Authorization Server - Create Or Update

服務:

API Management

API 版本:

2024-05-01

建立新的授權伺服器或更新現有的授權伺服器。

PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/authorizationServers/{authsid}?api-version=2024-05-01

URI 參數

名稱	位於	必要	類型	Description
authsid	path	True	string minLength: 1 maxLength: 80 pattern: ^[^*#&+:<>?]+$	授權伺服器的識別碼。
resourceGroupName	path	True	string minLength: 1 maxLength: 90	資源群組的名稱。 名稱不區分大小寫。
serviceName	path	True	string minLength: 1 maxLength: 50 pattern: ^[a-zA-Z](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?$	API 管理服務的名稱。
subscriptionId	path	True	string (uuid)	目標訂用帳戶的標識碼。 此值必須是 UUID。
api-version	query	True	string minLength: 1	要用於這項作業的 API 版本。

要求標頭

名稱	必要	類型	Description
If-Match		string	實體的 ETag。 建立實體時不需要，但在更新實體時則為必要專案。

要求本文

名稱	必要	類型	Description
properties.authorizationEndpoint	True	string	OAuth 授權端點。 請參閱 http://tools.ietf.org/html/rfc6749#section-3.2。
properties.clientId	True	string	向這個授權伺服器註冊的用戶端或應用程式標識碼。
properties.clientRegistrationEndpoint	True	string	執行此授權伺服器的用戶端或應用程式註冊頁面的選擇性參考。 包含所參考實體的絕對 URL。
properties.displayName	True	string minLength: 1 maxLength: 50	使用者易記的授權伺服器名稱。
properties.grantTypes	True	GrantType[]	用戶端用來要求存取令牌的授權授與形式。
properties.authorizationMethods		AuthorizationMethod[]	授權端點支援的 HTTP 動詞。 GET 必須一律存在。 POST 是選擇性的。
properties.bearerTokenSendingMethods		BearerTokenSendingMethod[]	指定將存取令牌傳遞至 API 的機制。
properties.clientAuthenticationMethod		ClientAuthenticationMethod[]	此授權伺服器的令牌端點所支持的驗證方法。 可能的值為 Basic 和/或 Body。 指定 Body 時，客戶端認證和其他參數會在 application/x-www-form-urlencoded 格式的要求本文內傳遞。
properties.clientSecret		string	向這個授權伺服器註冊的用戶端或應用程式密碼。 此屬性不會填入 『GET』 作業！ 使用 '/listSecrets' POST 要求來取得值。
properties.defaultScope		string	預設會要求存取令牌範圍。 可以在 API 層級覆寫。 應以包含空格分隔值的字串形式提供。
properties.description		string	授權伺服器的描述。 可以包含 HTML 格式標記。
properties.resourceOwnerPassword		string	當此授權伺服器支援資源擁有者密碼授與類型時，可以選擇性地指定。 默認資源擁有者密碼。
properties.resourceOwnerUsername		string	當此授權伺服器支援資源擁有者密碼授與類型時，可以選擇性地指定。 默認資源擁有者用戶名稱。
properties.supportState		boolean	如果為 true，授權伺服器會包含授權要求到其回應的狀態參數。 用戶端可以使用狀態參數來提高通訊協定安全性。
properties.tokenBodyParameters		TokenBodyParameterContract[]	此授權伺服器的令牌端點所需的其他參數，以名稱與值字串屬性表示為 JSON 對象的陣列，亦即 {“name” ： “name value”， “value”： “a value”}。
properties.tokenEndpoint		string	OAuth 令牌端點。 包含所參考實體的絕對 URI。
properties.useInApiDocumentation		boolean	如果為 true，授權伺服器將會用於開發人員入口網站中的 API 檔。 如果未提供任何值，則預設為 False。
properties.useInTestConsole		boolean	如果為 true，授權伺服器可以在開發人員入口網站測試控制台中使用。 如果未提供任何值，則預設為 True。

回應

名稱	類型	Description
200 OK	AuthorizationServerContract	授權伺服器已註冊。 標題 ETag: string
201 Created	AuthorizationServerContract	已成功註冊授權伺服器。 標題 ETag: string
Other Status Codes	ErrorResponse	描述作業失敗原因的錯誤回應。

