CSS Updates

docs/api-tokens/create-api-token.md

@@ -19,6 +19,9 @@ import CodeChallengeVerifier from '../includes/_code-challenge-verifier.mdx';
 import MultiLanguageCodeBlock from '@site/src/components/CodeBlocks/MultiLanguageCodeBlock';
 import Tabs from '@theme/Tabs';
 import TabItem from '@theme/TabItem';
+import AccessTokenCreatePublicClientPkce from '../includes/_access_token_create_public_client_pkce.mdx';
+import AccessTokenCreateConfClientPkce from '../includes/_access_token_create_conf_client_pkce.mdx';
+import AccessTokenCreateConfClientCreds from '../includes/_access_token_create_conf_client_creds.mdx';
 
 ## Prerequisites
 
@@ -39,8 +42,8 @@ import CreateApiTokenConsole from '../includes/_create-api-token-console.mdx';
 
 <CreateApiTokenConsole />
 
-:::note  
-Note that the list of **Scopes** available to request comes from the **Resource Server** associated with the app.  
+:::note
+Note that the list of **Scopes** available to request comes from the **Resource Server** associated with the app.
 :::
 
 ## API
@@ -85,11 +88,11 @@ https://auth-{us|eu}.beyondidentity.com/v1/tenants/{tenant_id}/realms/{realm_id}
 
 where:
 
-  - {tenant_id} is the [ID of the tenant](/docs/find-tenant-id) in which the app is configured
+  - `{tenant_id}` is the [ID of the tenant](/docs/find-tenant-id) in which the app is configured
 
-  - {realm_id} is the **Realm Id** of the realm in which the application is configured
+  - `{realm_id}` is the **Realm Id** of the realm in which the application is configured
 
-  - {application_id} is the **Application ID** of the app
+  - `{application_id}` is the **Application ID** of the app
 
 ### Finding app endpoint URLs
 
@@ -109,20 +112,16 @@ An app that uses the authorization code grant type will have both `/authorize` a
 
 ### Client credentials grant type (Confidential client)
 
-import AccessTokenCreateConfClientCreds from '../includes/_access_token_create_conf_client_creds.mdx';
 
 <AccessTokenCreateConfClientCreds />
 
 ### Authorization code with PKCE (Public client)
 
-import AccessTokenCreatePublicClientPkce from '../includes/_access_token_create_public_client_pkce.mdx';
 
 <AccessTokenCreatePublicClientPkce />
 
 ### Authorization code with PKCE (Confidential client)
 
-import AccessTokenCreateConfClientPkce from '../includes/_access_token_create_conf_client_pkce.mdx';
-
 <AccessTokenCreateConfClientPkce />
 
 ### Token response
@@ -207,7 +206,7 @@ This parameter is used to set a custom expiration time on individual tokens, to
   --data-urlencode "response_type=code" \
   --data-urlencode "client_id=$(APPLICATION_CLIENT_ID)" \
   --data-urlencode "redirect_uri=$(REDIRECT_URI)" \
-  --data-urlencode "scope={SCOPES}" \	//for example scope=openid%20myapp%3Aread%20myapp%3Awrite
+  --data-urlencode "scope=$(SCOPES)" \	//for example scope=openid%20myapp%3Aread%20myapp%3Awrite
   --data-urlencode "state=$(STATE)" \
   --data-urlencode "code_challenge=$(CODE_CHALLENGE)" \
   --data-urlencode "code_challenge_method=S256"'
@@ -231,7 +230,7 @@ This parameter is used to set a custom expiration time on individual tokens, to
   -X POST \
   -u "$(CLIENT_ID):$(CLIENT_SECRET)" --basic \
   -H "Content-Type: application/x-www-form-urlencoded" \
-  -d "grant_type=authorization_code&code=$(CODE)&redirect_uri=${REDIRECT_URI}&client_id=$(CLIENT_ID)&code_verifier=$(CODE_VERIFIER)&expiration_time=3600"'
+  -d "grant_type=authorization_code&code=$(CODE)&redirect_uri=$(REDIRECT_URI)&client_id=$(CLIENT_ID)&code_verifier=$(CODE_VERIFIER)&expiration_time=3600"'
   title="/token"
   />
 
@@ -288,7 +287,7 @@ The `custom_claims` parameter allows for additional information to be stored wit
   -X POST \
   -u "$(CLIENT_ID):$(CLIENT_SECRET)" --basic \
   -H "Content-Type: application/x-www-form-urlencoded" \
-  -d "grant_type=client_credentials&scope=$(SCOPES)&custom_claims={"a": "b", "c": "d"}"'
+  -d "grant_type=client_credentials&scope=$(SCOPES)&custom_claims=$("a": "b", "c": "d")"'
   title="/token"
   />
 
