Versions Compared

Old Version 3

changes.mady.by.user Gomathy Kumarakuruparan

Saved on

compared with

New Version Current

changes.mady.by.user Gomathy Kumarakuruparan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This topic provides information on adding an identity provider and a service provider using Web service calls.

...

  1. registerOAuthApplicationData of OAuthAdminService

    Code Block
    languagexml
    titleSOAP request
    <soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsd="http://org.apache.axis2/xsd" xmlns:xsd1="http://dto.oauth.identity.carbon.wso2.org/xsd">
   <soap:Header/>
   <soap:Body>
      <xsd:registerOAuthApplicationData>
         <!--Optional:-->
         <xsd:application>
            <!--Optional:-->
            <xsd1:OAuthVersion>2.0</xsd1:OAuthVersion>
            <!--Optional:-->
            <xsd1:applicationName>playground2</xsd1:applicationName>
            <!--Optional:-->
            <xsd1:callbackUrl>http://localhost:8080/playground2/oauth2client</xsd1:callbackUrl>
            <!--Optional:-->
            <xsd1:grantTypes>authorization_code implicit</xsd1:grantTypes>
         </xsd:application>
      </xsd:registerOAuthApplicationData>
   </soap:Body>
</soap:Envelope>

  2. getOAuthApplicationDataByAppName of OAuthAdminService

    Code Block
    languagexml
    titleSOAP request
     <soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsd="http://org.apache.axis2/xsd">
   <soap:Header/>
   <soap:Body>
      <xsd:getOAuthApplicationDataByAppName>
         <!--Optional:-->
         <xsd:appName>playground2</xsd:appName>
      </xsd:getOAuthApplicationDataByAppName>
   </soap:Body>
</soap:Envelope>
    Code Block
    languagexml
    titleExpected response
    <soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
   <soapenv:Body>
      <ns:getOAuthApplicationDataByAppNameResponse xmlns:ns="http://org.apache.axis2/xsd">
         <ns:return xsi:type="ax2331:OAuthConsumerAppDTO" xmlns:ax2331="http://dto.oauth.identity.carbon.wso2.org/xsd" xmlns:ax2334="http://base.identity.carbon.wso2.org/xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ax2333="http://oauth.identity.carbon.wso2.org/xsd">
            <ax2331:OAuthVersion>2.0</ax2331:OAuthVersion>
            <ax2331:applicationName>playground2</ax2331:applicationName>
            <ax2331:callbackUrl>http://localhost:8080/playground2/oauth2client</ax2331:callbackUrl>
            <ax2331:grantTypes xsi:nil="true"/>
            <ax2331:oauthConsumerKey>TXdYtJ2D8npgBH7e4QgP_5FDN50a</ax2331:oauthConsumerKey>
            <ax2331:oauthConsumerSecret>UGlYgO0x4CfBAJ5oOaRIW8PSYDca</ax2331:oauthConsumerSecret>
            <ax2331:username xsi:nil="true"/>
         </ns:return>
      </ns:getOAuthApplicationDataByAppNameResponse>
   </soapenv:Body>
</soapenv:Envelope>

    You can extract the client ID and secret from this response.

  3. createApplication of IdentityApplicationManagementService

    Code Block
    languagexml
    titleSOAP request
    <soapenv<soap:Envelope xmlns:soapenvsoap="http://schemaswww.xmlsoapw3.org/2003/05/soap/-envelope/" xmlns:xsd="http://org.apache.axis2/xsd" xmlns:xsd1="http://model.common.application.identity.carbon.wso2.org/xsd">
   <soapenv<soap:Header/>
   <soapenv<soap:Body>
       <xsd:getApplication>createApplication>
      <xsd:serviceProvider>
   <!--Optional:-->         <xsd1:applicationName>playground2</xsd1:applicationName>
         <xsd:applicationName>playground2<</xsd:applicationName>serviceProvider>
      </xsd:getApplication>createApplication>
   </soapenvsoap:Body>
</soapenvsoap:Envelope>
    Code Block
    languagexml
    titleExpected response
    <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Body>
      <ns:getApplicationResponsecreateApplicationResponse xmlns:ns="http://org.apache.axis2/xsd">
         <ns:return xsi:typenil="ax2167:ServiceProvidertrue" xmlns:ax2169xsi="http://script.model.common.application.identity.carbon.wso2www.w3.org/2001/xsdXMLSchema-instance" xmlns:ax2165="http://common.application.identity.carbon.wso2.org/xsd" xmlns:ax2167/>
      </ns:createApplicationResponse>
   </soapenv:Body>
</soapenv:Envelope>