安全性

azure_auth

Azure Active Directory OAuth2 Flow。

類型: oauth2
Flow: implicit
授權 URL: https://login.microsoftonline.com/common/oauth2/authorize

範圍

名稱	Description
user_impersonation	模擬您的用戶帳戶

範例

ApiManagementCreateAuthorizationServer

範例要求

HTTP

PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/authorizationServers/newauthServer?api-version=2024-05-01

{
  "properties": {
    "displayName": "test2",
    "useInTestConsole": false,
    "useInApiDocumentation": true,
    "description": "test server",
    "clientRegistrationEndpoint": "https://www.contoso.com/apps",
    "authorizationEndpoint": "https://www.contoso.com/oauth2/auth",
    "authorizationMethods": [
      "GET"
    ],
    "tokenEndpoint": "https://www.contoso.com/oauth2/token",
    "supportState": true,
    "defaultScope": "read write",
    "grantTypes": [
      "authorizationCode",
      "implicit"
    ],
    "bearerTokenSendingMethods": [
      "authorizationHeader"
    ],
    "clientId": "1",
    "clientSecret": "2",
    "resourceOwnerUsername": "un",
    "resourceOwnerPassword": "pwd"
  }
}

Java

import com.azure.resourcemanager.apimanagement.models.AuthorizationMethod;
import com.azure.resourcemanager.apimanagement.models.BearerTokenSendingMethod;
import com.azure.resourcemanager.apimanagement.models.GrantType;
import java.util.Arrays;

/**
 * Samples for AuthorizationServer CreateOrUpdate.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2024-05-01/examples/
     * ApiManagementCreateAuthorizationServer.json
     */
    /**
     * Sample code: ApiManagementCreateAuthorizationServer.
     * 
     * @param manager Entry point to ApiManagementManager.
     */
    public static void
        apiManagementCreateAuthorizationServer(com.azure.resourcemanager.apimanagement.ApiManagementManager manager) {
        manager.authorizationServers().define("newauthServer").withExistingService("rg1", "apimService1")
            .withDisplayName("test2").withUseInTestConsole(false).withUseInApiDocumentation(true)
            .withClientRegistrationEndpoint("https://www.contoso.com/apps")
            .withAuthorizationEndpoint("https://www.contoso.com/oauth2/auth")
            .withGrantTypes(Arrays.asList(GrantType.AUTHORIZATION_CODE, GrantType.IMPLICIT)).withClientId("1")
            .withClientSecret("2").withDescription("test server")
            .withAuthorizationMethods(Arrays.asList(AuthorizationMethod.GET))
            .withTokenEndpoint("https://www.contoso.com/oauth2/token").withSupportState(true)
            .withDefaultScope("read write")
            .withBearerTokenSendingMethods(Arrays.asList(BearerTokenSendingMethod.AUTHORIZATION_HEADER))
            .withResourceOwnerUsername("un").withResourceOwnerPassword("pwd").create();
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Python

from azure.identity import DefaultAzureCredential

from azure.mgmt.apimanagement import ApiManagementClient

"""
# PREREQUISITES
    pip install azure-identity
    pip install azure-mgmt-apimanagement
# USAGE
    python api_management_create_authorization_server.py

    Before run the sample, please set the values of the client ID, tenant ID and client secret
    of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
    AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
    https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""


def main():
    client = ApiManagementClient(
        credential=DefaultAzureCredential(),
        subscription_id="00000000-0000-0000-0000-000000000000",
    )

    response = client.authorization_server.create_or_update(
        resource_group_name="rg1",
        service_name="apimService1",
        authsid="newauthServer",
        parameters={
            "properties": {
                "authorizationEndpoint": "https://www.contoso.com/oauth2/auth",
                "authorizationMethods": ["GET"],
                "bearerTokenSendingMethods": ["authorizationHeader"],
                "clientId": "1",
                "clientRegistrationEndpoint": "https://www.contoso.com/apps",
                "clientSecret": "2",
                "defaultScope": "read write",
                "description": "test server",
                "displayName": "test2",
                "grantTypes": ["authorizationCode", "implicit"],
                "resourceOwnerPassword": "pwd",
                "resourceOwnerUsername": "un",
                "supportState": True,
                "tokenEndpoint": "https://www.contoso.com/oauth2/token",
                "useInApiDocumentation": True,
                "useInTestConsole": False,
            }
        },
    )
    print(response)


