Step 4: Create a login policy (optional)

Identity Cloud DocumentationLogin Policies


Call the /config/loginPolicies endpoint using the POST method to create a login policy for your Hosted Login implementation. 

By default, Akamai issues you a single login policy, a policy used by both your public client and your confidential client. And that’s fine: the same login policy can be used by multiple OIDC clients. In fact, you might be able to get by with a single login policy. So then why would you need to create additional policies? Well, for one thing, you might want to return custom claims information for some of your users but not for all of your users. Because custom claims information is defined in login policies, different claim sets might require different policies. Likewise, you might want to direct different users to different login pages: the location of the login page is specified in the login policy (the loginURL property).

When configuring Bearer token authorization for this call, use the configuration token you provisioned in step 2.


Request Template

curl -X POST \
https://v1.api.<region>.janrain.com/<customer-id>/config/loginPolicies \
  -H 'Authorization: Bearer <token> \
  -H 'Content-Type: application/json' \
  -d '{
  "identityStoreDetails": {
    "connectionDetails": {
      "applicationId": "<capture-app-id>",
      "clientId": "<capture-app-owner-client-id>",
      "clientSecret": "<capture-app-owner-client-secret>",
      "domain": "<provided-by-akamai>",
      "entityType": "<entity-type>"
    },
    "type": "janrainCapture"
  },
  "loginURL": "https://v1.api.<region>.janrain.com/<customer-id>/auth-ui/login",
  "title": "<new-login-policy-name>"
}'


Example Request

curl -X POST \
https://v1.api.us.janrain.com/12345678-1234-1234-1234-123456789012/config/loginPolicies \
  -H 'Authorization: Bearer 123abc456...def789ghi' \
  -H 'Content-Type: application/json' \
  -d '{
  "identityStoreDetails": {
    "connectionDetails": {
      "applicationId": "1abcdef2g3hijklmno4pqrs5tu",
      "clientId": "abc123defg4h5i67jklmnopqrstuvw89",
      "clientSecret": "12a34bc5d67ef8ghij9klmn01o2pqrst",
      "domain": "dev-app.janraincapture.com",
      "entityType": "user"
    },
    "type": "janrainCapture"
  },
  "loginURL": "https://v1.api.us.janrain.com/12345678-1234-1234-1234-123456789012/auth-ui/login",
  "title": "Property 1 Login Policy"
}'


Example Response

"1ab23c45-6789-0123-d4ef-5g678h90ijk1"

The response contains the ID of the login policy you just created. If you want to review the full login policy you just created, call the /config/loginPolicies/{loginPolicyId} endpoint using the GET method.


  Step 5: Create an OIDC Client