OAuth2 Client Manager (.NET)

In Relativity, you can use OAuth2 clients to configure external services and applications to authenticate against Relativity in a secure manner. For more information, see OAuth2 clients in the RelativityOne Documentation site.

The OAuth2Client Manager API exposes CRUD operations for OAuth2 clients. It also supports generating secrets for OAuth2 clients.

As a sample use case, you can implement a client application that presents the user with the Relativity login page to obtain an access token for calling Relativity APIs. The application can then call the APIs to perform tasks for customized e-discovery workflows and automation.

You can also use the OAuth2 Client Manager API through REST. For more information, see OAuth2 Client Manager (.NET).

This page contains the following information:

The Relativity.Identity.SDK contains this API. For compatibility and package installation instructions, see Download the SDKs and NuGet packages.

Fundamentals for the OAuth2 Client Manager API

Review the following information to learn about the methods and classes used by the OAuth2 Client Manager API.

Guidelines for the OAuth2 Client Manager API

Use these guidelines when working with the OAuth2 Client Manager API:

  • The Relativity user accessing the API must have the permissions required for working with OAuth2 client objects.
  • Before creating a Relativity OAuth2 client, you must correctly identify the flow or grant type required by the client application. The supported flows are defined by the OAuth2Flow enum. See Classes and enumerations.
  • In a typical programming workflow, you first create an OAuth2 client object, and then specify how long the access token granted to the client is valid.
  • It may be necessary to regenerate the client secret for security purposes. The reset takes effect immediately or with a specified delay.
  • System OAuth2 clients cannot be deleted.

Create an OAuth2 client

Use the CreateAsync() method to add a new OAuth2 client to Relativity.

    Notes:
  • You cannot create a client with an ID that already exists.
  • You cannot set the Secret property of the OAuth2Client because it is currently unsupported.

Update an OAuth2 client

Use the SaveAsync() to update an OAuth2 client.

  1. Update the properties on the OAuth2Client object. This code sample sets the access token lifetime to 10 minutes and the client to active.
    client.AccessTokenLifetimeInMinutes = 10;
    client.Enabled = true;
  2. Call the SaveAsync() method by passing it the OAuth2Client object with updated property values:
    await clientManager.SaveAsync(client);

Regenerate a client secret

To regenerate a client secret, call the RegenerateSecretAsync() method by passing the generated ID of the OAuth2 client:

string newSecret = await clientManager.RegenerateSecretAsync(client.Id);