Using UAAC to Create an OAuth2 Client

You can use the UAA command-line interface (UAAC) instead of UAA Dashboard to create an OAuth2 client.

About this task

You can use the UAAC, to manage your UAA instance. For more information on installing the command-line interface, see https://github.com/cloudfoundry/cf-uaac.

Procedure

  1. Specify your UAA instance as the intended target.
    uaac target <uaa_instance_url>

    <uaa_instance_url> is the URL to your trusted issuer, for example, https://11fa0273-9e2a-37e2-9d06-2c95a1f4f5ea.predix-uaa.run.aws-usw02-pr.ice.predix.io. You can retrieve this URL from the VCAP_SERVICES environment variable after binding your UAA instance to an application.

  2. Log in using the administrative client.
    uaac token client get admin
  3. Specify the administrative client secret at the prompt.
  4. Use the following command to create the OAuth2 client:
    uaac client add [client_name] 
    --authorities "uaa.resource" 
    --scope "openid" 
    --autoapprove "openid" 
    --authorized_grant_types [authorization_code|implicit|password|client_credentials|refresh_token] 
    --redirect_uri [redirect_uri_1, redirect_uri_2, ...]

    For more information on UAA options such as scopes and authorized_grant_types, see the UAA documentation at https://github.com/GESoftware-CF/uaa/blob/master/docs/UAA-APIs.rst.

What to do next

t_updating_oauth2_client.html#task_k3h_k2c_1x for your service specific information.