TSphinxClientApp Class
Holds information about a client application.
Remarks
A client application attempts to act on the user’s behalf or access the user’s resources. It will connect to the Sphinx sender to obtain permission, either directing the user to the authorization server, or by asserting permission directly with the authorization server without interaction by the user. The client application can be have any implementation: can be a mobile application, web, desktop, a headless server or any other type of implementation.
Syntax
Unit: Sphinx.Comp.ClientApp
TSphinxClientApp = class(TCollectionItem);Methods
| Name | Description |
|---|---|
| AddSha256Secret | Adds a secret to the client as an SHA-256 hash value. |
Properties
| Name | Description |
|---|---|
| ClientId | The unique identifier of the client. |
| DisplayName | The user-friendly name of the client, to be displayed in the UI when needed. |
| LogoUrl | Provides a URL to an image contaning the client logo. |
| LogoLinkUrl | Provides the URL to be followed when the end-user clicks the client logo in the UI. |
| TermsOfServiceUrl | Provides an URL pointing to an HTML page showing the terms of the service for this client. |
| SupportUrl | Provides an URL pointing to an HTML page showing information about how to get support for this client. |
| FaviconUrl | Provides the URL of the image to be used as favicon in the login app page. |
| RedirectUris | The list of valid redirect URIs accepted for the client. |
| DefaultRedirectUri | Provides the default redirect URI to be used in case the authorization request doesn't include one. |
| RequireClientSecret | Indicates client authentication using secret is required to provide tokens. |
| AllowedGrantTypes | Contains the OAuth 2 grant types allowed for this client. |
| RequirePkce | Indicates if PKCE (Proof Key for Code Exchange) will be required by this client when authorization code flow is used. |
| AllowPkcePlainMethod | Indicates if plain method (less secure) is allowed by the server when using PKCE. |
| ValidScopes | Holds a list of scopes this client is allowed to request and that can be granted to it. |
| DefaultScopeValues | Indicates the scope values to be allowed in the token in case the OAuth request doesn't provide one. |
| AuthorizationCodeLifetime | The amount of time an authorization code is valid, in seconds. |
| AccessTokenLifetime | The expiration time for the access token generated by the server, in seconds. |
| IdentityTokenLifetime | The expiration time for the identity token generated by the server, in seconds. |
| LoginTimeout | The amount of time the login UI session will remain valid, in seconds. |
| CustomParams | A list of custom parameters for the client, in format Name=Value. |
Events
| Name | Description |
|---|---|
| OnValidateSecret | Fires when a client secret is about to be validated. |