Scope and Audience
This section is meant for an administrator of an FPX network, and covers how to register a new Client or update an existing one in an FPX environment directly through the Admin API.
The reader of this document should be familiar with the architecture and terminology associated with the FPX specification. This specification extends the UMA 2.0 specification by enabling privacy preservation and governable network actors.
Before a Client can begin to interact with a Federated Privacy Exchange (FPX) Network, an FPX Admin User must register their service at the AS (Authorization Server). This process can be scripted and automated by directly integrating with the associated AS Admin API.
Onboarding is a two-step process. First, the Client must be registered and set up as an OAuth 2.0 Client of the Authorization Server. Secondly, the Admin User can optionally register capability tickets to this Client, enabling them to make use of FPX’s UMA 2.0 extension.
Without this secondary onboarding, the Client will be able to request and retrieve resources from Resource Servers they already know (RS-First or Standard UMA Grant 2.0 Flow), but will not be able to request multiple resources from many, potentially unknown, Resource Servers that are registered and trusted within the FPX network (AS-First or FPX UMA Grant 2.0 Flow). For more information on these two flows, see the FPX profile of UMA 2.0 contained in the FPX Specification.
Configuring a Client
Client configuration at the Authorization Server can be done directly through the API.