10_public:3rd_party_app_development

Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

Link zu dieser Vergleichsansicht

Beide Seiten der vorigen Revision Vorhergehende Überarbeitung
Nächste Überarbeitung 		Vorhergehende Überarbeitung
10_public:3rd_party_app_development [2018/08/07 09:51]
raffael.sahli [Single-Sign-on Button] 		10_public:3rd_party_app_development [2019/05/10 07:47] (aktuell)
raffael.sahli [OpenID Connect]
Zeile 1: Zeile 1:
 ===== Register your app ===== ===== Register your app =====
  
-First thing you're required to do is regsiter ​your app.+First thing you're required to do is register ​your app.
  
-Please write a mail to [[support@gselroth.com|]] with the following information:​+Please write a mail to [[support@gyselroth.com|]] with the following information:​
  
   - App name   - App name
   - App description   - App description
-  - App logo (OPTIONAL) +  - HTTPS-URL to App logo (OPTIONAL) 
-  - Protocol (Shibboleth or OpenID Connect) (Usually you want OpenID Connect here)+  - Protocol (OpenID Connect ​or Shibboleth) (Usually you want OpenID Connect here).
  
 ==== Shibboleth ==== ==== Shibboleth ====
  
-If you have choosen Shibboleth for nr. 4, wee need the following additional information:​+If you have choosen Shibboleth for nr. 4, we need the following additional information:​
  
   - URL to your SP (service provider) Metadata   - URL to your SP (service provider) Metadata
 +
  
 ==== OpenID Connect ==== ==== OpenID Connect ====
  
-If you have choosen OpenID Connect for nr. 4, wee need the following additional information:​+If you have choosen OpenID Connect for nr. 4, we need the following additional information:​
  
   - Client authentication method (Usually you want "​client_secret_post"​ here) (See [[http://​openid.net/​specs/​openid-connect-core-1_0.html#​ClientAuthentication|OpenID-Connect Specification part 9]])   - Client authentication method (Usually you want "​client_secret_post"​ here) (See [[http://​openid.net/​specs/​openid-connect-core-1_0.html#​ClientAuthentication|OpenID-Connect Specification part 9]])
   - App type (Android app, JavaScript app, desktop app, webserver app, …)   - App type (Android app, JavaScript app, desktop app, webserver app, …)
   - redirect_uri   - redirect_uri
 +
  
 ===== Resource server ===== ===== Resource server =====
Zeile 30: Zeile 32:
 ^Name^API Version^URL^Typ| ^Name^API Version^URL^Typ|
 |IN2|v1|[[https://​api.tam.ch|https://​api.tam.ch]]|JSON/​XML REST| |IN2|v1|[[https://​api.tam.ch|https://​api.tam.ch]]|JSON/​XML REST|
-|CloudFS|v1 / v2|[[https://​balloon.tam.ch/​api|https://​balloon.tam.ch/​api]]|JSON/​XML REST| +|balloon|v1 / v2|[[https://​balloon.tam.ch/​api|https://​balloon.tam.ch/​api]]|JSON/​XML REST|
- +
-\\ +
  
 ===== Shibboleth ===== ===== Shibboleth =====
Zeile 104: Zeile 103:
 |tam_uuid|truly unique user identifier|intranet| |tam_uuid|truly unique user identifier|intranet|
 |uid|username (only unique in each organization )|intranet| |uid|username (only unique in each organization )|intranet|
- 
-\\ 
- 
  
 ==== Authorization Code Flow ==== ==== Authorization Code Flow ====
Zeile 358: Zeile 354:
 </​code>​ </​code>​
  
-==== Revocation ​====+==== Revoke tokens ​====
  
 An endpoint for token revocation is available at [[https://​accounts.tam.ch/​revoke|https://​accounts.tam.ch/​revoke]] (See discovery). The revocation endpoint can be queried with an access_token or a refresh_token to revoke this token. An endpoint for token revocation is available at [[https://​accounts.tam.ch/​revoke|https://​accounts.tam.ch/​revoke]] (See discovery). The revocation endpoint can be queried with an access_token or a refresh_token to revoke this token.
Zeile 380: Zeile 376:
  
 {{:​10_public:​button_aai_login.png}} {{:​10_public:​button_aai_login.png}}
 +
 +\\
  
  
  • 10_public/3rd_party_app_development.1533635514.txt.gz
  • Zuletzt geändert: 2018/08/07 09:51
  • von raffael.sahli