TSphinxClientApp Class
Holds information about a client application.
Remarks
A client application attempts to act on the user's behalf or access the user's resources. It will connect to the Sphinx sender to obtain permission, either directing the user to the authorization server, or by asserting permission directly with the authorization server without interaction by the user. The client application can be have any implementation: can be a mobile application, web, desktop, a headless server or any other type of implementation.
Syntax
Unit: Sphinx.Comp.ClientApp
TSphinxClientApp = class(TCollectionItem);Methods
| Name | Description |
|---|---|
| AddSha256Secret | Adds a secret to the client as an SHA-256 hash value. |
Properties
| Name | Description |
|---|---|
| AccessTokenLifetime | The expiration time for the access token generated by the server, in seconds. |
| AllowedGrantTypes | Contains the OAuth 2 grant types allowed for this client. |
| AllowPkcePlainMethod | Indicates if plain method (less secure) is allowed by the server when using PKCE. |
| AuthorizationCodeLifetime | The amount of time an authorization code is valid, in seconds. |
| ClientAppUrl | Provides the URL of the client application for users to return to. |
| ClientId | The unique identifier of the client. |
| CustomParams | A list of custom parameters for the client, in format Name=Value. |
| DefaultRedirectUri | Provides the default redirect URI to be used in case the authorization request doesn't include one. |
| DefaultScopeValues | Indicates the scope values to be allowed in the token in case the OAuth request doesn't provide one. |
| DisplayName | The user-friendly name of the client, to be displayed in the UI when needed. |
| FaviconUrl | Provides the URL of the image to be used as favicon in the login app page. |
| IdentityTokenLifetime | The expiration time for the identity token generated by the server, in seconds. |
| LoginAbsoluteTimeout | The absolute maximum lifetime for the login transaction, in seconds. |
| LoginTimeout | The idle timeout for the login transaction, in seconds. |
| LogoLinkUrl | Provides the URL to be followed when the end-user clicks the client logo in the UI. |
| LogoUrl | Provides a URL to an image contaning the client logo. |
| RedirectUris | The list of valid redirect URIs accepted for the client. |
| RefreshTokenLifetime | The expiration time for the refresh token generated by the server, in seconds. |
| RequireClientSecret | Indicates client authentication using secret is required to provide tokens. |
| RequirePkce | Indicates if PKCE (Proof Key for Code Exchange) will be required by this client when authorization code flow is used. |
| SupportUrl | Provides an URL pointing to an HTML page showing information about how to get support for this client. |
| TermsOfServiceUrl | Provides an URL pointing to an HTML page showing the terms of the service for this client. |
| ValidScopes | Holds a list of scopes this client is allowed to request and that can be granted to it. |
Events
| Name | Description |
|---|---|
| OnValidateSecret | Fires when a client secret is about to be validated. |