Onboarding API (Dynamic Registration)

The Onboarding API is a programmatic way for new applications to quickly get a set of credentials to begin integration to Next Identity. To access this functionality, privileged access is delegated to customers so that they can integrate the API into their landscape such as through a helpdesk portal, or through a center of excellence. The Onboarding API has a set of pre-built schemes that represent the most commonly used configurations and best-practices. It also supports different applications types such as web app, single-page apps, mobile apps, and backend machine-to-machine apps. For these, the Onboarding API delegates either a public or confidential client ID.

This design is based on the Dynamic Client Registration specification. You can read the specification at https://www.rfc-editor.org/rfc/rfc7591.html.

Configuration Schemes

The configuration scheme is a set of configurations that are pre-determined based on standards and are meant to get the application close to what they need in order for them to start the integration quickly.

Configuration DescriptionScheme name
Email as Primary with password - self-registeremail_password
Email as Primary with password - invite onlyemail_password_invite
Mobile as Primary with password - self-registermobile_password
Mobile as Primary with password - invite onlymobile_password_invite
mobile as primary with OTP self registermobile_OTP
mobile as primary with OTP invite onlymobile_OTP_invite

Parameters

ParameterRequirementValidation
redirect_uri_allowlistcomma separated list of URIscan be HTTP, HTTPS, or mobile format
app_urlsingle URL is allowedcan be HTTP, HTTPS, or mobile format
app_linksingle URL is allowedcan be HTTP, HTTPS, or mobile format
site_namesingle string is allowed
property_idstring (UUID)

Example:

POST idp/v1/applications/register HTTP/1.1
     Content-Type: application/json
     Accept: application/json
     Authorization: Bearer eyJpc3MiOiSOMETOKENHERE
     Host: server.example.com

     {
          "client_name": "My Application Name",
          "app_type": "mobile | web | spa | m2m",
          "integration_type": "journey | api"
          "config_scheme": "standard",
          "token_type": "opaque | jwt",
          "primary_id": "email | mobile",
                "redirect_uri_allowlist": [
            "https://client.example.org/callback",
            "https://client.example.org/callback2"],
                "app_url": "https://myapp.com/redirect.html",
                "app_link": "https://myapp.com",
                "site_name": "My Application Name",
                "property_id": "ce0sampleproptertyid000000000000",
                "extra":{}
     }