FusionAuth v0.3.0

FusionAuth.OpenIdConnect (FusionAuth v0.3.0) View Source

The FusionAuth.OpenIdConnect module provides access methods to the FusionAuth OpenID Connect API. All methods require a Tesla Client struct created with FusionAuth.client(base_url, api_key, tenant_id).

Link to this section Summary

Types

application_configuration()
application_id()
client()
domain()
headers()
identity_provider()
identity_provider_id()
login_request_body()
oauth_configuration()
result()
tenant_configuration()
tenant_id()

Functions

complete_openid_connect_login(client, login_request_body)

Completes an OpenID connect login using a login request, this function allows for optional headers to be passed. Must at least contain the following values

complete_openid_connect_login(client, login_request_body, headers)

Completes an OpenID connect login using a login request, this function allows for optional headers to be passed. Must at least contain the following values

create_openid_connect_identity_provider(client, identity_provider)

Creates an OpenID identity provider with the given identity provider configurations

create_openid_connect_identity_provider_uuid(client, identity_provider, identity_provider_id)

Creates an OpenID identity provider with the given identity provider configurations and uses the given UUID as the provider's ID

delete_openid_connect_identity_provider(client, identity_provider_id)

Deletes an OpenID identity provider with the given identity provider ID

lookup_identity_provider(client, domain)

Looks up a specific identity provider using the domain, note: example@domain.com and domain.com are functionally equivalent

retrieve_all_identity_providers(client)

Retrieves all identity providers

retrieve_openid_connect_identity_provider(client, identity_provider_id)

Retrieves an OpenID identity provider with the given identity provider ID

update_openid_connect_identity_provider(client, identity_provider, identity_provider_id)

Updates an OpenID identity provider with the given ID using the identity provider configuration in the request body. This function implements the API call via PATCH.

Link to this section Types

Link to this type

application_configuration()

View Source

Specs

application_configuration() :: %{
  button_image_url: String.t(),
  button_text: String.t(),
  oauth_client_id: String.t(),
  oauth_client_secret: String.t(),
  create_registration: boolean(),
  enabled: boolean(),
  oauth_scope: String.t()
}
Link to this type

application_id()

View Source

Specs

application_id() :: String.t()
Link to this type

client()

View Source

Specs

client() :: FusionAuth.client()
Link to this type

domain()

View Source

Specs

domain() :: String.t()
Link to this type

headers()

View Source

Specs

headers() :: list()
Link to this type

identity_provider()

View Source

Specs

identity_provider() :: %{
  application_configuration: %{
    required(application_id()) => application_configuration()
  },
  button_image_url: String.t(),
  button_text: String.t(),
  debug: boolean(),
  domains: [String.t()],
  lambda_configuration_reconciled: String.t(),
  linking_strategy: String.t(),
  name: String.t(),
  oauth_configuration: oauth_configuration(),
  post_request: boolean(),
  tenant_configuration_map: %{required(tenant_id()) => tenant_configuration()},
  type: String.t()
}
Link to this type

identity_provider_id()

View Source

Specs

identity_provider_id() :: String.t()
Link to this type

login_request_body()

View Source

Specs

login_request_body() :: %{
  application_id: String.t(),
  identity_provider_id: String.t(),
  ipAddress: String.t(),
  data: %{code: String.t(), redirect_uri: String.t()},
  metadata: %{
    device: %{
      description: String.t(),
      lastAccessedAddress: String.t(),
      name: String.t(),
      type: String.t()
    }
  },
  no_jwt: boolean(),
  no_link: boolean()
}
Link to this type

oauth_configuration()

View Source

Specs

oauth_configuration() :: %{
  authorization_endpoint: String.t(),
  client_id: String.t(),
  client_secret: String.t(),
  client_authentication_method: String.t(),
  email_claim: String.t(),
  issuer: String.t(),
  scope: String.t(),
  token_endpoint: String.t(),
  userinfo_endpoint: String.t()
}
Link to this type

result()

View Source

Specs

result() :: FusionAuth.result()
Link to this type

tenant_configuration()

View Source

Specs

tenant_configuration() :: %{
  limit_user_link_count: %{enabled: integer(), maximum_links: integer()}
}
Link to this type

tenant_id()

View Source

Specs

tenant_id() :: String.t()

Link to this section Functions

Link to this function

complete_openid_connect_login(client, login_request_body)

View Source

Specs

complete_openid_connect_login(client(), login_request_body()) :: result()

Completes an OpenID connect login using a login request, this function allows for optional headers to be passed. Must at least contain the following values

  • applicationId :: String.t()

    The Id of the Application the user is to be logged into.

