Autional Autional
API Reference GitHub autional.com →

POST /oauth/register

OAuth 2.0 dynamic client registration endpoint. Clients self-register and obtain client_id, client_secret, and registration_access_token. Rate limit: max 10 registrations per hour per IP. Reference: RFC 7591 §2 (Dynamic Client Registration Protocol).

OAuth None application/json

Request Body

Schema: dto.ClientRegistrationRequest

FieldTypeRequiredExampleConstraintsDescription
redirect_uris array of

string

Yes ['["https://app.example.com/callback"]'] items: 1–None Redirect URIs
application_type string No web Application type
client_name string No My Application Client name
client_uri string No https://app.example.com Client home page URL
contacts array of

string

No ['["admin@example.com"]'] Contacts
grant_types array of

string

No ['["authorization_code"', '"refresh_token"]'] Grant types
jwks string No JWKS document
jwks_uri string No https://app.example.com/jwks.json JWKS URI
logo_uri string No https://app.example.com/logo.png Logo URL
policy_uri string No https://app.example.com/privacy Privacy policy URL
scope string No openid profile email Scopes
software_id string No my-app-v1 Software ID
software_version string No 1.0.0 Software version
token_endpoint_auth_method string No client_secret_basic Token endpoint authentication method
tos_uri string No https://app.example.com/tos Terms of service URL

Responses

StatusDescriptionSchema
201Registration successful (includes client_id, client_secret, registration_access_token). Reference: RFC 7591 §2.1.dto.ClientRegistrationDetailResponse
400invalid_client_metadata: request metadata invalid (missing redirect_uris, etc.). Reference: RFC 7591 §2.3.dto.OAuthErrorResponse
429rate_limit_exceeded: registration rate limit exceeded, please retry laterdto.OAuthErrorResponse
500server_error: failed to register clientdto.OAuthErrorResponse

Referenced Schemas

dto.ClientRegistrationDetailResponse

FieldTypeRequiredExampleConstraintsDescription
code integer No
data dto.ClientRegistrationResponse No
message string No
timestamp string No

dto.ClientRegistrationResponse

OAuth 2.0 Dynamic Client Registration response (RFC 7591 §2.1)

FieldTypeRequiredExampleConstraintsDescription
application_type string No web Application type
client_id string No 01JNXXXXX... Client ID
client_id_issued_at integer No 1715692800 Client ID issued at
client_name string No My Application Client name
client_secret string No sec_abc123... Client secret
client_secret_expires_at integer No 0 Client secret expiration time (0 = never expires)
client_uri string No https://app.example.com Client home page URL
contacts array of

string

No ['["admin@example.com"]'] Contacts
grant_types array of

string

No ['["authorization_code"', '"refresh_token"]'] Grant types
logo_uri string No https://app.example.com/logo.png Logo URL
policy_uri string No https://app.example.com/privacy Privacy policy URL
redirect_uris array of

string

No ['["https://app.example.com/callback"]'] Redirect URIs
registration_access_token string No reg_abc123... Registration access token
registration_client_uri string No https://authms.example.com/api/v1/oauth/register/app-123 Registration management URI
scope string No openid profile email Scopes
token_endpoint_auth_method string No client_secret_basic Authentication method
tos_uri string No https://app.example.com/tos Terms of service URL

dto.OAuthErrorResponse

OAuth standard error response

FieldTypeRequiredExampleConstraintsDescription
error string No invalid_request Error code
error_description string No Missing required parameter Error description
error_uri string No https://docs.example.com/errors Error URI
state string No state-123 Status