# x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2024-05-01/examples/ApiManagementCreateAuthorizationServer.json
if __name__ == "__main__":
    main()

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Go

package armapimanagement_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/apimanagement/armapimanagement/v3"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e436160e64c0f8d7fb20d662be2712f71f0a7ef5/specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2024-05-01/examples/ApiManagementCreateAuthorizationServer.json
func ExampleAuthorizationServerClient_CreateOrUpdate() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armapimanagement.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	res, err := clientFactory.NewAuthorizationServerClient().CreateOrUpdate(ctx, "rg1", "apimService1", "newauthServer", armapimanagement.AuthorizationServerContract{
		Properties: &armapimanagement.AuthorizationServerContractProperties{
			Description: to.Ptr("test server"),
			AuthorizationMethods: []*armapimanagement.AuthorizationMethod{
				to.Ptr(armapimanagement.AuthorizationMethodGET)},
			BearerTokenSendingMethods: []*armapimanagement.BearerTokenSendingMethod{
				to.Ptr(armapimanagement.BearerTokenSendingMethodAuthorizationHeader)},
			DefaultScope:               to.Ptr("read write"),
			ResourceOwnerPassword:      to.Ptr("pwd"),
			ResourceOwnerUsername:      to.Ptr("un"),
			SupportState:               to.Ptr(true),
			TokenEndpoint:              to.Ptr("https://www.contoso.com/oauth2/token"),
			AuthorizationEndpoint:      to.Ptr("https://www.contoso.com/oauth2/auth"),
			ClientID:                   to.Ptr("1"),
			ClientRegistrationEndpoint: to.Ptr("https://www.contoso.com/apps"),
			ClientSecret:               to.Ptr("2"),
			DisplayName:                to.Ptr("test2"),
			GrantTypes: []*armapimanagement.GrantType{
				to.Ptr(armapimanagement.GrantTypeAuthorizationCode),
				to.Ptr(armapimanagement.GrantTypeImplicit)},
			UseInAPIDocumentation: to.Ptr(true),
			UseInTestConsole:      to.Ptr(false),
		},
	}, &armapimanagement.AuthorizationServerClientCreateOrUpdateOptions{IfMatch: nil})
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.AuthorizationServerContract = armapimanagement.AuthorizationServerContract{
	// 	Name: to.Ptr("newauthServer"),
	// 	Type: to.Ptr("Microsoft.ApiManagement/service/authorizationServers"),
	// 	ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/authorizationServers/newauthServer"),
	// 	Properties: &armapimanagement.AuthorizationServerContractProperties{
	// 		Description: to.Ptr("test server"),
	// 		AuthorizationMethods: []*armapimanagement.AuthorizationMethod{
	// 			to.Ptr(armapimanagement.AuthorizationMethodGET)},
	// 			BearerTokenSendingMethods: []*armapimanagement.BearerTokenSendingMethod{
	// 				to.Ptr(armapimanagement.BearerTokenSendingMethodAuthorizationHeader)},
	// 				DefaultScope: to.Ptr("read write"),
	// 				ResourceOwnerPassword: to.Ptr("pwd"),
	// 				ResourceOwnerUsername: to.Ptr("un"),
	// 				SupportState: to.Ptr(true),
	// 				TokenEndpoint: to.Ptr("https://www.contoso.com/oauth2/token"),
	// 				AuthorizationEndpoint: to.Ptr("https://www.contoso.com/oauth2/auth"),
	// 				ClientID: to.Ptr("1"),
	// 				ClientRegistrationEndpoint: to.Ptr("https://www.contoso.com/apps"),
	// 				DisplayName: to.Ptr("test2"),
	// 				GrantTypes: []*armapimanagement.GrantType{
	// 					to.Ptr(armapimanagement.GrantTypeAuthorizationCode),
	// 					to.Ptr(armapimanagement.GrantTypeImplicit)},
	// 					UseInAPIDocumentation: to.Ptr(true),
	// 					UseInTestConsole: to.Ptr(false),
	// 				},
	// 			}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

