sasctl.services.saslogon#

The SAS Logon service provides standard OAuth endpoints for client management.

class sasctl._services.saslogon.SASLogon[source]#

Bases: Service

The SAS Logon service client management related endpoints.

Provides functionality for managing client IDs and secrets This class is somewhat different from the other Service classes because many of the operations on the associated SA SLogon REST service are related to authentication. In sasctl all authentication is handled in the Session class, so only the operations that are not related to authentication are implemented here.

The operations provided by this service are only accessible to users with administrator permissions.

classmethod create_client(client_id, client_secret, scopes=None, redirect_uri=None, allow_password=False, allow_client_secret=False, allow_auth_code=False)[source]#

Register a new client with the SAS Viya environment.

Parameters:

  • client_id (str) – The ID to be assigned to the client.

  • client_secret (str) – The client secret used for authentication.

  • scopes (list of str, optional) – Specifies the levels of access that the client will be able to obtain on behalf of users when not using client credential authentication. If allow_password or allow_auth_code are true, the ‘openid’ scope will also be included. This is used to assert the identity of the user that the client is acting on behalf of. For clients that only use client credential authentication and therefore do not act on behalf of users, the ‘uaa.none’ scope will automatically be included.

  • redirect_uri (str, optional) – The allowed URI pattern for redirects during authorization. Defaults to ‘urn:ietf:wg:oauth:2.0:oob’.

  • allow_password (bool, optional) – Whether to allow username & password authentication with this client. Defaults to false.

  • allow_client_secret (bool) – Whether to allow authentication using just the client ID and client secret. Defaults to false.

  • allow_auth_code (bool, optional) – Whether to allow authorization code access using this client. Defaults to false.

Returns:

RestObj

classmethod delete_client(client)[source]#

Remove and existing client.

Parameters:

client (str or RestObj) – The client ID or a RestObj containing the client details.

Returns:

RestObj – The deleted client

Raises:

ValueError – If client is not found.

classmethod get_client(client_id)[source]#

Retrieve information about a specific client

Parameters:

client_id (str) – The id of the client.

Returns:

RestObj or None

classmethod list_clients(start_index=None, count=None, descending=False)[source]#

Retrieve a details of multiple clients.

Parameters:

  • start_index (int, optional) – Index of first client to return. Defaults to 1.

  • count (int, optional) – Number of clients to retrieve. Defaults to 100.

  • descending (bool, optional) – Whether to clients should be returned in descending order.

Returns:

list of dict – Each dict contains details for a single client. If no clients were found and empty list is returned.

classmethod update_client_secret(client, secret)[source]#
Parameters:

  • client (str or RestObj) – The client ID or a RestObj containing the client details.

  • secret (str) – The new client secret.

Returns:

None

Raises:

ValueError – If client is not found.