The coverage map service is an unprotected endpoint that
returns a JavaScript Object
Notation (JSON) array of slash-terminated URI prefixes.
The array of URI prefixes designates which web contexts are part of
a Single Sign On (SSO) group, thus enabling clients to know whether
a URI destination is deemed safe to send an access token.
Before you begin
The coverage map service returns a
JSON array
of
URI prefixes, which are a unique set that is derived
from the aggregation of the
trusted_uri_prefixes parameter
values that are specified in the registered clients. Therefore, a
typical case for populating the coverage map service is to register
clients and specify the
trusted_uri_prefixes value.
About this task
The following example assumes that the Liberty OpenID
Connect provider is configured with SSL on port 443.
https://server.example.com:443/oidc/endpoint/<provider_name>/coverage_map
Additionally,
this example assumes that a client is registered with the specified trusted_uri_prefixes.
Procedure
- Specify a token_type URI query parameter
on the coverage_map endpoint. The following is an
example request that assumes that the client is registered with the
specified trusted_uri_prefixes
https://server.example.com:443/oidc/endpoint/<provider_name>/coverage_map?token_type=bearer
The
only token_type value that is supported is token_type=bearer.
- Get the coverage map for the bearer token type, as shown
in the following example.
Request Headers:
GET https://server.example.com:443/oidc/endpoint/<provider_name>/coverage_map?token_type=bearer
Response
Headers:
Status: 200
CacheControl: public, maxage=600
ETag:"vvhkgXkRx+BzR3Q4kwCCqw=="
ContentType: application/json
Response Body:
[
"http://res1.ibm.com/",
"https://trusted.server.ibm.com:9554/resources/"
]