Retrieve Token Delegation for current Org

Retrieve the registered token exchange callback for the tenant.

User must have authorization role with TENANT_ADMIN suffix in the URL {org}.

The raw clientSecret is never returned; only its SHA-256 hash.

Authentication

AuthorizationBearer

``` export JWT_BEARER_TOKEN="<jwt-bearer-token>" # Example org name: "acme-inc export ORG_NAME=<org-name> # Use the JWT bearer token in your API request auth header: curl -v -X GET -H "Content-Type: application/json" -H "Authorization: Bearer $JWT_BEARER_TOKEN" https://nico-rest-api.nico.svc.cluster.local/v2/org/$ORG_NAME/nico/user/current ```

Path parameters

orgstringRequired

Name of the Org

siteIDstringRequiredformat: "uuid"

ID of the Site

Response

Token delegation retrieved

tokenEndpointstringformat: "uri"

clientSecretBasicobject

Public half of client_secret_basic credentials. Only the SHA-256 hash of the secret is returned.

subjectTokenAudiencestring

createddatetime

updateddatetime

Errors

400

Bad Request Error

403

Forbidden Error

404

Not Found Error

500

Internal Server Error

503

Service Unavailable Error

export JWT_BEARER_TOKEN="<jwt-bearer-token>"
# Example org name: "acme-inc
export ORG_NAME=<org-name>
# Use the JWT bearer token in your API request auth header:
curl -v -X GET -H "Content-Type: application/json" -H "Authorization: Bearer $JWT_BEARER_TOKEN" https://nico-rest-api.nico.svc.cluster.local/v2/org/$ORG_NAME/nico/user/current

Token delegation retrieved

Public half of client_secret_basic credentials. Only the SHA-256 hash of the secret is returned.

export JWT_BEARER_TOKEN="<jwt-bearer-token>"
# Example org name: "acme-inc
export ORG_NAME=<org-name>
# Use the JWT bearer token in your API request auth header:
curl -v -X GET -H "Content-Type: application/json" -H "Authorization: Bearer $JWT_BEARER_TOKEN" https://nico-rest-api.nico.svc.cluster.local/v2/org/$ORG_NAME/nico/user/current

1	{
2	"tokenEndpoint": "https://auth.acme-inc.com/oauth2/token",
3	"clientSecretBasic": {
4	"clientId": "acme-client-123",
5	"clientSecretHash": "3a7bd3e2360a3d5f8b9e2c4f1a5d6e7f8c9b0a1d2e3f4b5c6d7e8f9a0b1c2d3e"
6	},
7	"subjectTokenAudience": "https://api.acme-inc.com/",
8	"created": "2024-01-15T09:30:00Z",
9	"updated": "2024-01-15T09:30:00Z"
10	}