Skip to content
This repository has been archived by the owner on Feb 25, 2019. It is now read-only.

Client Registration Settings

Jump to bottom
Christian Smith edited this page May 6, 2014 · 1 revision

Anvil Connect can be configured for three types of client registration: dynamic, token, or scoped, each being more restrictive than the previous option. The default client_registration type is scoped.

Dynamic Client Registration

With client_registration set to dynamic, any party can register a client with the authorization server.

Optionally, a bearer token may be provided in the authorization header per RFC6750. If a valid access token is presented with a registration request, the client will be associated with the user represented by that token.

A trusted client may be registered, however, an access token must be presented and the token must have sufficient scope to register trusted clients. The scope required to register a trusted client defaults to realm. This value can be configured with the trusted_registration_scope setting.

// config.NODE_ENV.json
{
  // ...
  "client_registration": "dynamic",
  "trusted_registration_scope": "register"
  // ...
}

The following table indicates expected responses to Dynamic Client Registration requests.

trusted w/token w/scope response
201
x 403
x 201
x x 403
x x x 201
x x 201

Token-restricted Registration

Client registration can be restricted so that a valid user access token is required by setting client_registration to token. In this case, any request without a token will fail. As with Dynamic Client Registration, in order to register a trusted client, the access token must have sufficient scope.

// config.NODE_ENV.json
{
  // ...
  "client_registration": "token",
  "trusted_registration_scope": "realm"
  // ...
}
trusted w/token w/scope response
403
x 403
x 201
x x 403
x x x 201
x x 201

Scoped Registration

Third party registration can be restricted altogether with the scoped client_registration setting. In this case, all registration requires a prescribed registration_scope.

// config.NODE_ENV.json
{
  // ...
  "client_registration": "scoped",
  "registration_scope": "realm"
  // ...
}
trusted w/token w/scope response
403
x 403
x 403
x x 403
x x x 201
x x 201

Weekly Hangout and Meeting Notes

Documentation

References

Clone this wiki locally