Knox OAuth2 Authentication 24.04 release notes

Ability to update settings of OAuth2 client applications

Knox OAuth2 Client Management API v1.3.0 provides a new PATCH oauth2/clients/{clientId} operation to modify the information of a registered OAuth2 client application. This operation contains various parameters, which you can use to update the details such as client name, description, authentication methods, authorization grant types, redirection endpoints, scopes, expiration times, and consent metadata.

Ability to delete OAuth2 client applications

Knox OAuth2 Client Management API v1.3.0 provides a new DELETE /oauth2/clients/{clientId} operation for removal of OAuth2 client application registered with your organization in Knox Authorization Server. This operation revokes all associated tokens issued to the client, ensuring that the deleted client can no longer access resources on behalf of resource owners.

Support to update expiration time of OAuth2 tokens

Knox OAuth2 Client Management API v1.3.0 provides a new PUT /oauth2/clients/{clientId}/expirationTimes operation for managing the expiration times of OAuth2 tokens associated with registered OAuth2 client applications. You can specify the client application by its client ID, and update the corresponding expiration times for authorization code, access token, and refresh token.

New query parameter to search for OAuth2 client applications

With Knox OAuth2 Client Management API v1.3.0, you can use the new search query parameter in GET /oauth2/clients operation to search for specific registered OAuth2 client applications using their client identifiers, application names, or the email addresses of the application creators.

This search parameter enables you to conduct a partial match on the client name by specifying only a few characters, or an exact match on the client ID or creator’s email by specifying their complete values.

Ability to provide description for OAuth2 client applications

With Knox OAuth2 Client Management API v1.3.0, when you register a new OAuth2 client application with Knox Authorization Server, you can now include a brief summary about the client application. You can do this using the new description parameter in the request body of POST /oauth2/clients operation.

You can retrieve the details of the description associated with registered client application by specifying its client ID in GET /oauth2/clients/{clientId} operation.

Support for setting expiration times for OAuth2 tokens

With Knox OAuth2 Client Management API v1.3.0, when you register a new OAuth2 client application with Knox Authorization Server, you can now configure the expiration times of its OAuth2 tokens.

To do this, use the new expirationTimes parameter of type object in the request body of POST /oauth2/clients operation. This parameter contains authorizationCodeExpiration, accessTokenExpiration, and refreshTokenExpiration parameters, which you can use to set the expiration times of authorization code, access token, and refresh token respectively.

You can retrieve the details of expiration times of OAuth2 tokens associated with registered client application by specifying its client ID in GET /oauth2/clients/{clientId} operation.

Support to configure custom information for your organization

With Knox OAuth2 Client Management API v1.3.0, when you register a new OAuth2 client application with Knox Authorization Server, you can configure the custom information displayed to the end user on the consent screen.

You can do this using the new consentMetadata parameter of type object in the request body of POST /oauth2/clients operation. This parameter contains companyName, homePageLink, termsOfServiceLink, privacyPolicyLink, supportEmail, and companyLogoLink parameters, which you can use to specify the name, logo, support email of the company, along with other information like links to home page, terms of service, and privacy policy.

To retrieve an organization’s information associated with registered client application, specify its client ID in GET /oauth2/clients/{clientId} operation.

Back to release notes