IBM Tivoli Federated Identity Manager, Version 6.2.2.7

OAuth 1.0 and OAuth 2.0 template pages for trusted clients management

Tivoli® Federated Identity Manager provides an HTML page template which resource owners can use to show and manage trusted clients information for OAuth 1.0 and OAuth 2.0 federations.

There are different trusted clients management template pages for each OAuth protocol. These pages look the same, and use the same replacement macros. The template pages for OAuth 1.0 and OAuth 2.0 are both named as clients_manager.html.

The resource owner establishes the OAuth clients through the user_consent.html page during authorization requests.

The templates have the following replacement macros:

@USERNAME@: This macro is replaced with the Tivoli Federated Identity Manager user name.

@OAUTH_CLIENT_COMPANY_NAME@: A multi-valued macro that belongs inside a [RPT trustedClients] repeatable replacement list. The values are replaced with the name of the company that requests access to the protected resource.

@PERMITTED_SCOPES@: A multi-valued macro that belongs inside a [RPT trustedClients] repeatable replacement list. The values are replaced with the token scopes to which the OAuth client has access.

@DENIED_SCOPES@: A multi-valued macro that belongs inside a [RPT trustedClients] repeatable replacement list. The values are replaced with the token scopes to which the OAuth client does not have access.

@OAUTH_CUSTOM_MACRO@: A multi-valued macro that belongs inside a [RPT trustedClients] repeatable replacement list. The values are replaced with trusted client information that contains additional information about an authorized OAuth client.

@OAUTH_CLIENTMANAGERURL@: A multi-valued macro that belongs inside a [RPT trustedClients] repeatable replacement list. The values are replaced with the endpoint of the trusted clients manager.

@UNIQUE_ID@: A multi-valued macro that belongs inside a [RPT trustedClients] repeatable replacement list. The values are replaced with a unique identifier that identifies the trusted clients information for each entry in the list.

Figure 1. Template for clients_manager.html

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html>
	<head>
		<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
		<title>OAuth Client Manager</title>
	</head>
	<body>
		Username: <b>@USERNAME@</b>
		<p />
		Trusted Clients<br />
		<table border="1">
				<tr><td>Client</td><td>Permitted Scopes</td><td>Denied Scopes</td>
									<td>Additional Information</td><td>Action</td></tr>
<!-- START NON-TRANSLATABLE -->
			[RPT trustedClients]
<!-- END NON-TRANSLATABLE -->
				<tr>
						<td>@OAUTH_CLIENT_COMPANY_NAME@</td>
						<td>@PERMITTED_SCOPES@</td>
						<td>@DENIED_SCOPES@</td>
						<td>@OAUTH_CUSTOM_MACRO@</td>
						<td><a href="@OAUTH_CLIENTMANAGERURL@?action=remove&id=
										@UNIQUE_ID@">Remove</a></td>
				</tr>
<!-- START NON-TRANSLATABLE -->
			[ERPT trustedClients]
<!-- END NON-TRANSLATABLE -->
		</table>
	</body>
</html>

Feedback