ClientRegistrationSuccessResponse Class
Abblix.Oidc.Server
Abblix.Oidc.Server.Endpoints.DynamicClientManagement.Interfaces
ClientRegistrationSuccessResponse Class
Represents a successful response for a client registration in the context of OpenID Connect. Per RFC 7591 §3.2.1, the authorization server returns all registered metadata about the client (including server-assigned defaults for omitted fields) so the client can confirm what was registered without a separate read round-trip. The shape mirrors ReadClientSuccessfulResponse by design — register and read responses carry the same metadata surface, differing only in registration-specific timing (ClientIdIssuedAt) the read endpoint does not regenerate.
public record ClientRegistrationSuccessResponse : System.IEquatable<Abblix.Oidc.Server.Endpoints.DynamicClientManagement.Interfaces.ClientRegistrationSuccessResponse>
Inheritance System.Object → ClientRegistrationSuccessResponse
Implements System.IEquatable<ClientRegistrationSuccessResponse>
Remarks
The response includes the client identifier, credentials, registration endpoint information, and all registered client metadata so the client can use the registration API for subsequent operations on the client configuration.
Constructors
ClientRegistrationSuccessResponse(string, Nullable<DateTimeOffset>, string) Constructor
Represents a successful response for a client registration in the context of OpenID Connect. Per RFC 7591 §3.2.1, the authorization server returns all registered metadata about the client (including server-assigned defaults for omitted fields) so the client can confirm what was registered without a separate read round-trip. The shape mirrors ReadClientSuccessfulResponse by design — register and read responses carry the same metadata surface, differing only in registration-specific timing (ClientIdIssuedAt) the read endpoint does not regenerate.
public ClientRegistrationSuccessResponse(string ClientId, System.Nullable<System.DateTimeOffset> ClientIdIssuedAt, string RegistrationAccessToken);
Parameters
ClientId System.String
The unique identifier assigned to the registered client. Required per RFC 7591 §3.2.1.
ClientIdIssuedAt System.Nullable<System.DateTimeOffset>
Time at which the client identifier was issued. Optional per RFC 7591 §3.2.1.
RegistrationAccessToken System.String
The access token for subsequent operations on the client configuration endpoint. Required per RFC 7592 §3.
Remarks
The response includes the client identifier, credentials, registration endpoint information, and all registered client metadata so the client can use the registration API for subsequent operations on the client configuration.
Properties
ClientRegistrationSuccessResponse.ApplicationType Property
The type of application for which the client is registered (e.g. web, native).
Optional — server may assign a default. Per RFC 7591 §2.
public string? ApplicationType { get; init; }
Property Value
ClientRegistrationSuccessResponse.AuthorizationDetailsTypes Property
The per-client allowlist of authorization-detail type values this client may
use in RFC 9396 Rich Authorization Requests (authorization_details_types,
RFC 9396 §5.1). Echoes the registered value of
ClientInfo.AuthorizationDetailsTypes.
public string[]? AuthorizationDetailsTypes { get; init; }
Property Value
ClientRegistrationSuccessResponse.ClientId Property
The unique identifier assigned to the registered client. Required per RFC 7591 §3.2.1.
public string ClientId { get; init; }
Property Value
ClientRegistrationSuccessResponse.ClientIdIssuedAt Property
Time at which the client identifier was issued. Optional per RFC 7591 §3.2.1.
public System.Nullable<System.DateTimeOffset> ClientIdIssuedAt { get; init; }
Property Value
System.Nullable<System.DateTimeOffset>
ClientRegistrationSuccessResponse.ClientName Property
The human-readable name of the client. Optional client metadata. Per RFC 7591 §2.
public string? ClientName { get; init; }
Property Value
ClientRegistrationSuccessResponse.ClientSecret Property
The client secret assigned to the registered client. Optional — only present for confidential clients. Per RFC 7591 §3.2.1.
public string? ClientSecret { get; init; }
Property Value
ClientRegistrationSuccessResponse.ClientSecretExpiresAt Property
The expiration time of the client secret.
Required if client_secret is issued. Per RFC 7591 §3.2.1.
