| Method | Description | Returns |
|---|---|---|
| getCimdDocumentHash() | string | |
| getCimdValidated() | DateTime | |
| getCimdUrl() | Convenience: extract the CIMD URL from the validated client_metadata JSON. | string |
OAuth\Models\Backend\CimdClient
OAuth client identified via Client ID Metadata Document (draft-ietf-oauth-client-id-metadata-document). Auto-registered on first sighting of an HTTPS-URL client_id by CimdClientResolver. The CIMD URL itself lives inside `clientMetadata` (the validated CIMD document JSON). The framework distinguishes these rows via: - the `entity` discriminator column (= 'OAuth\Entities\CimdClient') - `oauthClientId` is a synthetic 'cimd_ ' value Subsequent refreshes from the upstream metadata document will overwrite any manual edits — the document is the source of truth. Any future admin-edit UI should warn the operator that edits are transient. Delete cascades through FK relationships to revoke all derived grants — that is the canonical revocation path for a CIMD client.