Client Registration

Client Registration Policies allow for the enforcement of various configuration settings on clients during their creation or update.

You can search for any specific client by using the search box.

Click the Refresh button to see the latest settings.

You can also modify the number of client policies displayed per screen by choosing your preferred option from the dropdown menu.

Anonymous access policies

These policies are used when the Client Registration Service is invoked by unauthenticated requests, which indicates that the request lacks an Initial Access Token or Bearer Token.

Name

It denotes the name assigned to the policy when it is created.

Provider ID

It refers to the ID of the provider you wish to set up for this specific policy.

When you click on the three dots next to any policy, you'll find the Delete option.

If you wish to remove a policy that is no longer needed, simply click on Delete.

Upon selecting Delete, you will receive the following prompt asking for confirmation.

Click on Delete if you want to proceed with deletion, or click Cancel to abort the operation

To initiate the creation of a new client policy, click on Create Client Policy.

You will receive a prompt asking for the type of policy provider you wish to create.

For example, in this scenario, the max-clients option is selected.

You will be redirected to the below screen.

This configuration imposes a cap on the quantity of clients allowed to be added to a realm.

Once this policy is set up, registering new clients will be prohibited if the number of clients in a realm reaches the specified maximum limit.

Provider

This is the selection you made from the prompt screen after clicking on Create Client Policy.

Name

Here, Name indicates the policy's Display Name.

Max Clients Per Realm

This setting enables you to establish the Maximum number of clients allowed per realm.

You have the flexibility to define this according to your specific needs.

Save

Click on Save to implement these adjustments.

Upon saving this specific policy, it will be included in the list under Anonymous Access Policies.

Cancel

Click on Cancel to discard the changes done.

The table below lists different providers and the services they offer.

Provider Names	Description
allowed-client-templates	It allows to specify a whitelist of client scopes, which will be permitted in the representation of registered or updated clients.
client-disabled	The newly registered client will be disabled and it will require manual activation by the administrator.
scope	The newly registered client will not be allowed the full scope.
max-clients	New client registration will be prohibited if the number of existing clients in the realm equals the configured limit.
allowed-protocol-mappers	It enables the specification of a whitelist of protocol mapper types that will be permitted in the representation of registered or updated clients.
trusted-hosts	It allows to specify the hosts from which users can register and the redirect URIs that clients can utilize in their configuration.
consent-required	The newly registered client will always have the ConsentRequired switch enabled.

Authenticated access policies

This refers to the Policies used when the Client Registration Service is invoked by an authenticated request, which indicates that the request includes either an Initial Access Token or a Bearer Token.

You can search for any specific client by using the search box.

Click the Refresh button to see the latest settings.

You can also modify the number of client policies displayed per screen by choosing your preferred option from the dropdown menu.

Name

It denotes the Name assigned to the Policy when it is created.

Provider ID

It refers to the ID of the Provider you wish to set up for this specific Policy.

When you click on the three dots next to any policy, you'll find the Delete option.

If you wish to remove a policy that is no longer needed, simply click on Delete.

After selecting Delete, you will be prompted with the following message for confirmation.

Click on Delete to proceed with deleting the policy, or click Cancel to abort the operation.

To initiate the creation of a new client policy, click on Create Client Policy.

You will receive a prompt asking for the type of policy provider you wish to create.

For example - if you select the allowed-client-templates option, you'll see the below screen.

This setting enables you to define a whitelist of client scopes that will be allowed for registered or updated clients.

Provider

This refers to the name of the Provider that you selected from the dropdown menu of Add Provider.

Name

It refers to the Display Name of the Policy.

Allowed Client Scopes

This section comprises the whitelist of Client Scopes allowed for use on a newly registered client.

If a client registration attempt includes client scopes which are not on the whitelist, it will be declined.

By default, the whitelist is either empty or consists solely of realm default client scopes, depending on the configuration of the Allow Default Scopes setting.

You can select the required options from the dropdown menu as per your requirements.

Allow Default Scopes

This toggle button controls whether newly registered clients are permitted to have client scopes specified in the realm's default client scopes or optional client scopes.

When enabled (toggled ON), newly registered clients can have these scopes.

Conversely, when disabled (toggled OFF), clients will not have these scopes.

Save

Once you've entered the details, click on Save to successfully add the policy.

It will then appear in the list under Authenticated Access Policies.

Cancel

If you decide not to add the Policy, click on Cancel to discard the changes.