A value of 0 indicates the secret does not expire.
public System.Nullable<System.DateTimeOffset> ClientSecretExpiresAt { get; init; }
Property Value
System.Nullable<System.DateTimeOffset>
ClientRegistrationSuccessResponse.Contacts Property
Array of contact email addresses for people responsible for this client. Optional client metadata. Per RFC 7591 §2.
public string[]? Contacts { get; init; }
Property Value
ClientRegistrationSuccessResponse.DpopBoundAccessTokens Property
Whether access tokens issued to this client are sender-constrained via DPoP per
RFC 9449 §5.2 (dpop_bound_access_tokens). Echoes the registered value of
ClientInfo.RequireDPoP.
public System.Nullable<bool> DpopBoundAccessTokens { get; init; }
Property Value
System.Nullable<System.Boolean>
ClientRegistrationSuccessResponse.GrantTypes Property
The grant types the client is registered to use at the token endpoint, including the server-assigned default when the request omitted them. Per RFC 7591 §2/§3.2.1.
public string[]? GrantTypes { get; init; }
Property Value
ClientRegistrationSuccessResponse.InitiateLoginUri Property
URL the authorization server can call to initiate a login at the client. Optional. Per OpenID Connect Core §4.
public System.Uri? InitiateLoginUri { get; init; }
Property Value
ClientRegistrationSuccessResponse.IntrospectionEncryptedResponseAlg Property
JWE alg algorithm for encrypting introspection responses. Optional. Per RFC 9701 §6.
public string? IntrospectionEncryptedResponseAlg { get; init; }
Property Value
ClientRegistrationSuccessResponse.IntrospectionEncryptedResponseEnc Property
JWE enc algorithm for encrypting introspection responses. Optional. Per RFC 9701 §6.
public string? IntrospectionEncryptedResponseEnc { get; init; }
Property Value
ClientRegistrationSuccessResponse.IntrospectionSignedResponseAlg Property
JWS algorithm for signing introspection responses. Optional. Per RFC 9701 §6.
public string? IntrospectionSignedResponseAlg { get; init; }
Property Value
ClientRegistrationSuccessResponse.JwksUri Property
URL for the client's JSON Web Key Set document. Optional — alternative to providing keys directly. Per RFC 7591 §2.
public System.Uri? JwksUri { get; init; }
Property Value
ClientRegistrationSuccessResponse.LogoUri Property
URL that references a logo for the client. Optional client metadata. Per RFC 7591 §2.
public System.Uri? LogoUri { get; init; }
Property Value
ClientRegistrationSuccessResponse.RedirectUris Property
The URIs where the client expects to receive responses after user authentication. Required for most grant types. Per RFC 7591 §2.
public System.Uri[]? RedirectUris { get; init; }
Property Value
ClientRegistrationSuccessResponse.RegistrationAccessToken Property
The access token for subsequent operations on the client configuration endpoint. Required per RFC 7592 §3.
public string RegistrationAccessToken { get; init; }
Property Value
ClientRegistrationSuccessResponse.RegistrationClientUri Property
The fully qualified URL of the client configuration endpoint for this client. Required per RFC 7592 §3.
public System.Uri? RegistrationClientUri { get; init; }
Property Value
ClientRegistrationSuccessResponse.RequestUris Property
Array of request_uri values pre-registered by the client.
Optional. Per OpenID Connect Core §6.2.
public System.Uri[]? RequestUris { get; init; }
Property Value
ClientRegistrationSuccessResponse.RequirePushedAuthorizationRequests Property
Whether PAR is the only way this client may start an authorization flow per RFC 9126 §6.
