Auth API
Auth API
This is the Auth Service
Paths
/auth/api/v1/healthz
GET /auth/api/v1/healthz
- Summary: Health
- Description: Return Health Status.
Responses
- 200: Successful Response
- Content
application/json- Schema: Msg
- Content
/auth/api/v1/oauth/connect/token
POST /auth/api/v1/oauth/connect/token
- Summary: Get Access Token For Client Service Authentication
- Description: "Get Access token, Refresh token for Client Login" refers to the operation of obtaining both an access token and a refresh token using client authentication, enabling authenticated access to protected resources and token renewal without re-authentication.
Request Body
| Type | Parameter | Description | Data Type | is_optional |
|---|---|---|---|---|
| Query Parameter | realm | ID for the OAuth realm. | string (UUID) | optional |
| Query Parameter | client_id | client_id associated with a realm. | string | mandatory |
| Query Parameter | client_secret | client_secret for the client_id. | string | mandatory |
| Query Parameter | grant_type | Type of grant being requested. | string | optional |
| Query Parameter | scopes | Scopes requested for the access token. | string | optional |
Example response -
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwiaFwTMHhbqSXtiNkvUlcp0pMdDYy6nZ6E8-2Lg",
"expires_in": 300,
"refresh_expires_in": 1800,
"refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgOiAMF31HZzy865t7DabmSpX03T4UZO-TTvvh5B4QyG1so",
"token_type": "Bearer",
"not-before-policy": 0,
"session_state": "5225b959-0507-4b32-98fb-76aec1110ad8",
"scope": "email profile"
}
Responses
| Status Code | Description | Content Type | Details |
|---|---|---|---|
| 200 | Access token generated | application/json | Schema provided in response example |
| 400 | Bad Request | application/json | Example provided |
| 401 | Authentication failed | application/json | Example provided |
| 404 | Realm not found | application/json | Example provided |
| 422 | Validation Error | application/json | Schema: HTTPValidationError |
| 500 | Internal server error | application/json | Example provided |
Get Access Token For User Login -
/auth/api/v1/oauth/connect/user/login
POST /auth/api/v1/oauth/connect/user/login
- Summary: Get Access Token For User Login
- Description: "Get Access token, Refresh token for User Login" describes the process of acquiring an access token and a refresh token upon successful user authentication
Request Body
| Type | Parameter | Description | Data Type | is_optional |
|---|---|---|---|---|
| Query Parameter | realm | ID for the OAuth realm. | string (UUID) | optional |
| Query Parameter | username | Username associated with the request. | string | mandatory |
| Query Parameter | password | Password associated with the username. | string | mandatory |
| Query Parameter | grant_type | Type of grant being requested. | string | optional |
| Query Parameter | scopes | Scopes requested for the access token. | string | optional |
Example response -
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwiaFwTMHhbqSXtiNkvUlcp0pMdDYy6nZ6E8-2Lg",
"expires_in": 300,
"refresh_expires_in": 1800,
"refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgOiAMF31HZzy865t7DabmSpX03T4UZO-TTvvh5B4QyG1so",
"token_type": "Bearer",
"not-before-policy": 0,
"session_state": "5225b959-0507-4b32-98fb-76aec1110ad8",
"scope": "email profile"
}
Responses
| Status Code | Description | Content Type | Details |
|---|---|---|---|
| 200 | Access token generated | application/json | Schema provided in response example |
| 400 | Bad Request | application/json | Example provided |
| 401 | Authentication failed | application/json | Example provided |
| 404 | Realm not found | application/json | Example provided |
| 422 | Validation Error | application/json | Schema: HTTPValidationError |
| 500 | Internal server error | application/json | Example provided |
/auth/api/v1/oauth/connect/introspect
POST /auth/api/v1/oauth/connect/introspect
- Summary: Introspect Access Token
- Description: "Validate Access Token" refers to the process of verifying the authenticity, expiration, and permissions associated with a given access token
Request Body -
| Type | Parameter | Description | Data Type | is_optional |
|---|---|---|---|---|
| parameter | token | ID for the OAuth realm. | string (UUID) | optional |
| parameter | realm | ID for the OAuth realm | string | mandatory |
Example response -
{
"exp": 1700739696,
"iat": 1700739396,
"jti": "397a8f0b-377c-45d2-bb96-7ef77a1b9395",
"iss": "http://localhost:8180/realms/lm-lor-ng",
"sub": "cafde8af-6715-4870-b0e4-c3a3b46b35c6",
"typ": "Bearer",
"azp": "ai-workbench-service",
"session_state": "08e24cea-79ff-4c0d-9d4b-858405523191",
"preferred_username": "service-account-ai-workbench-service",
"email_verified": "false",
"realm_access": {
"roles": [
"default-roles-lm-lor-ng"
]
},
"scope": "email profile",
"sid": "08e24cea-79ff-4c0d-9d4b-858405523191",
"clientId": "ai-workbench-service",
"clientHost": "172.22.160.1",
"clientAddress": "172.22.160.1",
"client_id": "ai-workbench-service",
"username": "service-account-ai-workbench-service",
"active": "true"
}
Responses
| Status Code | Description | Content Type | Details |
|---|---|---|---|
| 200 | Access token generated | application/json | Schema provided in response example |
| 400 | Bad Request | application/json | Example provided |
| 401 | Authentication failed | application/json | Example provided |
| 404 | Realm not found | application/json | Example provided |
| 422 | Validation Error | application/json | Schema: HTTPValidationError |
| 500 | Internal server error | application/json | Example provided |
Components
Schemas
- Msg
- TokenRequest
- UserLoginRequest
- HTTPValidationError
(Definitions for schemas should be provided here based on the JSON definitions)