JavaScript

const { ApiManagementClient } = require("@azure/arm-apimanagement");
const { DefaultAzureCredential } = require("@azure/identity");
require("dotenv/config");

/**
 * This sample demonstrates how to Creates new authorization server or updates an existing authorization server.
 *
 * @summary Creates new authorization server or updates an existing authorization server.
 * x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2024-05-01/examples/ApiManagementCreateAuthorizationServer.json
 */
async function apiManagementCreateAuthorizationServer() {
  const subscriptionId =
    process.env["APIMANAGEMENT_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
  const resourceGroupName = process.env["APIMANAGEMENT_RESOURCE_GROUP"] || "rg1";
  const serviceName = "apimService1";
  const authsid = "newauthServer";
  const parameters = {
    description: "test server",
    authorizationEndpoint: "https://www.contoso.com/oauth2/auth",
    authorizationMethods: ["GET"],
    bearerTokenSendingMethods: ["authorizationHeader"],
    clientId: "1",
    clientRegistrationEndpoint: "https://www.contoso.com/apps",
    clientSecret: "2",
    defaultScope: "read write",
    displayName: "test2",
    grantTypes: ["authorizationCode", "implicit"],
    resourceOwnerPassword: "pwd",
    resourceOwnerUsername: "un",
    supportState: true,
    tokenEndpoint: "https://www.contoso.com/oauth2/token",
    useInApiDocumentation: true,
    useInTestConsole: false,
  };
  const credential = new DefaultAzureCredential();
  const client = new ApiManagementClient(credential, subscriptionId);
  const result = await client.authorizationServer.createOrUpdate(
    resourceGroupName,
    serviceName,
    authsid,
    parameters,
  );
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

dotnet

using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.ApiManagement.Models;
using Azure.ResourceManager.ApiManagement;

// Generated from example definition: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2024-05-01/examples/ApiManagementCreateAuthorizationServer.json
// this example is just showing the usage of "AuthorizationServer_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this ApiManagementServiceResource created on azure
// for more information of creating ApiManagementServiceResource, please refer to the document of ApiManagementServiceResource
string subscriptionId = "00000000-0000-0000-0000-000000000000";
string resourceGroupName = "rg1";
string serviceName = "apimService1";
ResourceIdentifier apiManagementServiceResourceId = ApiManagementServiceResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, serviceName);
ApiManagementServiceResource apiManagementService = client.GetApiManagementServiceResource(apiManagementServiceResourceId);

// get the collection of this ApiManagementAuthorizationServerResource
ApiManagementAuthorizationServerCollection collection = apiManagementService.GetApiManagementAuthorizationServers();

// invoke the operation
string authsid = "newauthServer";
ApiManagementAuthorizationServerData data = new ApiManagementAuthorizationServerData
{
    Description = "test server",
    AuthorizationMethods = { AuthorizationMethod.Get },
    TokenEndpoint = "https://www.contoso.com/oauth2/token",
    DoesSupportState = true,
    DefaultScope = "read write",
    BearerTokenSendingMethods = { BearerTokenSendingMethod.AuthorizationHeader },
    ResourceOwnerUsername = "un",
    ResourceOwnerPassword = "pwd",
    DisplayName = "test2",
    UseInTestConsole = false,
    UseInApiDocumentation = true,
    ClientRegistrationEndpoint = "https://www.contoso.com/apps",
    AuthorizationEndpoint = "https://www.contoso.com/oauth2/auth",
    GrantTypes = { GrantType.AuthorizationCode, GrantType.Implicit },
    ClientId = "1",
    ClientSecret = "2",
};
ArmOperation<ApiManagementAuthorizationServerResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, authsid, data);
ApiManagementAuthorizationServerResource result = lro.Value;

// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
ApiManagementAuthorizationServerData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

範例回覆

狀態碼:

201

{
  "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/authorizationServers/newauthServer",
  "type": "Microsoft.ApiManagement/service/authorizationServers",
  "name": "newauthServer",
  "properties": {
    "displayName": "test2",
    "useInTestConsole": false,
    "useInApiDocumentation": true,
    "description": "test server",
    "clientRegistrationEndpoint": "https://www.contoso.com/apps",
    "authorizationEndpoint": "https://www.contoso.com/oauth2/auth",
    "authorizationMethods": [
      "GET"
    ],
    "tokenEndpoint": "https://www.contoso.com/oauth2/token",
    "supportState": true,
    "defaultScope": "read write",
    "grantTypes": [
      "authorizationCode",
      "implicit"
    ],
    "bearerTokenSendingMethods": [
      "authorizationHeader"
    ],
    "clientId": "1",
    "resourceOwnerUsername": "un",
    "resourceOwnerPassword": "pwd"
  }
}

狀態碼:

200

{
  "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/authorizationServers/newauthServer",
  "type": "Microsoft.ApiManagement/service/authorizationServers",
  "name": "newauthServer",
  "properties": {
    "displayName": "test2",
    "useInTestConsole": false,
    "useInApiDocumentation": true,
    "description": "test server",
    "clientRegistrationEndpoint": "https://www.contoso.com/apps",
    "authorizationEndpoint": "https://www.contoso.com/oauth2/auth",
    "authorizationMethods": [
      "GET"
    ],
    "tokenEndpoint": "https://www.contoso.com/oauth2/token",
    "supportState": true,
    "defaultScope": "read write",
    "grantTypes": [
      "authorizationCode",
      "implicit"
    ],
    "bearerTokenSendingMethods": [
      "authorizationHeader"
    ],
    "clientId": "1",
    "resourceOwnerUsername": "un",
    "resourceOwnerPassword": "pwd"
  }
}

定義

名稱	Description
AuthorizationMethod	授權端點支援的 HTTP 動詞。 GET 必須一律存在。 POST 是選擇性的。
AuthorizationServerContract	外部 OAuth 授權伺服器設定。
BearerTokenSendingMethod	指定將存取令牌傳遞至 API 的機制。
ClientAuthenticationMethod	此授權伺服器的令牌端點所支持的驗證方法。 可能的值為 Basic 和/或 Body。 指定 Body 時，客戶端認證和其他參數會在 application/x-www-form-urlencoded 格式的要求本文內傳遞。
ErrorAdditionalInfo	資源管理錯誤其他資訊。
ErrorDetail	錯誤詳細數據。
ErrorResponse	錯誤回應
GrantType	用戶端用來要求存取令牌的授權授與形式。
TokenBodyParameterContract	OAuth 取得令牌要求本文參數 （www-url-form-encoded）。

