Update an authorisation server

PUT /organisations/{OrganisationId}/authorisationservers/{AuthorisationServerId}

oAuth

Headers

x-fapi-auth-date string

The time when the PSU last logged in with the TPP. All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: Sun, 10 Sep 2017 19:43:31 UTC

Format should match the following pattern: ^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \d{2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \d{4} \d{2}:\d{2}:\d{2} (GMT|UTC)$.
x-fapi-customer-ip-address string

The PSU's IP address if the PSU is currently logged in with the TPP.
x-fapi-interaction-id string

An RFC4122 UID used as a correlation id.
x-customer-user-agent string

Indicates the user-agent that the PSU is using.

Path parameters

OrganisationId string Required

The organisation ID

Minimum length is 1, maximum length is 40. Format should match the following pattern: ^[^<>]*$.
AuthorisationServerId string Required

The authorisation server Id

Maximum length is 40. Format should match the following pattern: ^[^<>]*$.

application/json

Body Required

AutoRegistrationNotificationWebhook string(uri)

A compliant URI to subscribe to the software statement onboarding webhook

Maximum length is 255. Format should match the following pattern: ^(http://|https://).*.
AutoRegistrationSupported boolean Required

Flag to denote if this authorisation server supports the automatic onboarding of software statement clients

Default value is false.
CustomerFriendlyDescription string Required

A customer friendly description

Minimum length is 1, maximum length is 255. Format should match the following pattern: ^[^<>]*$.
CustomerFriendlyLogoUri string(uri)

A compliant URI

Format should match the following pattern: ^(http://|https://).*.(svg|png|jpg|jpeg)$|(data:image/[a-zA-Z0-9;+=-]+,[A-Za-z0-9+/]*={0,2})$.
CustomerFriendlyName string Required

Minimum length is 1, maximum length is 255. Format should match the following pattern: ^[^<>]*$.
DeprecatedDate string(date)

Authorisation Server support/deprecation end date
DeveloperPortalUri string(uri) | null

A compliant URI

Maximum length is 255. Format should match the following pattern: ^(http://|https://).*.
FederationId string(uuid)

The ID of the federation

Maximum length is 36.
Flags array[string]

Unique ID of the flag

Maximum length of each is 40. Format of each should match the following pattern: ^[^<>]*$.
NotificationWebhook string(uri)

A compliant URI

Maximum length is 255. Format should match the following pattern: ^(http://|https://).*.
OpenIDDiscoveryDocument string

A compliant URI

Maximum length is 255. Format should match the following pattern: ^(http://|https://).*.
ParentAuthorisationServerId string

Maximum length is 40. Format should match the following pattern: ^[^<>]*$.
PayloadSigningCertLocationUri string

A compliant URI

Maximum length is 255. Format should match the following pattern: ^(http://|https://).*.
RetirementDate string(date)

Authorisation Server Retirement date
Status string

Current status of this resource

Values are Active or Inactive. Default value is Active.
SupersededByAuthorisationServerId string

Authorisation Server ID which replaces the current auth server

Maximum length is 40. Format should match the following pattern: ^[^<>]*$.
TermsOfServiceUri string(uri) | null

A compliant URI

Maximum length is 255. Format should match the following pattern: ^(http://|https://).*.

Responses

200 application/json

Authorisation server response
Hide headers attribute Show headers attribute
- x-fapi-interaction-id string
  
  An RFC4122 UID used as a correlation id.
  
  Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.
Hide response attributes Show response attributes object
- AuthorisationServerId string
  
  Maximum length is 40. Format should match the following pattern: ^[^<>]*$.
- AutoRegistrationNotificationWebhook string(uri)
  
  A compliant URI to subscribe to the software statement onboarding webhook
  
  Maximum length is 255. Format should match the following pattern: ^(http://|https://).*.
- AutoRegistrationSupported boolean
  
  Flag to denote if this authorisation server supports the automatic onboarding of software statement clients
  
  Default value is false.
- CreatedAt string(date-time)
- CustomerFriendlyDescription string
  
  A customer friendly description
  
  Minimum length is 1, maximum length is 255. Format should match the following pattern: ^[^<>]*$.
- CustomerFriendlyLogoUri string(uri)
  
  A compliant URI
  
  Format should match the following pattern: ^(http://|https://).*.(svg|png|jpg|jpeg)$|(data:image/[a-zA-Z0-9;+=-]+,[A-Za-z0-9+/]*={0,2})$.
- CustomerFriendlyName string
  
