The following API endpoints can be used to manage Trusted Access.
|GET||Returns all the Trusted Access client information in the metadata. Included with this information is the access token validity time (in seconds), client ID, client name, client secret expiration time (in seconds), and the token authentication method. For a description of these, see Trusted Access Client Properties.|
|POST||Creates a Trusted Access client. The request must specify the number of seconds for which the access token is valid and the client name. The client name must be unique. When you create the client, the client ID, client secret, secret expiration time, and the token authentication method are automatically generated.|
|GET||Returns the Trusted Access client information for a specific client. The request must specify the client ID.|
|DELETE||Deletes a specific Trusted Access client. The request must specify the client ID.|
|PATCH||Updates the Trusted Access client information for a specific client. The request must specify the client ID and the number of seconds for which the access token is valid.|
Use pull to request a user access token for users that already exist in Composer.
The user must already exist, and have an active Composer user account (unless you are using LDAP with automatic provisioning for Composer).
You can't update user context such as user attributes or groups using
Use push to request a user access token for new and existing users by sending their context to Composer. Existing users are updated if their context has changed.
Context must contain
Several reserved keys are restricted from use in Composer as custom user attributes: