Gigya Job Openings

fidm.oidc.op.setConfig REST

Skip to end of metadata
Go to start of metadata

The Gigya OpenID Connect service is part of our Federated Identity Management Services, which are premium services that require separate activation. If it is not yet a part of your existing site package, please contact support by submitting a ticket through your Console Support Portal or sending an email to support@gigya.com.

Description

This API initiates the OP  functionality for your site. The configuration of the OP is relevant to all of the site's RPs .

Request URL


Where <Data_Center> is:
  • us1.gigya.com - For the US data center.
  • eu1.gigya.com - For the European data center.
  • au1.gigya.com - For the Australian data center.
  • ru1.gigya.com - For the Russian data center.
  • cn1.gigya-api.cn - For the Chinese data center.

If you are not sure of your site's data center, see Finding Your Data Center.

This API requires HTTPS.

Parameters

RequiredNameTypeDescription
proxyPagestring

URL hosted by the partner which contains the gigya.oidc.js script and is responsible for managing the state of user authentication.

This parameter is not required when calling this API, however, a valid proxyPage is required for OIDC to function and must be set for an active OP.

customClaimsComplex JSON

To support custom OIDC claims for your OP, create them using this property.

A JSON object that includes additional objects of arrays, in the following format:

{
    "myClaimName1" : {
        "fieldName" : "path.to.account.field1" /* profile.firstName */
    },
    "myClaimName2" : { 
        "fieldName" : "path.to.account.field2"  /* data.my.customArray:[*] */
    },
    "myClaimName3" : { 
        "fieldName" : "path.to.account.field3"  
    }
}
// "fieldName" is constant and must always be passed as "fieldName"
customScopesComplex JSON

To support custom OIDC scopes for your OP, create them using this property. These scopes can contain any of the current Gigya supported claims, i.e., profile, email, or any custom claims created using the above claims property.

A JSON object that includes additional objects of arrays, in the following format:

{
    "myScopeName1" : { "claims" : ["myClaimName1", "myClaimName2"]  },
    "myScopeName2" : { "claims" : ["myClaimName3", "myClaimName2"]  },
    "myScopeName3" : { "claims" : [ ]  }
}
// "claims" is constant and must always be passed as "claims"
issuerstring

Sets the iss field of the id_tokens returned from your OP. For format specifications, see https://openid.net/specs/openid-connect-core-1_0.html#IDToken

If not set, then the Site name for your site as defined in the Gigya console will be used.

 

Authorization Parameters

Each REST API request must contain identification and authorization parameters.

Some REST APIs may function without these authorization parameters, however, when that occurs, these calls are treated as client-side calls and all client-side rate limits will apply. In order to not reach client-side rate limits that may impact your implementation when using server-to-server REST calls, it is Recommended Best Practice to always sign the request or use a secret. A non-exhaustive list of REST APIs that this may apply to are as follows:

  • accounts.login
  • socialize.login
  • accounts.notifyLogin
  • socialize.notifyLogin
  • accounts.finalizeRegistration
  • accounts.linkAccounts

Please refer to the Authorization Parameters section for details. 

Sample Requests

 

Response Data

FieldTypeDescription
 
errorCode integer The result code of the operation. Code '0' indicates success, any other number indicates failure. For a complete list of error codes, see the Error Codes table.
errorMessage string A short textual description of an error, associated with the errorCode, for logging purposes. This field will appear in the response only in case of an error.
errorDetails string This field will appear in the response only in case of an error and will contain the exception info, if available.
fullEventName string The full name of the event that triggered the response. This is an internally used parameter that is not always returned and should not be relied upon by your implementation.
callId string Unique identifier of the transaction, for debugging purposes.
time string The time of the response represented in ISO 8601 format, i.e., yyyy-mm-dd-Thh:MM:ss.SSSZ or
statusCode integer The HTTP response code of the operation. Code '200' indicates success.
This property is deprecated and only returned for backward compatibility.
statusReason string A brief explanation of the status code.
This property is deprecated and only returned for backward compatibility.

 

A field that does not contain data will not appear in the response.

Response Example

{
    "statusCode": 200,
    "errorCode": 0,
    "statusReason": "OK",
    "callId": "3353d2fbac894289977c102298df60d1",
    "time": "2015-03-22T11:42:25.943Z"
}

 

 

 

 

  • No labels