  4. getApplication  of  IdentityApplicationManagementService

    Code Block
    titleSOAP Request
    <soapenv:Envelope xmlns:soapenv="http://modelschemas.common.application.identity.carbon.wso2.org/xsdxmlsoap.org/soap/envelope/" xmlns:xsixsd="http://wwworg.w3apache.org/2001/XMLSchema-instanceaxis2/xsd">
   <soapenv:Header/>
   <soapenv:Body>
    <ax2167:applicationID>6</ax2167:applicationID>  <xsd:getApplication>
          <ax2167<xsd:applicationName>playground2</ax2167xsd:applicationName>
      </xsd:getApplication>
     <ax2167:certificateContent xsi:nil="true"/</soapenv:Body>
</soapenv:Envelope>
    Code Block
    titleExpected Response
    <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Body>
        <ax2167<ns:claimConfiggetApplicationResponse xsixmlns:typens="ax2167:ClaimConfighttp://org.apache.axis2/xsd">
               <ax2167:alwaysSendMappedLocalSubjectId>false</ax2167:alwaysSendMappedLocalSubjectId>
               <ax2167:localClaimDialect>false</ax2167:localClaimDialect>
               <ax2167:roleClaimURI xsi:nil="true"/>
 <ns:return xsi:type="ax2167:ServiceProvider" xmlns:ax2169="http://script.model.common.application.identity.carbon.wso2.org/xsd" xmlns:ax2165="http://common.application.identity.carbon.wso2.org/xsd" xmlns:ax2167="http://model.common.application.identity.carbon.wso2.org/xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
             <ax2167:userClaimURI xsi:nil="true"/>applicationID>6</ax2167:applicationID>
            <<ax2167:applicationName>playground2</ax2167:claimConfig>applicationName>
            <ax2167:description>oauth application</ax2167:description>certificateContent xsi:nil="true"/>
            <ax2167:inboundAuthenticationConfigclaimConfig xsi:type="ax2167:InboundAuthenticationConfigClaimConfig">
               <ax2167:inboundAuthenticationRequestConfigs xsi:type="ax2167:InboundAuthenticationRequestConfig">alwaysSendMappedLocalSubjectId>false</ax2167:alwaysSendMappedLocalSubjectId>
               <ax2167:localClaimDialect>false</ax2167:localClaimDialect>
               <ax2167:friendlyNameroleClaimURI xsi:nil="true"/>
                  <ax2167:inboundAuthKey>3_2hcfZEynN8ev3ygjtmosq8W6Ma</ax2167:inboundAuthKey><ax2167:userClaimURI xsi:nil="true"/>
            </ax2167:claimConfig>
     <ax2167:inboundAuthType>oauth2</ax2167:inboundAuthType>       <ax2167:description>oauth application</ax2167:description>
            <ax2167:inboundConfigType>standardAPP</ax2167:inboundConfigType>:inboundAuthenticationConfig xsi:type="ax2167:InboundAuthenticationConfig">
                  <ax2167:propertiesinboundAuthenticationRequestConfigs xsi:type="ax2167:PropertyInboundAuthenticationRequestConfig">
                     <ax2167:advanced>false</ax2167:advanced><ax2167:friendlyName xsi:nil="true"/>
                     <ax2167:confidential>false<inboundAuthKey>3_2hcfZEynN8ev3ygjtmosq8W6Ma</ax2167:confidential>inboundAuthKey>
                     <ax2167:defaultValue xsi:nil="true"/>inboundAuthType>oauth2</ax2167:inboundAuthType>
                     <ax2167:description xsi:nil="true"/>
inboundConfigType>standardAPP</ax2167:inboundConfigType>
                    <ax2167:displayNameproperties xsi:niltype="trueax2167:Property"/>
                     <ax2167:displayOrder>0<advanced>false</ax2167:displayOrder>advanced>
                     <ax2167:name>oauthConsumerSecret<confidential>false</ax2167:name>confidential>
                     <ax2167:required>false</ax2167:required>defaultValue xsi:nil="true"/>
                     <ax2167:typedescription xsi:nil="true"/>
                     <ax2167:valuedisplayName xsi:nil="true"/>
                     <<ax2167:displayOrder>0</ax2167:properties>displayOrder>
                     <<ax2167:name>oauthConsumerSecret</ax2167:inboundAuthenticationRequestConfigs>name>
