/oauth/register
OAuth 2.0 动态客户端注册端点。客户端自助注册并获取 client_id、client_secret 和 registration_access_token。限流:同一IP每小时最多10次注册。参考:RFC 7591 §2 (Dynamic Client Registration Protocol)。
Request Body
Schema: dto.ClientRegistrationRequest
| Field | Type | Required | Example | Constraints | Description |
|---|---|---|---|---|---|
redirect_uris |
array of string |
Yes | ['["https://app.example.com/callback"]'] |
items: 1–None | 回调URI列表 |
application_type |
string |
No | web |
应用类型 | |
client_name |
string |
No | My Application |
客户端名称 | |
client_uri |
string |
No | https://app.example.com |
客户端主页URL | |
contacts |
array of string |
No | ['["admin@example.com"]'] |
联系人 | |
grant_types |
array of string |
No | ['["authorization_code"', '"refresh_token"]'] |
授权类型 | |
jwks |
string |
No | JWKS文档 | ||
jwks_uri |
string |
No | https://app.example.com/jwks.json |
JWKS URI | |
logo_uri |
string |
No | https://app.example.com/logo.png |
Logo URL | |
policy_uri |
string |
No | https://app.example.com/privacy |
隐私政策URL | |
scope |
string |
No | openid profile email |
权限范围 | |
software_id |
string |
No | my-app-v1 |
软件ID | |
software_version |
string |
No | 1.0.0 |
软件版本 | |
token_endpoint_auth_method |
string |
No | client_secret_basic |
Token端点认证方法 | |
tos_uri |
string |
No | https://app.example.com/tos |
服务条款URL |
Responses
| Status | Description | Schema |
|---|---|---|
| 201 | 注册成功(含 client_id, client_secret, registration_access_token)。参考:RFC 7591 §2.1。 | dto.ClientRegistrationDetailResponse |
| 400 | invalid_client_metadata:请求元数据无效(缺少 redirect_uris 等)。参考:RFC 7591 §2.3。 | dto.OAuthErrorResponse |
| 429 | rate_limit_exceeded:注册频率超限,请稍后重试 | dto.OAuthErrorResponse |
| 500 | server_error:注册客户端失败 | dto.OAuthErrorResponse |
Referenced Schemas
dto.ClientRegistrationDetailResponse
| Field | Type | Required | Example | Constraints | Description |
|---|---|---|---|---|---|
code |
integer |
No | |||
data |
dto.ClientRegistrationResponse |
No | |||
message |
string |
No | |||
timestamp |
string |
No |
dto.ClientRegistrationResponse
OAuth 2.0 Dynamic Client Registration response (RFC 7591 §2.1)
| Field | Type | Required | Example | Constraints | Description |
|---|---|---|---|---|---|
application_type |
string |
No | web |
应用类型 | |
client_id |
string |
No | 01JNXXXXX... |
客户端ID | |
client_id_issued_at |
integer |
No | 1715692800 |
客户端ID签发时间 | |
client_name |
string |
No | My Application |
客户端名称 | |
client_secret |
string |
No | sec_abc123... |
客户端密钥 | |
client_secret_expires_at |
integer |
No | 0 |
客户端密钥过期时间(0=永不过期) | |
client_uri |
string |
No | https://app.example.com |
客户端主页URL | |
contacts |
array of string |
No | ['["admin@example.com"]'] |
联系人 | |
grant_types |
array of string |
No | ['["authorization_code"', '"refresh_token"]'] |
授权类型 | |
logo_uri |
string |
No | https://app.example.com/logo.png |
Logo URL | |
policy_uri |
string |
No | https://app.example.com/privacy |
隐私政策URL | |
redirect_uris |
array of string |
No | ['["https://app.example.com/callback"]'] |
回调URI列表 | |
registration_access_token |
string |
No | reg_abc123... |
注册管理Token | |
registration_client_uri |
string |
No | https://authms.example.com/api/v1/oauth/register/app-123 |
注册管理URI | |
scope |
string |
No | openid profile email |
权限范围 | |
token_endpoint_auth_method |
string |
No | client_secret_basic |
认证方法 | |
tos_uri |
string |
No | https://app.example.com/tos |
服务条款URL |
dto.OAuthErrorResponse
OAuth标准错误响应
| Field | Type | Required | Example | Constraints | Description |
|---|---|---|---|---|---|
error |
string |
No | invalid_request |
错误码 | |
error_description |
string |
No | Missing required parameter |
错误描述 | |
error_uri |
string |
No | https://docs.example.com/errors |
错误URI | |
state |
string |
No | state-123 |
状态 |