SAS Logon

The SAS Logon API provides the standard OAuth protocol endpoints through which clients obtain access tokens to make API calls.

Root

Contains the operations for the root resource.

Get a collection of top-level links

Internal-Use OnlyReturns a list containing a link to only top-level collections surfaced by this API. These top level links include the server information endpoint.

Client Administration

Contains the operations for administering the Client resource.

Return collection of clients

Internal-Use OnlyReturns the collection of clients registered.

Create client

Internal-Use OnlyCreates a new client.

Determine whether client exists

Internal-Use OnlyReturns whether the client that is specified in the request exists.

/oauth/clients/{clientId}

Return client

Internal-Use OnlyReturns the client that is specified in the request.

/oauth/clients/{clientId}

Update client

Internal-Use OnlyUpdates the existing client that is specified in the request. This method performs a full replacement of the client resource. The ID may not be changed.

/oauth/clients/{clientId}

Delete client

Internal-Use OnlyDeletes the client that is specified in the request.

/oauth/clients/{clientId}

Change secret

Internal-Use OnlyChanges the secret for the client that is specified in the request.

/oauth/clients/{clientId}/secret

Authorization

Contains the operations for client authorization.

Grant access using client credentials

Internal-Use OnlyObtains an access token based on client credentials that have been granted to the registered client application. The SAS Logon service verifies the supplied client credentials. If they are valid, an access token is returned. Obtaining access tokens via client credentials grant works only with SAS Viya APIs that do not enforce authorization.

Grant access using password

Internal-Use OnlyObtains an access token on behalf of an end user, using that user's authenticating credentials (such as username and password) along with the client identifier and the associated secret that have been registered with the SAS environment. The user credentials are validated. If they are valid, the SAS Logon API returns an access token. Obtaining access tokens on behalf of an end user is required for all SAS Viya APIs that support user and group authorization rules.

Grant access using authorization code

Internal-Use OnlyObtains an access token on behalf of an end user, using an authorization code provided by the user along with the client identifier and the associated secret that have been registered with the SAS environment. The authorization code is validated and can be used only once. If it is valid, the SAS Logon API returns an access token. Obtaining access tokens on behalf of an end user is required for all SAS Viya APIs that support user and group authorization rules.