ClientDetails

client_id

A unique, eBay-generated id assigned to the third party application at the time it was registered.

client_id_issued_at

The UNIX timestamp when the client_id was issued. This time is represented as the number of seconds from "1970-01-01T00:00:00Z", as measured in UTC, until the date/time of issuance. Refer to RFC 7591 - OAuth 2.0 Dynamic Client Registration Protocol for complete information.

client_name

User-friendly name for the third party financial application.

Note: Language tags are not supported. Therefore, client_name will be specified in English.

client_secret

A unique OAuth 2.0 secret string assigned by eBay to the third party application at the time it is registered. This value should be unique for multiple instances of a client using the same client_id. This value is used by confidential clients to authenticate to the token endpoint, as described in OAuth 2.0 [RFC6749], Section 2.3.1.

Note: client_secret is unique to the organization identifier of subject name which contains jurisdiction, NCA Id, and Authorization Number.

client_secret_expires_at

The UNIX timestamp when the client_secret expires.

Note: When a client_secret has been provided, this field is REQUIRED.
A returned value of 0 indicates that the client_secret never expires.

This time is represented as the number of seconds from "1970-01-01T00:00:00Z", as measured in UTC, until the expiration date and time. Refer to RFC 7591 - OAuth 2.0 Dynamic Client Registration Protocol section 3.2.1 for complete information.

contacts

array of string

This container stores an array of email addresses for representatives at the third party provider responsible for the application being registered.

grant_types

array of string

An array of OAuth 2.0 grant type strings that the client software can use at the token endpoint. Supported grant type values are:

• authorization_code: The authorization code grant type defined in OAuth 2.0, Section 4.1.
• client_credentials: The client credentials grant type defined in OAuth 2.0, Section 4.4.

If the token endpoint is used in the grant type, the value of this parameter MUST be the same as the value of the grant_type parameter passed to the token endpoint defined in the grant type definition. Authorization servers may allow for other values as defined in the grant type extension process described in OAuth 2.0, Section 4.5. If omitted, the default behavior is that the client will use only the authorization_code Grant Type.

policy_uri

The URL string pointing to a human-readable privacy policy document that describes how the third party provider collects, uses, retains, and discloses personal data.

Note: Only HTTPS URLs are supported for policy_uri strings.
Note: This URL must not point to the eBay Privacy Policy.
The authorization server should display this secure URL to the end-user if it is provided. The value of this field must point to a valid and secure web page.

Note: Language tags are not supported. Therefore, policy_uri will be displayed in English.

redirect_uris

array of string

An eBay system-generated value assigned to the application. This value represents the redirect uri(s) submitted by the user either in the request payload (i.e., the redirect_uris field,) or the software_statement.

scope

String containing a space-separated list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) that the client can use when requesting access tokens. The semantics of values in this list are service specific.

software_id

A unique identifier string provided by the client developer or software publisher at the time of registration that identifies the client software being registered.

Unlike client_id which should change between instances, the software_id should be the same value for all instances of the client software. That is, the software_id should remain unchanged across multiple updates or versions of the same piece of software.

software_statement

The Software Statement Assertion (SSA), a JSON Web Token (JWT), that has been issued by the OpenBanking identifier. Refer to RFC 7591 - OAuth 2.0 Dynamic Client Registration Protocol for complete information.