AuthorizationMethod

列舉型別

授權端點支援的 HTTP 動詞。 GET 必須一律存在。 POST 是選擇性的。

值	Description
DELETE
GET
HEAD
OPTIONS
PATCH
POST
PUT
TRACE

AuthorizationServerContract

Object

外部 OAuth 授權伺服器設定。

名稱	類型	Description
id	string	資源的完整資源標識碼。 例如 - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
name	string	資源的名稱
properties.authorizationEndpoint	string	OAuth 授權端點。 請參閱 http://tools.ietf.org/html/rfc6749#section-3.2。
properties.authorizationMethods	AuthorizationMethod[]	授權端點支援的 HTTP 動詞。 GET 必須一律存在。 POST 是選擇性的。
properties.bearerTokenSendingMethods	BearerTokenSendingMethod[]	指定將存取令牌傳遞至 API 的機制。
properties.clientAuthenticationMethod	ClientAuthenticationMethod[]	此授權伺服器的令牌端點所支持的驗證方法。 可能的值為 Basic 和/或 Body。 指定 Body 時，客戶端認證和其他參數會在 application/x-www-form-urlencoded 格式的要求本文內傳遞。
properties.clientId	string	向這個授權伺服器註冊的用戶端或應用程式標識碼。
properties.clientRegistrationEndpoint	string	執行此授權伺服器的用戶端或應用程式註冊頁面的選擇性參考。 包含所參考實體的絕對 URL。
properties.clientSecret	string	向這個授權伺服器註冊的用戶端或應用程式密碼。 此屬性不會填入 『GET』 作業！ 使用 '/listSecrets' POST 要求來取得值。
properties.defaultScope	string	預設會要求存取令牌範圍。 可以在 API 層級覆寫。 應以包含空格分隔值的字串形式提供。
properties.description	string	授權伺服器的描述。 可以包含 HTML 格式標記。
properties.displayName	string minLength: 1 maxLength: 50	使用者易記的授權伺服器名稱。
properties.grantTypes	GrantType[]	用戶端用來要求存取令牌的授權授與形式。
properties.resourceOwnerPassword	string	當此授權伺服器支援資源擁有者密碼授與類型時，可以選擇性地指定。 默認資源擁有者密碼。
properties.resourceOwnerUsername	string	當此授權伺服器支援資源擁有者密碼授與類型時，可以選擇性地指定。 默認資源擁有者用戶名稱。
properties.supportState	boolean	如果為 true，授權伺服器會包含授權要求到其回應的狀態參數。 用戶端可以使用狀態參數來提高通訊協定安全性。
properties.tokenBodyParameters	TokenBodyParameterContract[]	此授權伺服器的令牌端點所需的其他參數，以名稱與值字串屬性表示為 JSON 對象的陣列，亦即 {“name” ： “name value”， “value”： “a value”}。
properties.tokenEndpoint	string	OAuth 令牌端點。 包含所參考實體的絕對 URI。
properties.useInApiDocumentation	boolean	如果為 true，授權伺服器將會用於開發人員入口網站中的 API 檔。 如果未提供任何值，則預設為 False。
properties.useInTestConsole	boolean	如果為 true，授權伺服器可以在開發人員入口網站測試控制台中使用。 如果未提供任何值，則預設為 True。
type	string	資源的型別。 例如“Microsoft.Compute/virtualMachines” 或 “Microsoft.Storage/storageAccounts”

BearerTokenSendingMethod

列舉型別

指定將存取令牌傳遞至 API 的機制。

值	Description
authorizationHeader
query

ClientAuthenticationMethod

列舉型別

此授權伺服器的令牌端點所支持的驗證方法。 可能的值為 Basic 和/或 Body。 指定 Body 時，客戶端認證和其他參數會在 application/x-www-form-urlencoded 格式的要求本文內傳遞。

值	Description
Basic	基本客戶端驗證方法。
Body	主體型驗證方法。

ErrorAdditionalInfo

Object

資源管理錯誤其他資訊。

名稱	類型	Description
info	object	其他資訊。
type	string	其他信息類型。

ErrorDetail

Object

錯誤詳細數據。

名稱	類型	Description
additionalInfo	ErrorAdditionalInfo[]	錯誤其他資訊。
code	string	錯誤碼。
details	ErrorDetail[]	錯誤詳細數據。
message	string	錯誤訊息。
target	string	錯誤目標。

ErrorResponse

Object

錯誤回應

名稱	類型	Description
error	ErrorDetail	error 物件。

GrantType

列舉型別

用戶端用來要求存取令牌的授權授與形式。

值	Description
authorizationCode	授權碼授與流程，如 https://tools.ietf.org/html/rfc6749#section-4.1所述。
clientCredentials	客戶端認證授與流程，如 https://tools.ietf.org/html/rfc6749#section-4.4所述。
implicit	隱含程式代碼授與流程，如 https://tools.ietf.org/html/rfc6749#section-4.2所述。
resourceOwnerPassword	資源擁有者密碼授與流程，如 https://tools.ietf.org/html/rfc6749#section-4.3所述。

TokenBodyParameterContract

Object

OAuth 取得令牌要求本文參數 （www-url-form-encoded）。

名稱	類型	Description
name	string	body 參數名稱。
value	string	body 參數值。