                     <<ax2167:required>false</ax2167:inboundAuthenticationConfig>required>
                     <ax2167:inboundProvisioningConfigtype xsi:typenil="ax2167:InboundProvisioningConfigtrue"/>
                     <ax2167:dumbMode>false</ax2167:dumbMode>value xsi:nil="true"/>
                  <ax2167:provisioningEnabled>false<</ax2167:provisioningEnabled>properties>
               <ax2167:provisioningUserStore>PRIMARY<</ax2167:provisioningUserStore>inboundAuthenticationRequestConfigs>
            </ax2167:inboundProvisioningConfig>inboundAuthenticationConfig>
            <ax2167:localAndOutBoundAuthenticationConfiginboundProvisioningConfig xsi:type="ax2167:LocalAndOutboundAuthenticationConfigInboundProvisioningConfig">
               <ax2167:alwaysSendBackAuthenticatedListOfIdPs>false<dumbMode>false</ax2167:alwaysSendBackAuthenticatedListOfIdPs>dumbMode>
               <ax2167:authenticationScriptConfig xsi:nil="true"/>provisioningEnabled>false</ax2167:provisioningEnabled>
               <ax2167:authenticationStepForAttributes xsi:nil="true"/>provisioningUserStore>PRIMARY</ax2167:provisioningUserStore>
            </ax2167:inboundProvisioningConfig>
     <ax2167:authenticationStepForSubject xsi:nil="true"/       <ax2167:localAndOutBoundAuthenticationConfig xsi:type="ax2167:LocalAndOutboundAuthenticationConfig">
               <ax2167:authenticationType>default<alwaysSendBackAuthenticatedListOfIdPs>false</ax2167:authenticationType>alwaysSendBackAuthenticatedListOfIdPs>
               <ax2167:enableAuthorization>false</ax2167:enableAuthorization>:authenticationScriptConfig xsi:nil="true"/>
               <ax2167:subjectClaimUri>http://wso2.org/claims/fullname</ax2167:subjectClaimUri>authenticationStepForAttributes xsi:nil="true"/>
               <ax2167:useTenantDomainInLocalSubjectIdentifier>false</ax2167:useTenantDomainInLocalSubjectIdentifier>authenticationStepForSubject xsi:nil="true"/>
               <ax2167:useUserstoreDomainInLocalSubjectIdentifier>false<authenticationType>default</ax2167:useUserstoreDomainInLocalSubjectIdentifier>authenticationType>
               <<ax2167:enableAuthorization>false</ax2167:localAndOutBoundAuthenticationConfig>enableAuthorization>
             <ax2167:outboundProvisioningConfig xsi:type="ax2167:OutboundProvisioningConfig">  <ax2167:subjectClaimUri>http://wso2.org/claims/fullname</ax2167:subjectClaimUri>
               <ax2167:provisionByRoleList xsi:nil="true"/>:useTenantDomainInLocalSubjectIdentifier>false</ax2167:useTenantDomainInLocalSubjectIdentifier>
               <ax2167:useUserstoreDomainInLocalSubjectIdentifier>false</ax2167:useUserstoreDomainInLocalSubjectIdentifier>
            </ax2167:outboundProvisioningConfig>localAndOutBoundAuthenticationConfig>
            <ax2167:owneroutboundProvisioningConfig xsi:type="ax2167:UserOutboundProvisioningConfig">
               <ax2167:tenantDomain>carbon.super</ax2167:tenantDomain>provisionByRoleList xsi:nil="true"/>
            </ax2167:outboundProvisioningConfig>
   <ax2167:         <ax2167:owner xsi:type="ax2167:User">
               <ax2167:tenantDomain>carbon.super</ax2167:tenantDomain>
               <ax2167:userName>admin</ax2167:userName>
               <ax2167:userStoreDomain>PRIMARY</ax2167:userStoreDomain>
            </ax2167:owner>
            <ax2167:permissionAndRoleConfig xsi:type="ax2167:PermissionsAndRoleConfig"/>
            <ax2167:saasApp>false</ax2167:saasApp>
         </ns:return>
      </ns:getApplicationResponse>
   </soapenv:Body>
</soapenv:Envelope>

    You can extract the application ID from the above response.

  5. updateApplication of IdentityApplicationManagementService

    Tip

    Tip: You can set the extracted client ID, secret and application ID in the following SOAP request.

