Microsoft.ApiManagement service/authorizationServers 2019-12-01

Article
10/28/2021
3 minutes to read

The service/authorizationServers resource type can be deployed to: Resource groups.

To learn about resource group deployments, see Bicep or ARM template.

Template format

To create a Microsoft.ApiManagement/service/authorizationServers resource, add the following Bicep or JSON to your template.

Bicep
JSON

resource symbolicname 'Microsoft.ApiManagement/service/authorizationServers@2019-12-01' = {
  name: 'string'
  parent: parentSymbolicName
  properties: {
    authorizationEndpoint: 'string'
    authorizationMethods: [ 'string' ]
    bearerTokenSendingMethods: [ 'string' ]
    clientAuthenticationMethod: [ 'string' ]
    clientId: 'string'
    clientRegistrationEndpoint: 'string'
    clientSecret: 'string'
    defaultScope: 'string'
    description: 'string'
    displayName: 'string'
    grantTypes: [ 'string' ]
    resourceOwnerPassword: 'string'
    resourceOwnerUsername: 'string'
    supportState: bool
    tokenBodyParameters: [
      {
        name: 'string'
        value: 'string'
      }
    ]
    tokenEndpoint: 'string'
  }
}

{
  "type": "Microsoft.ApiManagement/service/authorizationServers",
  "apiVersion": "2019-12-01",
  "name": "string",
  "properties": {
    "authorizationEndpoint": "string",
    "authorizationMethods": [ "string" ],
    "bearerTokenSendingMethods": [ "string" ],
    "clientAuthenticationMethod": [ "string" ],
    "clientId": "string",
    "clientRegistrationEndpoint": "string",
    "clientSecret": "string",
    "defaultScope": "string",
    "description": "string",
    "displayName": "string",
    "grantTypes": [ "string" ],
    "resourceOwnerPassword": "string",
    "resourceOwnerUsername": "string",
    "supportState": "bool",
    "tokenBodyParameters": [
      {
        "name": "string",
        "value": "string"
      }
    ],
    "tokenEndpoint": "string"
  }
}

Property values

service/authorizationServers

Name	Description	Value
type	The resource type For Bicep, set this value in the resource declaration.	'Microsoft.ApiManagement/service/authorizationServers'
apiVersion	The resource api version For Bicep, set this value in the resource declaration.	'2019-12-01'
name	The resource name See how to set names and types for child resources in Bicep or JSON ARM templates.	string (required)
parent	In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource. For more information, see Child resource outside parent resource.	parentSymbolicName
properties	External OAuth authorization server settings Properties.	AuthorizationServerContractProperties

AuthorizationServerContractProperties

Name	Description	Value
authorizationEndpoint	OAuth authorization endpoint. See http://tools.ietf.org/html/rfc6749#section-3.2.	string (required)
authorizationMethods	HTTP verbs supported by the authorization endpoint. GET must be always present. POST is optional.	String array containing any of: 'DELETE' 'GET' 'HEAD' 'OPTIONS' 'PATCH' 'POST' 'PUT' 'TRACE'
bearerTokenSendingMethods	Specifies the mechanism by which access token is passed to the API.	String array containing any of: 'authorizationHeader' 'query'
clientAuthenticationMethod	Method of authentication supported by the token endpoint of this authorization server. Possible values are Basic and/or Body. When Body is specified, client credentials and other parameters are passed within the request body in the application/x-www-form-urlencoded format.	String array containing any of: 'Basic' 'Body'
clientId	Client or app id registered with this authorization server.	string (required)
clientRegistrationEndpoint	Optional reference to a page where client or app registration for this authorization server is performed. Contains absolute URL to entity being referenced.	string (required)
clientSecret	Client or app secret registered with this authorization server. This property will not be filled on 'GET' operations! Use '/listSecrets' POST request to get the value.	string
defaultScope	Access token scope that is going to be requested by default. Can be overridden at the API level. Should be provided in the form of a string containing space-delimited values.	string
description	Description of the authorization server. Can contain HTML formatting tags.	string
displayName	User-friendly authorization server name.	string (required)
grantTypes	Form of an authorization grant, which the client uses to request the access token.	String array containing any of: 'authorizationCode' 'clientCredentials' 'implicit' 'resourceOwnerPassword'
resourceOwnerPassword	Can be optionally specified when resource owner password grant type is supported by this authorization server. Default resource owner password.	string
resourceOwnerUsername	Can be optionally specified when resource owner password grant type is supported by this authorization server. Default resource owner username.	string
supportState	If true, authorization server will include state parameter from the authorization request to its response. Client may use state parameter to raise protocol security.	bool
tokenBodyParameters	Additional parameters required by the token endpoint of this authorization server represented as an array of JSON objects with name and value string properties, i.e. {"name" : "name value", "value": "a value"}.	TokenBodyParameterContract[]
tokenEndpoint	OAuth token endpoint. Contains absolute URI to entity being referenced.	string

TokenBodyParameterContract

Name	Description	Value
name	body parameter name.	string (required)
value	body parameter value.	string (required)