Edit client

Accessing the client details provides the option to edit that client. Inside the edit window, Client Identifier, flow and the Owner Tenant are no longer possible to be changed. We include a variety of client fields, but some may not be applicable for all clients.

Before you start

Your permissions are determined by your role in the system:

• Owner: Holds complete control and administrative authority, including user management, configurations, and resource control.
• Contributor: Enjoys full access but lacks administrative privileges, enabling configuration of resources. Can't administer users.
• Reader: Provides read-only access for viewing information without administrative capabilities.

Fields and buttons

Fields

Client Name: The name of specific client.

Client Identifier The unique ID of the client.

Scopes
Scopes are identifiers for resources that a client wants to access. The Unit4 Identity Services (U4IDS) supports two types of scopes, identity scopes and resource scopes. By default U4IDS is configured with the OpenID standard scopes:

Claims
A claim is a statement that one resource, such as a person or organization, makes about itself or another resource. Claims are an integral part of client management, allowing for precise control and customization based on the specific needs of different client types. Here's how claims work for each client type:

• Machine to Machine Clients: whether already created or newly generated, come with distinct claim settings. Within this client type, the tenant claim is prepopulated and non-editable. The unit4_id claim is not prepopulated but is editable. It is a mandatory field. The Subscription (only for ERPx) claim is similar to the unit4_id claim, is not prepopulated and is editable. It's also a mandatory field.

• U4 Desktop Clients, they do not display any claims by default. The Add claim option is unavailable.

• U4 Native Mobile Clients, they do not display any claims by default. The Add claim option is unavailable.

• U4 Report Engine Clients, they do not display any claims by default. The Add claim option is unavailable.

• PKCE (Proof Key for Code Exchange), they do not display any claims by default. The Add claim option is unavailable.

• Implicit Clients they do not display any claims by default. The Add claim option is unavailable.

See Client claims for more information.

Authorization Code Lifetime Authorization codes should be used within a specified timeframe of 30 to 600 seconds, with the default set at 300 seconds.

Allowed Cors Origins List of all allowed CORS origins. To enable CORS for the client must register the base address of the application.

Refresh token usage Specifies the refresh token usage. Available values: OneTimeOnly or ReUse. Default value is OneTimeOnly.

Access Token Lifetime Specifies the time of access token lifetime. It should be used within a specified timeframe of 3 600 to 5 400 seconds (60 to 90 minutes), with the default set at 4 500 seconds (75 minutes).

Post Logout Redirect Uris List of post logout redirection uris.

Refresh token expiration Specifies the refresh token expiration. Available values: Absolute or Sliding. Default value is Absolute.

RedirectUris Specifies allowed URIs to return tokens or authorization codes to.

Identity token lifetime Identity codes should be used within a specified timeframe of 3 600 to 5 400 seconds (24 hours to 7 days), with the default set at 4 500 seconds (75 minutes).

AccessTokenType Reference or JWT token, default to JWT.

Absolute refresh token lifetime This should be used within a specified timeframe of 86 400 to 604 800 seconds (24 hours to 7 days), with the default set at 604 800 seconds.

Sliding refresh token lifetime This should be used within a specified timeframe of 86 400 to 604 800 seconds (24 hours to 7 days), with the default set at 604 800 seconds.

Enabled Specifies whether the client is enabled or disabled. Default value is true.

Add Claims Enables the form to enter new claim.

Flow Specifies the flow.

Always Send Client Claims Determines if claims will be always sent or not. When the Always send client claims checkbox is selected, the Add claim option is activated. Default is false.

Prefix Client Claims Determines if client claims are prefixed or not. If set, all client claims will be prefixed with client_ to make sure they don't accidentally collide with user claims. Default is false.

Buttons

• Save: Selecting this button after all the required information is provided will save the client with the new information.
• Delete: Selecting this button triggers a warning message, alerting the user that this client will be deleted.
• Back: Selecting this button to go back to the previous window (client details).