  • data

    • code :: String.t()

    The code parameter that was returned to the Authorization redirect URI. -redirect_uri :: String.t() The redirect URI that was provided to the OpenID Connect Authorization endpoint

  • identityProviderId :: String.t()

    The Id of the identity provider to process this login request.

For more information, visit the FusionAuth API documentation for Complete an OpenID connect login

Link to this function

complete_openid_connect_login(client, login_request_body, headers)

View Source

Specs

complete_openid_connect_login(client(), login_request_body(), headers()) ::
  result()

Completes an OpenID connect login using a login request, this function allows for optional headers to be passed. Must at least contain the following values

  • applicationId :: String.t()

    The Id of the Application the user is to be logged into.

  • data

    • code :: String.t()

    The code parameter that was returned to the Authorization redirect URI. -redirect_uri :: String.t() The redirect URI that was provided to the OpenID Connect Authorization endpoint

  • identityProviderId :: String.t()

    The Id of the identity provider to process this login request.

  • headers :: list()

    list of headers in the form of tuples

  • header :: tuple()

    header in the form of {"header-name", "header-value"}

Headers available

  • X-Forwarded-For The IP address of a client requesting authentication. If the IP address is provided it will be stored in the user’s login record. It is generally preferred to specify the IP address in the request body. If it is not provided in the request body this header value will be used if available. However, the request body value takes precedence.
  • X-FusionAuth-TenantId The unique Id of the tenant used to scope this API request.

For more information, visit the FusionAuth API documentation for Complete an OpenID connect login

Link to this function

create_openid_connect_identity_provider(client, identity_provider)

View Source

Specs

create_openid_connect_identity_provider(client(), identity_provider()) ::
  result()

Creates an OpenID identity provider with the given identity provider configurations

For more information, visit the FusionAuth API documentation for Create an OpenID connect identity provider

Link to this function

create_openid_connect_identity_provider_uuid(client, identity_provider, identity_provider_id)

View Source

Specs

create_openid_connect_identity_provider_uuid(
  client(),
  identity_provider(),
  identity_provider_id()
) :: result()

Creates an OpenID identity provider with the given identity provider configurations and uses the given UUID as the provider's ID

For more information, visit the FusionAuth API documentation for Create an OpenID connect identity provider

Link to this function

delete_openid_connect_identity_provider(client, identity_provider_id)

View Source

Specs

delete_openid_connect_identity_provider(client(), identity_provider_id()) ::
  result()

Deletes an OpenID identity provider with the given identity provider ID

For more information, visit the FusionAuth API documentation for Delete an OpenID connect identity provider

Link to this function

lookup_identity_provider(client, domain)

View Source

Specs

lookup_identity_provider(client(), domain()) :: result()

Looks up a specific identity provider using the domain, note: example@domain.com and domain.com are functionally equivalent

For more information, visit the FusionAuth API documentation for Lookup an identity provider

Link to this function

retrieve_all_identity_providers(client)

View Source

Specs

retrieve_all_identity_providers(client()) :: FusionAuth.result()

Retrieves all identity providers

For more information, visit the FusionAuth API documentation for Retrieve all identity providers

Link to this function

retrieve_openid_connect_identity_provider(client, identity_provider_id)

View Source

Specs

retrieve_openid_connect_identity_provider(client(), identity_provider_id()) ::
  result()

Retrieves an OpenID identity provider with the given identity provider ID

For more information, visit the FusionAuth API documentation for Retrieve an OpenID connect identity provider

Link to this function

update_openid_connect_identity_provider(client, identity_provider, identity_provider_id)

View Source

Specs

update_openid_connect_identity_provider(
  client(),
  identity_provider(),
  identity_provider_id()
) :: result()

Updates an OpenID identity provider with the given ID using the identity provider configuration in the request body. This function implements the API call via PATCH.

Note: > When using the PATCH method, use the same request body documentation that is provided for the PUT request. The PATCH method will merge the provided request parameters into the existing object, this means all parameters are optional when using the PATCH method and you only provide the values you want changed. A null value can be used to remove a value. Patching an Array will result in all values from the new list being appended to the existing list, this is a known limitation to the current implementation of PATCH.

For more information, visit the FusionAuth API documentation for Update an OpenID connect identity provider