  Minimum length is 1, maximum length is 255. Format should match the following pattern: ^[^<>]*$.
- DeprecatedDate string(date)
  
  Authorisation Server support/deprecation end date
- DeveloperPortalUri string(uri) | null
  
  A compliant URI
  
  Maximum length is 255. Format should match the following pattern: ^(http://|https://).*.
- FederationEndpoint string(uri)
  
  The federation endpoint for the Authorisation Server
  
  Maximum length is 255. Format should match the following pattern: ^(https://).*.
- FederationId string(uuid)
  
  The ID of the federation
  
  Maximum length is 36.
- Issuer string(uri)
  
  An issuer value pulled from the well-known endpoint
- NotificationWebhook string(uri)
  
  A compliant URI
  
  Maximum length is 255. Format should match the following pattern: ^(http://|https://).*.
- NotificationWebhookAddedDate string(date)
  
  Creation date
- NotificationWebhookStatus string
  
  Values are Pending, Confirmed, or Deactivated. Default value is Pending.
- OpenIDDiscoveryDocument string
  
  A compliant URI
  
  Maximum length is 255. Format should match the following pattern: ^(http://|https://).*.
- OrganisationId string
  
  Unique ID associated with the organisation
  
  Minimum length is 1, maximum length is 40. Format should match the following pattern: ^[^<>]*$.
- ParentAuthorisationServerId string
  
  Maximum length is 40. Format should match the following pattern: ^[^<>]*$.
- PayloadSigningCertLocationUri string
  
  A compliant URI
  
  Maximum length is 255. Format should match the following pattern: ^(http://|https://).*.
- RetirementDate string(date)
  
  Authorisation Server Retirement date
- Status string
  
  Current status of this resource
  
  Values are Active or Inactive. Default value is Active.
- SupersededByAuthorisationServerId string
  
  Authorisation Server ID which replaces the current auth server
  
  Maximum length is 40. Format should match the following pattern: ^[^<>]*$.
- SupportsCiba boolean
  
  Flag to denote if this authorisation server supports Client Initiated Backchannel Authentication
  
  Default value is false.
- SupportsDCR boolean
  
  Flag to denote if this authorisation server supports Dynamic Client Registration
  
  Default value is false.
- SupportsRedirect boolean
  
  Flag to denote if this authorisation server supports redirect
  
  Default value is false.
- TermsOfServiceUri string(uri) | null
  
  A compliant URI
  
  Maximum length is 255. Format should match the following pattern: ^(http://|https://).*.
400 application/json

Bad Request
Hide headers attribute Show headers attribute
- x-fapi-interaction-id string
  
  An RFC4122 UID used as a correlation id.
  
  Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.
Hide response attribute Show response attribute object
- errors array[string]
  
  Validation Error messages
401

Unauthorized
Hide headers attribute Show headers attribute
- x-fapi-interaction-id string
  
  An RFC4122 UID used as a correlation id.
  
  Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.
403

Forbidden
Hide headers attribute Show headers attribute
- x-fapi-interaction-id string
  
  An RFC4122 UID used as a correlation id.
  
  Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.
404 application/json

Not found
Hide headers attribute Show headers attribute
- x-fapi-interaction-id string
  
  An RFC4122 UID used as a correlation id.
  
  Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.
Hide response attribute Show response attribute object
- errors array[string]
  
  Validation Error messages
406

Not Acceptable
Hide headers attribute Show headers attribute
- x-fapi-interaction-id string
  
  An RFC4122 UID used as a correlation id.
  
  Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.
429

Too many requests, maximum capacity reached. Requests are now throttled.
Hide headers attribute Show headers attribute
- x-fapi-interaction-id string
  
  An RFC4122 UID used as a correlation id.
  
  Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.
500

Internal Server Error
Hide headers attribute Show headers attribute
- x-fapi-interaction-id string
  
  An RFC4122 UID used as a correlation id.
  
  Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.
502

Bad Gateway
Hide headers attribute Show headers attribute
- x-fapi-interaction-id string
  
  An RFC4122 UID used as a correlation id.
  
  Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.
504

Upstream timeout, insufficient capacity to serve request. More capacity being brought online. Please try again.
Hide headers attribute Show headers attribute
- x-fapi-interaction-id string
  
  An RFC4122 UID used as a correlation id.
  
  Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

PUT /organisations/{OrganisationId}/authorisationservers/{AuthorisationServerId}

curl \
 -X PUT https://matls-api.sandbox.raidiam.io/organisations/{OrganisationId}/authorisationservers/{AuthorisationServerId} \
 -H "Authorization: Bearer $ACCESS_TOKEN" \
 -H "Content-Type: application/json" \
 -H "x-fapi-auth-date: string" \
 -H "x-fapi-customer-ip-address: string" \
 -H "x-fapi-interaction-id: string" \
 -H "x-customer-user-agent: string" \
 -d '{"AutoRegistrationNotificationWebhook":"https://example.com","AutoRegistrationSupported":false,"CustomerFriendlyDescription":"string","CustomerFriendlyLogoUri":"https://example.com","CustomerFriendlyName":"string","DeprecatedDate":"2021-01-30","DeveloperPortalUri":"https://example.com","FederationId":"string","Flags":["f81d4fae-7dec-11d0-a765-00a0c91e6bf6"],"NotificationWebhook":"https://example.com","OpenIDDiscoveryDocument":"string","ParentAuthorisationServerId":"string","PayloadSigningCertLocationUri":"string","RetirementDate":"2023-12-30","Status":"Active","SupersededByAuthorisationServerId":"f81d4fae-7dec-11d0-a765-00a0c91e6bf6","TermsOfServiceUri":"https://example.com"}'

Request examples

# Headers
x-fapi-auth-date: string
x-fapi-customer-ip-address: string
x-fapi-interaction-id: string
x-customer-user-agent: string

# Payload
{
  "AutoRegistrationNotificationWebhook": "https://example.com",
  "AutoRegistrationSupported": false,
  "CustomerFriendlyDescription": "string",
  "CustomerFriendlyLogoUri": "https://example.com",
  "CustomerFriendlyName": "string",
  "DeprecatedDate": "2021-01-30",
  "DeveloperPortalUri": "https://example.com",
  "FederationId": "string",
  "Flags": [
    "f81d4fae-7dec-11d0-a765-00a0c91e6bf6"
  ],
  "NotificationWebhook": "https://example.com",
  "OpenIDDiscoveryDocument": "string",
  "ParentAuthorisationServerId": "string",
  "PayloadSigningCertLocationUri": "string",
  "RetirementDate": "2023-12-30",
  "Status": "Active",
  "SupersededByAuthorisationServerId": "f81d4fae-7dec-11d0-a765-00a0c91e6bf6",
  "TermsOfServiceUri": "https://example.com"
}

Response examples (200)

# Headers
x-fapi-interaction-id: 73cac523-d3ae-2289-b106-330a6218710d

# Payload
{
  "AuthorisationServerId": "string",
  "AutoRegistrationNotificationWebhook": "https://example.com",
  "AutoRegistrationSupported": false,
  "CreatedAt": "2025-05-04T09:42:00+00:00",
  "CustomerFriendlyDescription": "string",
  "CustomerFriendlyLogoUri": "https://example.com",
  "CustomerFriendlyName": "string",
  "DeprecatedDate": "2021-01-30",
  "DeveloperPortalUri": "https://example.com",
  "FederationEndpoint": "https://example.com",
  "FederationId": "string",
  "Issuer": "https://example.com",
  "NotificationWebhook": "https://example.com",
  "NotificationWebhookAddedDate": "2021-01-30",
  "NotificationWebhookStatus": "Pending",
  "OpenIDDiscoveryDocument": "string",
  "OrganisationId": "string",
  "ParentAuthorisationServerId": "string",
  "PayloadSigningCertLocationUri": "string",
  "RetirementDate": "2023-12-30",
  "Status": "Active",
  "SupersededByAuthorisationServerId": "f81d4fae-7dec-11d0-a765-00a0c91e6bf6",
  "SupportsCiba": false,
  "SupportsDCR": false,
  "SupportsRedirect": false,
  "TermsOfServiceUri": "https://example.com"
}

Response examples (400)

# Headers
x-fapi-interaction-id: 73cac523-d3ae-2289-b106-330a6218710d

# Payload
{
  "errors": [
    "string"
  ]
}

Response examples (404)

# Headers
x-fapi-interaction-id: 73cac523-d3ae-2289-b106-330a6218710d

# Payload
{
  "errors": [
    "string"
  ]
}