("client_id")
Copy

Create a client credential associated to your application. Credentials can be used to configure Private Key JWT and mTLS authentication methods, as well as for JWT-secured Authorization requests.

Public Key

Public Key credentials can be used to set up Private Key JWT client authentication and JWT-secured Authorization requests.

Sample:

{
"credential_type": "public_key",
"name": "string",
"pem": "string",
"alg": "RS256",
"parse_expiry_from_cert": false,
"expires_at": "2022-12-31T23:59:59Z"
}

Certificate (CA-signed & self-signed)

Certificate credentials can be used to set up mTLS client authentication. CA-signed certificates can be configured either with a signed certificate or with just the certificate Subject DN.

CA-signed Certificate Sample (pem):

{
"credential_type": "x509_cert",
"name": "string",
"pem": "string"
}

CA-signed Certificate Sample (subject_dn):

{
"credential_type": "cert_subject_dn",
"name": "string",
"subject_dn": "string"
}

Self-signed Certificate Sample:

{
"credential_type": "cert_subject_dn",
"name": "string",
"pem": "string"
}

The credential will be created but not yet enabled for use until you set the corresponding properties in the client:

• To enable the credential for Private Key JWT or mTLS authentication methods, set the client_authentication_methods property on the client. For more information, read Configure Private Key JWT Authentication and Configure mTLS Authentication
• To enable the credential for JWT-secured Authorization requests, set the signed_request_objectproperty on the client. For more information, read Configure JWT-secured Authorization Requests (JAR)

await client.clients.credentials.create("client_id", {
        credential_type: "public_key"
    })
Copy

Get the details of a client credential.

Important: To enable credentials to be used for a client authentication method, set the client_authentication_methods property on the client. To enable credentials to be used for JWT-Secured Authorization requests set the signed_request_object property on the client.

await client.clients.credentials.get("client_id", "credential_id")
Copy

Delete a client credential you previously created. May be enabled or disabled. For more information, read Client Credential Flow.

await client.clients.credentials.delete("client_id", "credential_id")
Copy

Change a client credential you previously created. May be enabled or disabled. For more information, read Client Credential Flow.

await client.clients.credentials.update("client_id", "credential_id")
Copy