IBM Security Verify

Shape the future of IBM Security Verify

We invite you to shape the future of IBM, including the product roadmap, by submitting ideas that matter to you the most.

Here's how it works:

Post your ideas

Start by posting ideas and requests to enhance a product or service. Take a look at ideas others have posted and upvote them if they matter to you,

  1. Post an idea

  2. Upvote ideas that matter most to you

  3. Get feedback from the IBM team to refine your idea

Submit a private idea

If you have confidential information or customer data to share with your idea, then - DO NOT submit using the link below, instead - please open a private feature request.

And finally - if its an issue with expected behaviour, a product defect or a support need, open a Support Case

Retrieve Application Client ID from API

Currently, there is no way to retrieve an Application Client ID via Cloud Identity API's. Currently, you can retrieve an API Client ID and Secret (GET /v1.0/apiclients/)  but not for an application (GET /v1.0/applications/) . In the Portal, an Admin is able to view an application Client ID, therefore, same info should be able to be retrieved via API

  • Guest
  • Sep 23 2019
  • Not under consideration
  • Sep 25, 2019

    Admin response

    Hello! This is actually available today via API. If you make a call to GET /v1.0/applications/{{id}} you will get a response that looks like this:

    ...
    "oidc":{
    "applicationUrl":"http://localhost:3000",
    "properties":{
    "grantTypes":{
    "authorizationCode":"true",
    "implicit":"true",
    "deviceFlow":"true",
    "ropc":"false"
    },
    "redirectUris":[
    "http://localhost:3000/oauth/callback"
    ],
    "idTokenSigningAlg":"RS256",
    "accessTokenExpiry":7200,
    "doNotGenerateClientSecret":"false",
    "generateRefreshToken":"false",
    "clientId":"f9949664-xxxx-xxxx-xxxx-00734eebecc0",
    "clientSecret":"123abc456def",
    "sendAllKnownUserAttributes":"false"
    },
    ...

  • Guest commented
    23 Jan, 2020 01:12am

    Hi there, this is a bug, I believe that a bug was already filed for this feature on another ticket. Closing this out as defect. It is being handled by our dev team now.

  • Guest commented
    2 Oct, 2019 12:32pm

    Hi. When I use the same request (GET /v1.0/applications{{id}}), I get a similar response, however, the clientId and clientSecret fields are not there. Is there something I have to configure to be able to see the client id/secret fields?
    My response that looks like:

    ...
    "oidc": {
                "applicationUrl": "https://localhost/oidc",
                "properties": {
                    "grantTypes": {
                        "authorizationCode": "true",
                        "implicit": "true",
                        "deviceFlow": "false",
                        "ropc": "true"
                    },
                    "redirectUris": [
                        "https://localhost/oidc"
                    ],
                    "idTokenSigningAlg": "RS256",
                    "accessTokenExpiry": 7200,
                    "refreshTokenExpiry": 604800,
                    "doNotGenerateClientSecret": "false",
                    "generateRefreshToken": "true",
                    "signingCertificate": "server",
                    "sendAllKnownUserAttributes": "false"
                },
                ...

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.