M2MClientRecord
M2MClientRecord
Defined in: dto/m2m.ts:21
One registry row, as returned by GET /admin/m2m-clients[/{id}]. The secret is NEVER present on reads — it’s emitted exactly once, inside CreateM2MClientResponse.
Properties
allowed_audiences
allowed_audiences:
string[]
Defined in: dto/m2m.ts:33
Advisory: which services this credential is intended for. Receiving services enforce scopes; audiences document intent.
client_id
client_id:
string
Defined in: dto/m2m.ts:24
Stable caller-chosen identifier, e.g. “claimleo-svc”.
created_at
created_at:
string
Defined in: dto/m2m.ts:37
created_by?
optionalcreated_by?:string|null
Defined in: dto/m2m.ts:42
User id of the admin who minted the client.
description?
optionaldescription?:string
Defined in: dto/m2m.ts:26
id
id:
string
Defined in: dto/m2m.ts:22
last_used_at?
optionallast_used_at?:string|null
Defined in: dto/m2m.ts:39
name
name:
string
Defined in: dto/m2m.ts:25
revoked_at?
optionalrevoked_at?:string|null
Defined in: dto/m2m.ts:40
scopes
scopes:
string[]
Defined in: dto/m2m.ts:30
Granted scope catalog (resource:action strings). The
scopes claim on minted service tokens is this set (or the
grant request’s narrower subset).
status
status:
string
Defined in: dto/m2m.ts:36
‘active’ | ‘disabled’ (soft-revoked rows are filtered out of list responses server-side).
updated_at
updated_at:
string
Defined in: dto/m2m.ts:38