Authentication
You will need the following to get setup with MiTrust:
- A Jira account
- API keys for your Service Provider
Create a Jira account
You can self-register and create your customer account on our Jira Portal here.
Once registered, you will be able to create requests of various types (technical support, bug, report, security incident…), especially "Application for new Service Provider", which is the way to get your API keys.
Request API keys
API keys are associated with your Service Provider (or SP - this is how we call your own MiTrust instance).
After applying for your new Service Provider on our Jira Portal, you will receive an API key and secret:
- The
client_id
is a public piece of information identifying your application. - The
secret_key
shall remain secret, it will be used to generate an access token.
When applying to a new Service Provider, you will have to provide some information; the most important (hard to change) is the owner (administrator) information:
- Owner email : preferably a generic email address (ex. : [email protected]). If you have several SP, they should all have the same owner email
- Owner mobile number : the API secret will be sent to that number
About redirect URIs:
- They must be absolute (no wild card “_”, no hash “#”), as per OAuth2 RFC 7642
- GET parameters are OK (although deprecated – see https://datatracker.ietf.org/doc/html/rfc6819#section-5.2.3.5 ; you should rather use the state parameter in order to handle multiple values)
- Redirect URI should be HTTPS (except for SBX environment which can accept HTTP for localhost for development purpose)
Examples :
- https://www.example.*.com 🔴 (No wild card accepted)
- https://www.example.com?someQuery=query&someOtherQuery=otherQuery ✅ (GET Parameters are deprecated, but you should use the state to pass those parameters along)
- http://www.example.com 🔴 (Redirect URIs should be HTTPS)
- http://localhost:8484/example/ ✅ (localhost are OK for development purposes)
- http://localhost:4000/#/example/ 🔴 (The redirect uri MUST NOT include a hash)
Updated about 1 month ago