[oidc:default] stanza
- discovery-endpoint
Use this entry to set the discovery endpoint for the OP. - redirect-uri-host
Use this entry to set the redirect URI that has been registered with the OIDC OP. - proxy
Use this entry to set the proxy that is used to reach the OIDC endpoints. - client-identity
Use this entry to set the Security Access Manager client identity as registered with the OP. - client-secret
Use this entry to set the Security Access Manager client secret as registered with the OP. - response-type
The required response type for authentication responses. - response-mode
Use this entry to set the required response mode for authentication responses. - scopes
Use this entry to set the scopes to be sent in the authentication request in addition to the openid scope. - bearer-token-attributes
Use this entry to set a JSON data element from the bearer token response, which should be included in the credential as an extended attribute. - id-token-attributes
Use this entry to set a claim from the Id token response which should be included in the credential as an extended attribute. - allowed-query-arg
Additional query string arguments can be provided to the authentication kick-off URL which will in turn be appended to the corresponding authentication request. - mapped-identity
Use this entry to set a formatted string that is used to construct the Security Access Manager principal name from elements of the ID token. - external-user
Use this entry to set whether the mapped identity should correspond to a known Security Access Manager identity.
Parent topic: Stanza reference