@@ -308,7 +307,7 @@ The `custom_claims` parameter allows for additional information to be stored wit
   --data-urlencode "response_type=code" \
   --data-urlencode "client_id=$(APPLICATION_CLIENT_ID)" \
   --data-urlencode "redirect_uri=$(REDIRECT_URI)" \
-  --data-urlencode "scope={SCOPES}" \	//for example scope=openid%20myapp%3Aread%20myapp%3Awrite
+  --data-urlencode "scope=$(SCOPES)" \	//for example scope=openid%20myapp%3Aread%20myapp%3Awrite
   --data-urlencode "state=$(STATE)" \
   --data-urlencode "code_challenge=$(CODE_CHALLENGE)" \
   --data-urlencode "code_challenge_method=S256"'
@@ -332,7 +331,7 @@ The `custom_claims` parameter allows for additional information to be stored wit
   -X POST \
   -u "$(CLIENT_ID):$(CLIENT_SECRET)" --basic \
   -H "Content-Type: application/x-www-form-urlencoded" \
-  -d "grant_type=authorization_code&code=$(CODE)&redirect_uri=${REDIRECT_URI}&client_id=$(APP_CLIENT_ID)&code_verifier=$(CODE_VERIFIER)&expiration_time=3600&custom_claims={"a": "b", "c": "d"}"'
+  -d "grant_type=authorization_code&code=$(CODE)&redirect_uri=$(REDIRECT_URI)&client_id=$(APP_CLIENT_ID)&code_verifier=$(CODE_VERIFIER)&expiration_time=3600&custom_claims=("a": "b", "c": "d")"'
   title="/token"
   />
 

docs/api-tokens/enable-refresh-tokens.md

@@ -3,12 +3,12 @@ title: Refresh token request
 id: enable-refresh-tokens
 description: ''
 slug: /enable-refresh-tokens
-keywords: 
+keywords:
  - api token
  - create
 pagination_next: null
 pagination_prev: null
-last_update: 
+last_update:
    date: 07/07/2023
    author: Jen Field
 doc_type: how-to
@@ -18,53 +18,53 @@ displayed_sidebar: mainSidebar
 import MultiLanguageCodeBlock from '@site/src/components/CodeBlocks/MultiLanguageCodeBlock';
 
 
-When you [request an access token](/docs/create-api-token#api), it is possible to receive an additional token called a [refresh token](https://datatracker.ietf.org/doc/html/rfc6749#section-1.5) in the response.  The refresh token can be used to request additional access tokens with identical or narrower scope.  
+When you [request an access token](/docs/create-api-token#api), it is possible to receive an additional token called a [refresh token](https://datatracker.ietf.org/doc/html/rfc6749#section-1.5) in the response.  The refresh token can be used to request additional access tokens with identical or narrower scope.
 
 ## Prerequisites
 
-In order to request a refresh token, you need to have an [app configured in your Beyond Identity tenant](/docs/add-an-application) with the **Enable Refresh Tokens** setting enabled.  
+In order to request a refresh token, you need to have an [app configured in your Beyond Identity tenant](/docs/add-an-application) with the **Enable Refresh Tokens** setting enabled.
 
-If enabled, the [create token](/docs/create-api-token#api) response JSON object will contain an additional field called `refresh_token`, similar to [RFC6749#4.1.4](https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.4).  
+If enabled, the [create token](/docs/create-api-token#api) response JSON object will contain an additional field called `refresh_token`, similar to [RFC6749#4.1.4](https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.4).
 
 You can use that refresh token to obtain a new access token for the same identity with the same settings.
 
 ## API
 
-Use a refresh token to obtain a new access token as follows:  
+Use a refresh token to obtain a new access token as follows:
 
 ### Endpoints
 
-The request uses the app's `/token` endpoint:  
+The request uses the app's `/token` endpoint:
 
 ```http
-https://auth-{us|eu}.beyondidentity.com/v1/tenants/{tenant_id}/realms/{realm_id}/applications/{application_id}/token  
+https://auth-{us|eu}.beyondidentity.com/v1/tenants/{tenant_id}/realms/{realm_id}/applications/{application_id}/token
 ```
 
 ### Create HTTP Request
 
-Create the HTTP request as follows:  
+Create the HTTP request as follows:
 
 **Request URL**
 
 ```http
-https://auth-{us|eu}.beyondidentity.com/v1/tenants/{tenant_id}/realms/{realm_id}/applications/{application_id}/token  
+https://auth-{us|eu}.beyondidentity.com/v1/tenants/{tenant_id}/realms/{realm_id}/applications/{application_id}/token
 ```
 