Echoes ClientInfo.RequirePushedAuthorizationRequests.
public System.Nullable<bool> RequirePushedAuthorizationRequests { get; init; }
Property Value
System.Nullable<System.Boolean>
ClientRegistrationSuccessResponse.RequireSignedRequestObject Property
Whether this client must deliver authorization parameters as a signed request object per
RFC 9101 §10.5. Echoes ClientInfo.RequireSignedRequestObject.
public System.Nullable<bool> RequireSignedRequestObject { get; init; }
Property Value
System.Nullable<System.Boolean>
ClientRegistrationSuccessResponse.ResponseTypes Property
The response type combinations the client is registered to use at the authorization endpoint, including the server-assigned default when the request omitted them. Each entry is a space-separated combination, mirroring the request shape. Per RFC 7591 §2/§3.2.1.
public string[][]? ResponseTypes { get; init; }
Property Value
ClientRegistrationSuccessResponse.Scope Property
The scope values the client is registered to request, serialized as a space-separated string. Per RFC 7591 §2/§3.2.1.
public string[]? Scope { get; init; }
Property Value
ClientRegistrationSuccessResponse.SectorIdentifierUri Property
URL using the https scheme used in calculating pseudonymous identifiers for
pairwise subject type. Optional — only relevant for pairwise. Per OpenID Connect Core §8.1.
public System.Uri? SectorIdentifierUri { get; init; }
Property Value
ClientRegistrationSuccessResponse.SubjectType Property
The type of subject identifier used (e.g. public, pairwise).
Optional — server may assign a default. Per OpenID Connect Core §8.
public string? SubjectType { get; init; }
Property Value
ClientRegistrationSuccessResponse.TlsClientAuthSanDns Property
Required DNS Subject Alternative Names for tls_client_auth per RFC 8705.
public string[]? TlsClientAuthSanDns { get; init; }
Property Value
ClientRegistrationSuccessResponse.TlsClientAuthSanEmail Property
Required email Subject Alternative Names for tls_client_auth per RFC 8705.
public string[]? TlsClientAuthSanEmail { get; init; }
Property Value
ClientRegistrationSuccessResponse.TlsClientAuthSanIp Property
Required IP Subject Alternative Names for tls_client_auth per RFC 8705.
public string[]? TlsClientAuthSanIp { get; init; }
Property Value
ClientRegistrationSuccessResponse.TlsClientAuthSanUri Property
Required URI Subject Alternative Names for tls_client_auth per RFC 8705.
public System.Uri[]? TlsClientAuthSanUri { get; init; }
Property Value
ClientRegistrationSuccessResponse.TlsClientAuthSubjectDn Property
Exact Subject Distinguished Name required when using tls_client_auth per RFC 8705.
public string? TlsClientAuthSubjectDn { get; init; }
Property Value
ClientRegistrationSuccessResponse.TlsClientCertificateBoundAccessTokens Property
Whether access tokens are certificate-bound whenever the token request arrives over mutual
TLS per RFC 8705 §3.4. Echoes ClientInfo.TlsClientCertificateBoundAccessTokens.
public System.Nullable<bool> TlsClientCertificateBoundAccessTokens { get; init; }
Property Value
System.Nullable<System.Boolean>
ClientRegistrationSuccessResponse.TokenEndpointAuthMethod Property
The method used for authenticating the client at the token endpoint. Optional — server may assign a default. Per RFC 7591 §2.
public string? TokenEndpointAuthMethod { get; init; }
Property Value
ClientRegistrationSuccessResponse.TokenExchangeAudiences Property
Non-standard extension: default-deny per-client allowlist of RFC 8693 audience values
this client may request when exchanging a token. Echoes
ClientInfo.TokenExchangeAllowedAudiences.
public string[]? TokenExchangeAudiences { get; init; }
Property Value
ClientRegistrationSuccessResponse.TokenExchangeSubjectTokenTypes Property
Non-standard extension: per-client allowlist of RFC 8693 subject_token_type URIs this
client may submit to the Token Exchange grant. Echoes
ClientInfo.TokenExchangeAllowedSubjectTokenTypes.
public string[]? TokenExchangeSubjectTokenTypes { get; init; }
Property Value
ClientRegistrationSuccessResponse.UserInfoEncryptedResponseAlg Property
JWE alg algorithm for encrypting UserInfo responses.
Optional. Per OpenID Connect Core §5.6.2.
public string? UserInfoEncryptedResponseAlg { get; init; }
Property Value
ClientRegistrationSuccessResponse.UserInfoEncryptedResponseEnc Property
JWE enc algorithm for encrypting UserInfo responses.
Optional. Per OpenID Connect Core §5.6.2.
public string? UserInfoEncryptedResponseEnc { get; init; }