Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Merge pull request #46 from vparihar01/develop

Develop

@jfoley / @ryantang
  • Loading branch information...
commit f6b0120c0a1b3b965b1fd08c686746c8f3ab33db 2 parents 7e25b14 + 8398304
Ryan Tang authored August 19, 2013

Showing 1 changed file with 11 additions and 11 deletions. Show diff stats Hide diff stats

  1. 22  docs/UAA-APIs.rst
22  docs/UAA-APIs.rst
Source Rendered
@@ -190,7 +190,7 @@ In addition to the normal authentication of the ``/oauth/authorize`` endpoint de
190 190
     id: login,
191 191
     secret: loginsecret,
192 192
     scope: uaa.none,
193  
-    authorized-grant-types: client_credentials,
  193
+    authorized_grant_types: client_credentials,
194 194
     authorities: oauth.login
195 195
 
196 196
 To authenticate the ``/oauth/authorize`` endpoint using this channel the Login Server has to provide a standard OAuth2 bearer token header _and_ some additional parameters to identify the user: ``source=login`` is mandatory, as is ``username``, plus optionally ``[email, given_name, family_name]``.  The UAA will lookup the user in its internal database and if it is found the request is authenticated.  The UAA can be configured to automatically register authenicated users that are missing from its database, but this will only work if all the fields are provided.  The response from the UAA (if the Login Server asks for JSON content) has enough information to get approval from the user and pass the response back to the UAA.
@@ -308,8 +308,8 @@ This endpoint mirrors the OpenID Connect ``/check_id`` endpoint, so not very RES
308 308
 
309 309
 Notes:
310 310
 
311  
-* The ``user_name`` is the same as you get from the `OpenID Connect`_ ``/userinfo`` endpoint.  The ``user_id`` field is the same as you would use to get the full user profile from ``/User``.
312  
-* Many of the fields in the response are a courtesy, allowing the caller to avoid further round trip queries to pick up the same information (e.g. via the ``/User`` endpoint).
  311
+* The ``user_name`` is the same as you get from the `OpenID Connect`_ ``/userinfo`` endpoint.  The ``user_id`` field is the same as you would use to get the full user profile from ``/Users``.
  312
+* Many of the fields in the response are a courtesy, allowing the caller to avoid further round trip queries to pick up the same information (e.g. via the ``/Users`` endpoint).
313 313
 * The ``aud`` claim is the resource ids that are the audience for the token.  A Resource Server should check that it is on this list or else reject the token.
314 314
 * The ``client_id`` data represent the client that the token was granted for, not the caller.  The value can be used by the caller, for example, to verify that the client has been granted permission to access a resource.
315 315
 * Error Responses: see `OAuth2 Error responses <http://tools.ietf.org/html/draft-ietf-oauth-v2-26#section-5.2>`_ and this addition::
@@ -420,14 +420,14 @@ User Account Management APIs
420 420
 UAA supports the `SCIM <http://simplecloud.info>`_ standard for
421 421
 these APIs and endpoints.  These endpoints are themselves secured by OAuth2, and access decision is done based on the 'scope' and 'aud' fields of the JWT OAuth2 token.
422 422
 
423  
-Create a User: ``POST /User``
  423
+Create a User: ``POST /Users``
424 424
 ------------------------------
425 425
 
426 426
 See `SCIM - Creating Resources`__
427 427
 
428 428
 __ http://www.simplecloud.info/specs/draft-scim-rest-api-01.html#create-resource
429 429
 
430  
-* Request: ``POST /User``
  430
+* Request: ``POST /Users``
431 431
 * Request Headers: Authorization header containing an OAuth2_ bearer token with::
432 432
 
433 433
         scope = scim.write
@@ -478,12 +478,12 @@ The ``userName`` is unique in the UAA, but is allowed to change.  Each user also
478 478
         401 - Unauthorized
479 479
 
480 480
 
481  
-Update a User: ``PUT /User/{id}``
  481
+Update a User: ``PUT /Users/{id}``
482 482
 ----------------------------------------
483 483
 
484 484
 See `SCIM - Modifying with PUT <http://www.simplecloud.info/specs/draft-scim-rest-api-01.html#edit-resource-with-put>`_
485 485
 
486  
-* Request: ``PUT /User/{id}``
  486
+* Request: ``PUT /Users/{id}``
487 487
 * Request Headers: Authorization header containing an OAuth2_ bearer token with::
488 488
 
489 489
         scope = scim.write
@@ -535,12 +535,12 @@ See `SCIM - Modifying with PUT <http://www.simplecloud.info/specs/draft-scim-res
535 535
 
536 536
   Note: SCIM also optionally supports partial update using PATCH.
537 537
 
538  
-Change Password: ``PUT /User/{id}/password``
  538
+Change Password: ``PUT /Users/{id}/password``
539 539
 ----------------------------------------------
540 540
 
541 541
 See `SCIM - Changing Password <http://www.simplecloud.info/specs/draft-scim-rest-api-01.html#change-password>`_
542 542
 
543  
-* Request: ``PUT /User/{id}/password``
  543
+* Request: ``PUT /Users/{id}/password``
544 544
 * Request Headers: Authorization header containing an OAuth2_ bearer token with::
545 545
 
546 546
         scope = password.write
@@ -612,12 +612,12 @@ Filters: note that, per the specification, attribute values are comma separated
612 612
         400 - Bad Request
613 613
         401 - Unauthorized
614 614
 
615  
-Delete a User: ``DELETE /User/{id}``
  615
+Delete a User: ``DELETE /Users/{id}``
616 616
 -------------------------------------
617 617
 
618 618
 See `SCIM - Deleting Resources <http://www.simplecloud.info/specs/draft-scim-rest-api-01.html#delete-resource>`_.
619 619
 
620  
-* Request: ``DELETE /User/{id}``
  620
+* Request: ``DELETE /Users/{id}``
621 621
 * Request Headers: 
622 622
 
623 623
   + Authorization header containing an OAuth2_ bearer token with::

0 notes on commit f6b0120

Please sign in to comment.
Something went wrong with that request. Please try again.