Skip to main content

ReadClientSuccessfulResponse Class

Abblix.Oidc.Server

Abblix.Oidc.Server.Model

ReadClientSuccessfulResponse Class

Represents the response for a successful client read request, detailing the configuration and metadata of an OAuth or OpenID Connect client. Per RFC 7592 Section 3, this response includes the registration access token and all registered client metadata. Unregistered metadata is omitted from the JSON per RFC 7592 §3, not emitted as an explicit null.

public record ReadClientSuccessfulResponse : System.IEquatable<Abblix.Oidc.Server.Model.ReadClientSuccessfulResponse>

Inheritance System.Object → ReadClientSuccessfulResponse

Implements System.IEquatable<ReadClientSuccessfulResponse>

Properties

ReadClientSuccessfulResponse.ApplicationType Property

The type of application for which the client is registered (e.g., web, native). Optional - server may assign default. Per RFC 7591 Section 2.

public string? ApplicationType { get; init; }

Property Value

System.String

ReadClientSuccessfulResponse.AuthorizationDetailsTypes Property

The per-client allowlist of authorization-detail type values this client may use in RFC 9396 Rich Authorization Requests (authorization_details_types, RFC 9396 §5.1). Echoes the registered value of AuthorizationDetailsTypes.

public string[]? AuthorizationDetailsTypes { get; init; }

Property Value

System.String[]

ReadClientSuccessfulResponse.ClientId Property

The unique identifier of the client as registered with the authorization server. Required per RFC 7591 Section 3.2.1.

public string ClientId { get; init; }

Property Value

System.String

ReadClientSuccessfulResponse.ClientName Property

The human-readable name of the client. Optional client metadata. Per RFC 7591 Section 2.

public string? ClientName { get; init; }

Property Value

System.String

ReadClientSuccessfulResponse.ClientSecret Property

The secret associated with the client, used for authenticating with the authorization server. Optional - only present for confidential clients. Per RFC 7591 Section 3.2.1.

public string? ClientSecret { get; init; }

Property Value

System.String

ReadClientSuccessfulResponse.ClientSecretExpiresAt Property

The expiration time of the client secret. Indicates when the client secret will become invalid. Required if client_secret is issued. Per RFC 7591 Section 3.2.1. A value of 0 indicates the secret does not expire. Serialized as Unix seconds (a JSON number) per RFC 7591 §3.2.1, matching the register-path DTO.

public System.Nullable<System.DateTimeOffset> ClientSecretExpiresAt { get; init; }

Property Value

System.Nullable<System.DateTimeOffset>

ReadClientSuccessfulResponse.Contacts Property

Array of contact email addresses for people responsible for this client. Optional client metadata. Per RFC 7591 Section 2.

public string[]? Contacts { get; init; }

Property Value

System.String[]

ReadClientSuccessfulResponse.DpopBoundAccessTokens Property

Whether access tokens issued to this client are sender-constrained via DPoP per RFC 9449 §5.2 (dpop_bound_access_tokens). Echoes RequireDPoP.

public System.Nullable<bool> DpopBoundAccessTokens { get; init; }

Property Value

System.Nullable<System.Boolean>

ReadClientSuccessfulResponse.GrantTypes Property

The registered grant types, including server-assigned defaults. Per RFC 7591 §2 / RFC 7592 §3.

public string[]? GrantTypes { get; init; }

Property Value

System.String[]

ReadClientSuccessfulResponse.InitiateLoginUri Property

URL that the authorization server can call to initiate a login at the client. Optional. Per OpenID Connect Core Section 4.

public System.Uri? InitiateLoginUri { get; init; }

Property Value

System.Uri

ReadClientSuccessfulResponse.JwksUri Property

URL for the client's JSON Web Key Set document. Optional - alternative to providing keys directly. Per RFC 7591 Section 2.

public System.Uri? JwksUri { get; init; }

Property Value

System.Uri

ReadClientSuccessfulResponse.LogoUri Property

URL that references a logo for the client. Optional client metadata. Per RFC 7591 Section 2.

public System.Uri? LogoUri { get; init; }

Property Value

System.Uri

ReadClientSuccessfulResponse.RedirectUris Property

The URIs where the client expects to receive responses after user authentication. Required for most grant types. Per RFC 7591 Section 2.

public System.Uri[] RedirectUris { get; init; }

Property Value

System.Uri[]

ReadClientSuccessfulResponse.RegistrationAccessToken Property

The access token for subsequent operations on the client configuration endpoint. Required per RFC 7592 Section 3.

public string RegistrationAccessToken { get; init; }

Property Value

System.String

ReadClientSuccessfulResponse.RegistrationClientUri Property

The fully qualified URL of the client configuration endpoint for this client. Required per RFC 7592 Section 3.

public System.Uri? RegistrationClientUri { get; init; }

Property Value

System.Uri

ReadClientSuccessfulResponse.RequestUris Property

Array of request_uri values that are pre-registered by the client. Optional. Per OpenID Connect Core Section 6.2.

