IAM (OIDC)

OIDC

The IAM OIDC service is a service used with Open ID Connect provider integrations.

Callback

rpc Callback (tetrateio.api.iam.v2.CallbackRequest) returns (google.protobuf.Empty)

Callback endpoint for OAuth2 Authorization Code grant flows as part of the OIDC spec.

Login

rpc Login (tetrateio.api.iam.v2.LoginRequest) returns (google.protobuf.Empty)

Login endpoint to start an OIDC Authentication flow.

CallbackRequest

Request with parameters for an OAuth2 Authorization Code grant redirect.

Field	Description	Validation Rule
code	string OAuth2 Authorization Code. When present this indicates the user authorized the request. TSB will use this code to acquire a token from the OIDC token endpoint and complete the login flow.	–
error	string OAuth2 Error Code. When present this indicates that either the authorization request has an error, the OIDC provider encountered an error or the user failed to log in. When set TSB will display information to the user indicating what went wrong. Standard error codes can be found found here. https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1 https://openid.net/specs/openid-connect-core-1_0.html#AuthError	–
state	string REQUIRED The state parameter sent to the OIDC provider on the authorization request.	string = {   min_len: 1 }
errorDescription	string OPTIONAL Optional error description sent by the OIDC provider when an error occurs.	–
errorUri	string OPTIONAL Optional error URI of a web page that includes additional information about the error.	–

LoginRequest

Request to initiate an OIDC Authentication flow.

Field	Description	Validation Rule
redirectUri	string OPTIONAL URl where the user will be redirected when the authentication flow completes.	–