Lockspire.Admin
(lockspire v1.0.0)
Copy Markdown
Operator-facing service boundary for Lockspire admin workflows.
Summary
Functions
Activates a key as the current active signing key.
Creates a new client.
Disables a client.
Enables a client.
Generates a new signing key.
Gets a client by ID.
Gets a consent by ID.
Gets the Dynamic Client Registration (DCR) policy.
Gets a key by its ID.
Gets the server policy.
Gets token details by ID.
Lists registered clients.
Lists all consents.
Lists consents for a specific account.
Lists device authorizations.
Lists all signing keys.
Lists all active tokens.
Publishes a key for external use.
Updates the DCR policy.
Updates the DPoP policy mode.
Updates the security profile.
Updates the server policy mode.
Retires a key so it is no longer used for signing.
Revokes a specific consent.
Revokes a specific token.
Revokes a token and its entire family (e.g. refresh token chains).
Rotates the client secret for a given client.
Updates an existing client.
Functions
@spec activate_key(integer(), map() | keyword()) :: {:ok, Lockspire.Admin.Keys.key_view()} | {:error, term()}
Activates a key as the current active signing key.
@spec create_client(map() | keyword()) :: {:ok, Lockspire.Clients.RegistrationResult.t()} | {:error, [Lockspire.Clients.error_detail()]}
Creates a new client.
@spec disable_client(String.t(), map() | keyword()) :: {:ok, Lockspire.Domain.Client.t()} | {:error, :not_found | term()}
Disables a client.
@spec enable_client(String.t(), map() | keyword()) :: {:ok, Lockspire.Domain.Client.t()} | {:error, :not_found | term()}
Enables a client.
@spec generate_key(Lockspire.Domain.SigningKey.use_type()) :: {:ok, Lockspire.Admin.Keys.key_view()} | {:error, term()}
Generates a new signing key.
@spec get_client(String.t()) :: {:ok, Lockspire.Domain.Client.t()} | {:error, :not_found | term()}
Gets a client by ID.
@spec get_consent(integer()) :: {:ok, Lockspire.Admin.Consents.consent_view() | nil} | {:error, term()}
Gets a consent by ID.
@spec get_dcr_policy() :: {:ok, Lockspire.Domain.ServerPolicy.t()} | {:error, term()}
Gets the Dynamic Client Registration (DCR) policy.
@spec get_key(integer()) :: {:ok, Lockspire.Admin.Keys.key_view() | nil} | {:error, term()}
Gets a key by its ID.
@spec get_server_policy() :: {:ok, Lockspire.Domain.ServerPolicy.t()} | {:error, term()}
Gets the server policy.
@spec get_token(integer()) :: {:ok, Lockspire.Admin.Tokens.token_detail() | nil} | {:error, term()}
Gets token details by ID.
@spec list_clients(keyword()) :: {:ok, [Lockspire.Domain.Client.t()]} | {:error, term()}
Lists registered clients.
@spec list_consents(keyword()) :: {:ok, [Lockspire.Admin.Consents.consent_view()]} | {:error, term()}
Lists all consents.
@spec list_consents_for_account(String.t()) :: {:ok, [Lockspire.Admin.Consents.consent_view()]} | {:error, term()}
Lists consents for a specific account.
@spec list_device_authorizations(keyword()) :: {:ok, [Lockspire.Domain.DeviceAuthorization.t()]} | {:error, term()}
Lists device authorizations.
@spec list_keys(keyword()) :: {:ok, [Lockspire.Admin.Keys.key_view()]} | {:error, term()}
Lists all signing keys.
@spec list_tokens(keyword()) :: {:ok, [Lockspire.Admin.Tokens.token_view()]} | {:error, term()}
Lists all active tokens.
@spec publish_key(integer(), map() | keyword()) :: {:ok, Lockspire.Admin.Keys.key_view()} | {:error, term()}
Publishes a key for external use.
@spec put_dcr_policy(map()) :: {:ok, Lockspire.Domain.ServerPolicy.t()} | {:error, [Lockspire.Admin.ServerPolicy.error_detail()]} | {:error, term()}
Updates the DCR policy.
@spec put_dpop_policy(atom() | String.t()) :: {:ok, Lockspire.Domain.ServerPolicy.t()} | {:error, [Lockspire.Admin.ServerPolicy.error_detail()]} | {:error, term()}
Updates the DPoP policy mode.
@spec put_security_profile(atom() | String.t()) :: {:ok, Lockspire.Domain.ServerPolicy.t()} | {:error, [Lockspire.Admin.ServerPolicy.error_detail()]} | {:error, term()}
Updates the security profile.
@spec put_server_policy(atom() | String.t()) :: {:ok, Lockspire.Domain.ServerPolicy.t()} | {:error, [Lockspire.Admin.ServerPolicy.error_detail()]} | {:error, term()}
Updates the server policy mode.
@spec retire_key(integer(), map() | keyword()) :: {:ok, Lockspire.Admin.Keys.key_view()} | {:error, term()}
Retires a key so it is no longer used for signing.
@spec revoke_consent(integer(), map()) :: {:ok, Lockspire.Admin.Consents.consent_view()} | {:error, term()}
Revokes a specific consent.
@spec revoke_token(integer(), map()) :: {:ok, Lockspire.Admin.Tokens.token_detail()} | {:error, term()}
Revokes a specific token.
@spec revoke_token_family(integer(), map()) :: {:ok, %{count: non_neg_integer(), token: Lockspire.Admin.Tokens.token_detail()}} | {:error, term()}
Revokes a token and its entire family (e.g. refresh token chains).
@spec rotate_client_secret(String.t(), map() | keyword()) :: {:ok, %{client: Lockspire.Domain.Client.t(), client_secret: String.t()}} | {:error, [Lockspire.Clients.error_detail()]} | {:error, term()}
Rotates the client secret for a given client.
@spec update_client(String.t(), map() | keyword()) :: {:ok, Lockspire.Domain.Client.t()} | {:error, [Lockspire.Clients.error_detail()]} | {:error, term()}
Updates an existing client.