-**Request method**: POST  
+**Request method**: POST
 
 **Request headers**:
 
 ```json
     "content-type": "application/x-www-form-urlencoded"
 ```
 
-**Request body**:  
+**Request body**:
 
 ```json
     "grant_type": "refresh_token",
     "refresh_token": "{refresh_token}"
 ```
-where {refresh_token} is the base64 encoded refresh_token returned from the previous access token request  
+where `{refresh_token}` is the base64 encoded refresh_token returned from the previous access token request
 
 ### Example
 
@@ -76,4 +76,4 @@ curl='curl "https://auth-$(REGION).beyondidentity.com/v1/tenants/$(TENANT_ID)/re
 title="/token"
 />
 
-You can read more about refresh flow in [RFC-6749#6](https://datatracker.ietf.org/doc/html/rfc6749#section-6)
+You can read more about refresh flow in [RFC-6749#6](https://datatracker.ietf.org/doc/html/rfc6749#section-6)

docs/api-tokens/list-access-tokens.md

@@ -3,12 +3,12 @@ title: List access tokens
 id: list-access-tokens
 description: ''
 slug: /list-access-tokens
-keywords: 
+keywords:
  - api-tokens
  - configuration
 pagination_next: null
 pagination_prev: null
-last_update: 
+last_update:
    date: 07/07/2023
    author: Jen Field
 draft: false
@@ -22,18 +22,18 @@ import MultiLanguageCodeBlock from '@site/src/components/CodeBlocks/MultiLanguag
 
 ## Prerequisites
 
-In order to list tokens, you need the following:  
+In order to list tokens, you need the following:
 
-- the application_id of the application that was used to issue the token  
+- the application_id of the application that was used to issue the token
+
+- a bearer token with the `tokens:read` scope and audience 'beyondidentity' for authorization (to create a Beyond Identity API token, see examples [here](/docs/create-api-token#example-create-tokens-for-the-beyond-identity-management-api))
 
-- a bearer token with the `tokens:read` scope and audience 'beyondidentity' for authorization (to create a Beyond Identity API token, see examples [here](/docs/create-api-token#example-create-tokens-for-the-beyond-identity-management-api))  
 
-
 ## Admin Console
 
-The console enables you to view issued API tokens for applications that use the client credentials grant type, such as the built in Beyond Identity Management API. For apps that use the authorization code grant type, you'll need to [list tokens via the API](#api).  
+The console enables you to view issued API tokens for applications that use the client credentials grant type, such as the built in Beyond Identity Management API. For apps that use the authorization code grant type, you'll need to [list tokens via the API](#api).
 
-For applications that use the client credentials grant type, view issued API tokens in the Admin console as follows:  
+For applications that use the client credentials grant type, view issued API tokens in the Admin console as follows:
 
 1. Under **Apps**, select the app for which you want to view issued tokens, such as the **Beyond Identity Management API** application.
 
@@ -43,38 +43,38 @@ For applications that use the client credentials grant type, view issued API tok
 
 ## API
 
-Use the [list tokens API](https://developer.beyondidentity.com/api/v1#tag/Tokens/operation/ListTokens) to list tokens for a given application or principal.  
+Use the [list tokens API](https://developer.beyondidentity.com/api/v1#tag/Tokens/operation/ListTokens) to list tokens for a given application or principal.
 
 ### List Access Tokens Request
 
-Create the HTTP request with the following properties:  
+Create the HTTP request with the following properties:
 
-**Request method:** GET  
+**Request method:** GET
 
-**Request URL:** 
+**Request URL:**
 
 ```http
-https://api-{us|eu}.beyondidentity.com/v1/tenants/{tenant_id}/realms/{realm_id}/applications/{application_id}/tokens?principal_type={principal_type}  
+https://api-{us|eu}.beyondidentity.com/v1/tenants/{tenant_id}/realms/{realm_id}/applications/{application_id}/tokens?principal_type={principal_type}
 ```
 
-where  
+where
 
-{principal_type} is either 'application' or 'identity' (see [List Tokens API](https://developer.beyondidentity.com/api/v1#tag/Tokens/operation/ListTokens) for more details on query parameters) 
+`{principal_type}` is either 'application' or 'identity' (see [List Tokens API](https://developer.beyondidentity.com/api/v1#tag/Tokens/operation/ListTokens) for more details on query parameters)
 
 :::note
-The list tokens API hostname is prefixed with "api-us" or "api-eu", not "auth-us" or "auth-eu"  
+The list tokens API hostname is prefixed with "api-us" or "api-eu", not "auth-us" or "auth-eu"
 :::
 
-**Request headers:**  
+**Request headers:**
 
 ```http
 Authorization: {authorization_token}
-content-type: application/x-www-form-urlencoded  
+content-type: application/x-www-form-urlencoded
 ```
 
-where 
+where
 
-{authorization_token} contains scope 'tokens:read' and audience 'beyondidentity'  
+`{authorization_token}` contains scope 'tokens:read' and audience 'beyondidentity'
 
 ### Example: List access tokens for an application