Untitled :: Documentation

oauth/Requests

A collection of OAuth 2.0 authorization and identity providers OpenId Connect 1.0.

Created by the microservice ws. It is used when servicing requests to the group Endpoint /oauth/….

Used to perform the three-step process of external authorization and linking an external account to a local account.

Successful completion requires setting up a token authorization service script in the master domain ('iam_token_svcscript_code').

Contained only in the master domain.

Storage Type: runtime.

Table 1. Class fields
Field	Description
`id`	Identifier
`remoteIp`	IP-the address of the initiator of the request.
`status`	Request Status: `initial` - the request has been created. `authorized` - external authorization has been successfully completed. `linked` - an external account is linked to an internal account, a session has been created. `error` - authorization/identification process error. Correct sequence of states: 'initial' → 'authorized' → 'linked'.
`statusText`	Text of the error that occurred. To be filled in when setting the status 'error'.
`provider_key`	OAuth authorization provider key (from collection 'oauth/Providers').
`provider_key`	OAuth authorization provider identifier (from collection 'oauth/Providers').
`refresh_token`	Token to update the 'access_token' value used to access an external data server. The system does not make any calls to the external authorization server and data server after the initial authorization is complete, so the entity is automatically deleted.
`scope`	Allowed during external authorization scope. May be less than registered for the system if optional_scope is used and the user does not pad some of the selected partitions.
`oid`	The detected ID of the external user account on the external authorization server.
`login`	The detected login of an external user account on an external authorization server. Can be used for mapping when linking to a local user account.
`name`	The detected name of the external user account on the external authorization server. Can be used when creating a local user account.
`email`	The detected email of an external user account on an external authorization server. Can be used either when creating a local user account or linking to an existing user account.
`domain`	The local domain of the system where it is proposed to bind to the external user account.
`info`	Collected user information from an external system to place in the 'opts.info' field of the mapped account.
`payload`	Original content about external user account. Determined as a result of parsing JWT content or JSON content in an external data server response or redirect from an external authorization server.
`ts`	Timestamp of request creation/modification.
`expires_in`	The lifetime of the request in seconds. Clocked from the moment of each entity change (the 'ts' field sets the timestamp). When it expires, the request is automatically deleted. In the 'initial' and 'authorized' states, the lifetime is 120 seconds. In the 'ready' state, 60 seconds. The system does not make any calls to the external authorization server and data server after the initial authorization is complete, so the entity is automatically deleted.

oauth/Requests

References: