...
Property | Description |
---|---|
sessionCookie | The name of the cookie to set in user agents. |
sessionTimeout | The timeout for cookie-based sessions in minutes. Sessions inactive for this time interval will be purged including all access/refresh/ID tokens requested from an OAuth/OpenID Provider. |
secureCookie | The secure flag of the issued cookie. Set this value to true, if your are located behind an SSL-terminated ReverseProxy. |
delegateDomain | The domain against which to check incoming bearer tokens. If not set, incoming bearer tokens will not be accepted by the OAuth HttpLoginService. |
domain.<domain>.label | The mandatory human-readable label for the configured domain with identifier <domain>. |
domain.<domain>.authorizationLocation | The OAuth2 authorization endpoint URL. This value does not need to be set for full-featured OpenID Providers, where this value is fetched from the specified configurationLocation |
domain.<domain>.tokenLocation | The OAuth2 token endpoint URL. This value does not need to be set for full-featured OpenID Providers, where this value is fetched from the specified configurationLocation |
domain.<domain>.userLocation | The optional OAuth2 userinfo endpoint URL. This value does not need to be set for full-featured OpenID Providers, where this value is fetched from the specified configurationLocation |
domain.<domain>.configurationLocation | The well-known OpenID Connect configuration location. |
domain.<domain>.faviconLocation | The optional favicon location for domaindomains, which doe do not have a /favicon.ico resource on the root of their authorization web host. |
domain.<domain>.clientId | The client ID of our application as registered at the OAuth Provider. |
domain.<domain>.clientPassword | The password for the client ID of our application as registered at the OAuth Provider. |
domain.<domain>.scope | The mandatory scope to pass to the authorization endpoint. |
domain.<domain>.prompt | The optional prompt value to pass to the authorization endpoint. |
domain.<domain>.responseType | The optional response type to pass to the authorization endpoint. |
domain.<domain>.options | Comma-separated list of options from the set
|
...