    Code Block
    languagexml
    titleSOAP request
    <soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsd="http://org.apache.axis2/xsd" xmlns:xsd1="http://model.common.application.identity.carbon.wso2.org/xsd">
   <soap:Header/>
   <soap:Body>
      <xsd:updateApplication>
         <!--Optional:-->
         <xsd:serviceProvider>
            <!--Optional:-->
            <xsd1:applicationID>16</xsd1:applicationID>
            <xsd1:applicationName>playground2</xsd1:applicationName>
            <xsd1:claimConfig>
               <xsd1:alwaysSendMappedLocalSubjectId>false</xsd1:alwaysSendMappedLocalSubjectId>
            </xsd1:claimConfig>
            <xsd1:description>oauth application</xsd1:description>
            <xsd1:inboundAuthenticationConfig>
               <xsd1:inboundAuthenticationRequestConfigs>
                  <xsd1:inboundAuthKey>TXdYtJ2D8npgBH7e4QgP_5FDN50a</xsd1:inboundAuthKey>
                  <xsd1:inboundAuthType>oauth2</xsd1:inboundAuthType>
                  <xsd1:properties>
                     <xsd1:confidential>false</xsd1:confidential>
                     <xsd1:defaultValue xsd:nil="true"/>
                     <xsd1:description.wso2.org/xsd">
<soap:Header/>
<soap:Body>
<xsd:updateApplication>
<!--Optional:-->
<xsd:serviceProvider>
<!--Optional:-->
<xsd1:applicationID>16</xsd1:applicationID>
<xsd1:applicationName>playground2</xsd1:applicationName>
<xsd1:claimConfig>
<xsd1:alwaysSendMappedLocalSubjectId>false</xsd1:alwaysSendMappedLocalSubjectId>
</xsd1:claimConfig>
<xsd1:description>oauth application</xsd1:description>
<xsd1:inboundAuthenticationConfig>
<xsd1:inboundAuthenticationRequestConfigs>
<xsd1:inboundAuthKey>TXdYtJ2D8npgBH7e4QgP_5FDN50a</xsd1:inboundAuthKey>
<xsd1:inboundAuthType>oauth2</xsd1:inboundAuthType>
<xsd1:properties>
<xsd1:confidential>false</xsd1:confidential>
<xsd1:defaultValue xsd:nil="true"/>
                    
<xsd1:displayNamedescription xsd:nil="true"/>
                     <xsd1:name>oauthConsumerSecret</xsd1:name>
                     <xsd1:displayName xsd:nil="true"/>
<xsd1:name>oauthConsumerSecret</xsd1:name>
<xsd1:required>false</xsd1:required>
                    
<xsd1:type xsd:nil="true"/>
  
                  <xsd1:value>UGlYgO0x4CfBAJ5oOaRIW8PSYDca</xsd1:value>
   
              </xsd1:properties>
              properties>
</xsd1:inboundAuthenticationRequestConfigs>
           
</xsd1:inboundAuthenticationConfig>
          
 <xsd1:inboundProvisioningConfig>
         
     <xsd1:provisioningEnabled>false</xsd1:provisioningEnabled>
               <xsd1:provisioningUserStore>PRIMARY</xsd1:provisioningUserStore>
            </xsd1:inboundProvisioningConfig>
            xsd1:provisioningUserStore>
</xsd1:inboundProvisioningConfig>
<xsd1:localAndOutBoundAuthenticationConfig> <xsd1:alwaysSendBackAuthenticatedListOfIdPs>false</xsd1:alwaysSendBackAuthenticatedListOfIdPs> 
             
 <xsd1:authenticationStepForAttributes xsd:nil="true"/> 
        
      <xsd1:authenticationStepForSubject xsd:nil="true"/>

               <xsd1:authenticationType>default</xsd1:authenticationType>

               <xsd1:subjectClaimUri xsd:nil="true">http://wso2.org/claims/fullname</xsd1:subjectClaimUri> 
            :subjectClaimUri>
</xsd1:localAndOutBoundAuthenticationConfig> 
        
   <xsd1:outboundProvisioningConfig>
              
<xsd1:provisionByRoleList xsd:nil="true"/>
   
        </xsd1:outboundProvisioningConfig>
          
 <xsd1:permissionAndRoleConfig/>
 
          <xsd1:saasApp>false</xsd1:saasApp>

        </xsd:serviceProvider>
    
 </xsd:updateApplication>
  
</soap:Body>
</soap:Envelope>

...