OAuth2 Client Manager (.NET)
In Relativity, you can use OAuth2 clients to configure external services and applications to authenticate against Relativity in a secure manner. For more information, see OAuth2 clients in the RelativityOne Documentation site.
The OAuth2Client Manager API exposes CRUD operations for OAuth2 clients. It also supports generating secrets for OAuth2 clients.
As a sample use case, you can implement a client application that presents the user with the Relativity login page to obtain an access token for calling Relativity APIs. The application can then call the APIs to perform tasks for customized e-discovery workflows and automation.
You can also use the OAuth2 Client Manager API through REST. For more information, see OAuth2 Client Manager (.NET).
Fundamentals for the OAuth2 Client Manager API
Review the following information to learn about the methods and classes used by the OAuth2 Client Manager API.
Methods
The OAuth2 Client Manager API includes the following methods available on the IOAuth2ClientManager interface in the Relativity.Identity.<VersionNumber>.Services namespace.
Note: The <VersionNumber> variable in the namespace indicates the version number of the API. The version number uses the format uppercase V and an integer version number, such as V1 or V2 in .NET.
- CreateAsync() method - adds a new OAuth2 client to Relativity. This overloaded method offers two options for adding a client:
- Create an OAuth2 client by specifying the flow and redirectUris.
- Create an OAuth2 client by using OAuth2Client objects. See Create an OAuth2 client.
- DeleteAsync() method - removes an OAuth2 client from Relativity.
- SaveAsync() method - saves changes made to an OAuth2 client. See Update an OAuth2 client.
- RegenerateSecretAsync() method - generates a new secret for an OAuth2 client. All previous secrets are immediately invalidated. See Regenerate a client secret.
Guidelines for the OAuth2 Client Manager API
Use these guidelines when working with the OAuth2 Client Manager API:
- The Relativity user accessing the API must have the permissions required for working with OAuth2 client objects.
- Before creating a Relativity OAuth2 client, you must correctly identify the flow or grant type required by the client application. The supported flows are defined by the OAuth2Flow enum. See Classes and enumerations.
- In a typical programming workflow, you first create an OAuth2 client object, and then specify how long the access token granted to the client is valid.
- It may be necessary to regenerate the client secret for security purposes. The reset takes effect immediately or with a specified delay.
- System OAuth2 clients cannot be deleted.
Create an OAuth2 client
Use the CreateAsync() method to add a new OAuth2 client to Relativity.
Notes:
- You cannot create a client with an ID that already exists.
- You cannot set the Secret property of the OAuth2Client because it is currently unsupported.
View code sample
Copy
1
2
3
4
5
6
7
8
9
10
11
12
Identity.{versionNumber}.OAuth2ClientModels.OAuth2Client client = new Identity.{versionNumber}.OAuth2ClientModels.OAuth2Client
{
Name = _clientName,
Flow = Identity.{versionNumber}.OAuth2ClientModels.OAuth2Flow.ClientCredentials,
RedirectUris = new List<Uri>(),
AccessTokenLifetimeInMinutes = 180,
ContextUser = 13941790
}
using (Relativity.Identity.{versionNumber}.Services.IOAuth2ClientManager oAuth2ClientManager = new ServiceFactory(settings).CreateProxy<IOAuth2ClientManager>())
{
await _clientMgr.CreateAsync(client);
}
Update an OAuth2 client
Use the SaveAsync() to update an OAuth2 client.
- Update the properties on the OAuth2Client object. This code sample sets the access token lifetime to 10 minutes and the client to active.
Copy1
2
client.AccessTokenLifetimeInMinutes = 10;
client.Enabled = true;
- Call the SaveAsync() method by passing it the OAuth2Client object with updated property values:
Copy1
await clientManager.SaveAsync(client);
Regenerate a client secret
To regenerate a client secret, call the RegenerateSecretAsync() method by passing the generated ID of the OAuth2 client:
Copy
1
string newSecret = await clientManager.RegenerateSecretAsync(client.Id);