Versions Compared

Old Version 1

changes.mady.by.user ubisebastian

Saved on

compared with

New Version Current

changes.mady.by.user ubisebastian

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
titleHTTP GET /uas/oauth2/metadata.jwks
collapsetrue
{
    "keys": [
        {
            "use": "sig",
            "kid": "initial-sig-key",
            "kty": "RSA",
            "n": "... redacted ...",
            "e": "AQAB"
        }
    ]
}

...

Code Block
titleCreate a new signing key and associate itcollapsetrue
PUT /sso-api/credential/System/ServerKeyContainer/sig-key1 HTTP/1.1
Host: sso.example.com
Content-Type: application/x-www-form-urlencoded
Accept: application/json
Authorization: Bearer ... redacted ...

kty=RSA&kid=sig-key1&enabled=true&use=sig&notBefore=2021-10-27


PUT /sso-api/server/$link/credential/System/ServerKeyContainer/sig-key1 HTTP/1.1
Host: sso.example.com
Content-Type: application/x-www-form-urlencoded
Accept: application/json
Authorization: Bearer ... redacted ...

...

Code Block
collapse
titleSet current key expirationtrue
PUT /sso-api/credential/System/ServerKeyContainer/initial-sig-key HTTP/1.1
Host: localhost:8443
Content-Type: application/x-www-form-urlencoded
Accept: application/json
Authorization: Bearer ... redacted ...

kty=RSA&notOnOrAfter=2021-10-27

...

Code Block
titleHTTP GET /uas/oauth2/metadata.jwkscollapsetrue
{
    "keys": [
        {
            "use": "sig",
            "kid": "initial-sig-key",
            "kty": "RSA",
            "n": "... redacted ...",
            "e": "AQAB"
        },
        {
            "use": "sig",
            "kid": "sig-key1",
            "kty": "RSA",
            "n": "... redacted ...",
            "e": "AQAB"
        }
    ]
}

...

Code Block
collapse
titleHTTP GET /uas/oauth2/metadata.jwkstrue
{
    "keys": [
        {
            "use": "sig",
            "kid": "sig-key1",
            "kty": "RSA",
            "n": "... redacted ...",
            "e": "AQAB"
        }
    ]
}

...

Code Block
titleGET /sso-api/credential/System/ServerKeyContainer/key1/$attribute/csrcollapsetrue
Content-Type: application/pkcs10

-----BEGIN CERTIFICATE REQUEST-----
... redacted ...
-----END CERTIFICATE REQUEST-----

...

Code Block
titlePUT /sso-api/credential/System/ServerKeyContainer/key1/$attribute/csrcollapsetrue
Content-Type: application/pkix-cert

-----BEGIN CERTIFICATE-----
... redacted ...
-----END CERTIFICATE-----

...