Updating the Reverse Proxy Configuration

Edit online

The reverse proxy configuration is updated to configure it as an OIDC Relying Party, making use of the application on IBM® Verify.

Note: The following fields were retrieved from IBM Verify when using the APIs in the previous sections:

application id
client id
client secret

The following changes are made to the Reverse Proxy configuration file:

[oidc]
oidc-auth = https
default-op = default

[oidc:default]
response-type = code
mapped-identity = {preferred_username}
external-user = true
app_id = <application id>
discovery-endpoint = https://<subscription hostname>/oidc/endpoint/default/.well-known/openid-configuration
client-id = <client id>
client-secret = <client secret>

[ssl:default]
# string 230 GSK_SSL_EXTN_SERVERNAME_REQUEST
jct-gsk-attr-name = string:230:<subscription hostname>
# enum 4020 GSK_SSL_EXTN_SERVERNAME_REQUEST_ONRESUME
jct-gsk-attr-name = enum:4020:1