public System.Uri[]? RequestUris { get; init; }

Property Value

System.Uri[]

ReadClientSuccessfulResponse.RequirePushedAuthorizationRequests Property

Whether PAR is the only way this client may start an authorization flow per RFC 9126 §6. Echoes RequirePushedAuthorizationRequests.

public System.Nullable<bool> RequirePushedAuthorizationRequests { get; init; }

Property Value

System.Nullable<System.Boolean>

ReadClientSuccessfulResponse.RequireSignedRequestObject Property

Whether this client must deliver authorization parameters as a signed request object per RFC 9101 §10.5. Echoes RequireSignedRequestObject.

public System.Nullable<bool> RequireSignedRequestObject { get; init; }

Property Value

System.Nullable<System.Boolean>

ReadClientSuccessfulResponse.ResponseTypes Property

The registered response type combinations (each entry space-separated), including server-assigned defaults. Per RFC 7591 §2 / RFC 7592 §3.

public string[][]? ResponseTypes { get; init; }

Property Value

System.String[][]

ReadClientSuccessfulResponse.Scope Property

The registered scope values, serialized as a space-separated string. Per RFC 7591 §2 / RFC 7592 §3.

public string[]? Scope { get; init; }

Property Value

System.String[]

ReadClientSuccessfulResponse.SectorIdentifierUri Property

URL using the https scheme to be used in calculating pseudonymous identifiers for pairwise subject type. Optional - only relevant for pairwise subject identifiers. Per OpenID Connect Core Section 8.1.

public System.Uri? SectorIdentifierUri { get; init; }

Property Value

System.Uri

ReadClientSuccessfulResponse.SubjectType Property

The type of subject identifier used (e.g., public, pairwise). Optional - server may assign default. Per OpenID Connect Core Section 8.

public string? SubjectType { get; init; }

Property Value

System.String

ReadClientSuccessfulResponse.TlsClientAuthSanDns Property

Required DNS Subject Alternative Names for tls_client_auth.

public string[]? TlsClientAuthSanDns { get; init; }

Property Value

System.String[]

ReadClientSuccessfulResponse.TlsClientAuthSanEmail Property

Required email Subject Alternative Names for tls_client_auth.

public string[]? TlsClientAuthSanEmail { get; init; }

Property Value

System.String[]

ReadClientSuccessfulResponse.TlsClientAuthSanIp Property

Required IP Subject Alternative Names for tls_client_auth.

public string[]? TlsClientAuthSanIp { get; init; }

Property Value

System.String[]

ReadClientSuccessfulResponse.TlsClientAuthSanUri Property

Required URI Subject Alternative Names for tls_client_auth.

public System.Uri[]? TlsClientAuthSanUri { get; init; }

Property Value

System.Uri[]

ReadClientSuccessfulResponse.TlsClientAuthSubjectDn Property

Exact Subject Distinguished Name required when using tls_client_auth.

public string? TlsClientAuthSubjectDn { get; init; }

Property Value

System.String

ReadClientSuccessfulResponse.TlsClientCertificateBoundAccessTokens Property

Whether access tokens are certificate-bound whenever the token request arrives over mutual TLS per RFC 8705 §3.4. Echoes TlsClientCertificateBoundAccessTokens.

public System.Nullable<bool> TlsClientCertificateBoundAccessTokens { get; init; }

Property Value

System.Nullable<System.Boolean>

ReadClientSuccessfulResponse.TokenEndpointAuthMethod Property

The method used for authenticating the client at the token endpoint. Optional - server may assign default. Per RFC 7591 Section 2.

public string? TokenEndpointAuthMethod { get; init; }

Property Value

System.String

ReadClientSuccessfulResponse.TokenExchangeAudiences Property

Non-standard extension: default-deny per-client allowlist of RFC 8693 audience values this client may request when exchanging a token. Echoes TokenExchangeAllowedAudiences.

public string[]? TokenExchangeAudiences { get; init; }

Property Value

System.String[]

ReadClientSuccessfulResponse.TokenExchangeSubjectTokenTypes Property

Non-standard extension: per-client allowlist of RFC 8693 subject_token_type URIs this client may submit to the Token Exchange grant. Echoes TokenExchangeAllowedSubjectTokenTypes.

public string[]? TokenExchangeSubjectTokenTypes { get; init; }

Property Value

System.String[]

ReadClientSuccessfulResponse.UserInfoEncryptedResponseAlg Property

JWE alg algorithm for encrypting UserInfo responses. Optional. Per OpenID Connect Core Section 5.6.2.

public string? UserInfoEncryptedResponseAlg { get; init; }

Property Value

System.String

ReadClientSuccessfulResponse.UserInfoEncryptedResponseEnc Property

JWE enc algorithm for encrypting UserInfo responses. Optional. Per OpenID Connect Core Section 5.6.2.

public string? UserInfoEncryptedResponseEnc { get; init; }

Property Value

System.String