Microsoft.ApiManagement service/authorizationServers 2019-12-01
Template format
To create a Microsoft.ApiManagement/service/authorizationServers resource, add the following JSON to the resources section of your template.
{
"name": "string",
"type": "Microsoft.ApiManagement/service/authorizationServers",
"apiVersion": "2019-12-01",
"properties": {
"description": "string",
"authorizationMethods": [
"string"
],
"clientAuthenticationMethod": [
"string"
],
"tokenBodyParameters": [
{
"name": "string",
"value": "string"
}
],
"tokenEndpoint": "string",
"supportState": "boolean",
"defaultScope": "string",
"bearerTokenSendingMethods": [
"string"
],
"resourceOwnerUsername": "string",
"resourceOwnerPassword": "string",
"displayName": "string",
"clientRegistrationEndpoint": "string",
"authorizationEndpoint": "string",
"grantTypes": [
"string"
],
"clientId": "string",
"clientSecret": "string"
}
}
Property values
The following tables describe the values you need to set in the schema.
Microsoft.ApiManagement/service/authorizationServers object
| Name | Type | Required | Value |
|---|---|---|---|
| name | string | Yes | Identifier of the authorization server. |
| type | enum | Yes | authorizationServers -or- Microsoft.ApiManagement/service/authorizationServers See Set name and type for child resources. |
| apiVersion | enum | Yes | 2019-12-01 |
| properties | object | Yes | Properties of the External OAuth authorization server Contract. - AuthorizationServerContractProperties object |
AuthorizationServerContractProperties object
| Name | Type | Required | Value |
|---|---|---|---|
| description | string | No | Description of the authorization server. Can contain HTML formatting tags. |
| authorizationMethods | array | No | HTTP verbs supported by the authorization endpoint. GET must be always present. POST is optional. - HEAD, OPTIONS, TRACE, GET, POST, PUT, PATCH, DELETE |
| clientAuthenticationMethod | array | No | Method of authentication supported by the token endpoint of this authorization server. Possible values are Basic and/or Body. When Body is specified, client credentials and other parameters are passed within the request body in the application/x-www-form-urlencoded format. - Basic or Body |
| tokenBodyParameters | array | No | Additional parameters required by the token endpoint of this authorization server represented as an array of JSON objects with name and value string properties, i.e. {"name" : "name value", "value": "a value"}. - TokenBodyParameterContract object |
| tokenEndpoint | string | No | OAuth token endpoint. Contains absolute URI to entity being referenced. |
| supportState | boolean | No | If true, authorization server will include state parameter from the authorization request to its response. Client may use state parameter to raise protocol security. |
| defaultScope | string | No | Access token scope that is going to be requested by default. Can be overridden at the API level. Should be provided in the form of a string containing space-delimited values. |
| bearerTokenSendingMethods | array | No | Specifies the mechanism by which access token is passed to the API. - authorizationHeader or query |
| resourceOwnerUsername | string | No | Can be optionally specified when resource owner password grant type is supported by this authorization server. Default resource owner username. |
| resourceOwnerPassword | string | No | Can be optionally specified when resource owner password grant type is supported by this authorization server. Default resource owner password. |
| displayName | string | Yes | User-friendly authorization server name. |
| clientRegistrationEndpoint | string | Yes | Optional reference to a page where client or app registration for this authorization server is performed. Contains absolute URL to entity being referenced. |
| authorizationEndpoint | string | Yes | OAuth authorization endpoint. See http://tools.ietf.org/html/rfc6749#section-3.2. |
| grantTypes | array | Yes | Form of an authorization grant, which the client uses to request the access token. - authorizationCode, implicit, resourceOwnerPassword, clientCredentials |
| clientId | string | Yes | Client or app id registered with this authorization server. |
| clientSecret | string | No | Client or app secret registered with this authorization server. This property will not be filled on 'GET' operations! Use '/listSecrets' POST request to get the value. |
TokenBodyParameterContract object
| Name | Type | Required | Value |
|---|---|---|---|
| name | string | Yes | body parameter name. |
| value | string | Yes | body parameter value. |