Versions Compared

Old Version 1

changes.mady.by.user John Jellema

Saved on

compared with

New Version Current

changes.mady.by.user ubisebastian

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Added FTN configuration for 8.10.1

Introduction

...

client_id

Contained in file generated when Activate is pressed

secret

Contained in file generated when Activate is pressed

https://sso.example.com/uas/oauth2/metadata.json

This publically available URL returns all of the required OAuth2 endpoints in JSON format.

Compatibility flags

The following compatibility flags are supported for OAuth 2.0 applications.

StrictAudiencePolicy

8.4.1Specific application or system-wide

Controls JWT aud claim construction and validation policy.

If set, the aud claim is required to match the invoked endpoint.

If not set, the aud claim must match either the issuer, the invoked endpoint or the token endpoint.

ExtendedOAuth2AuditLogging

8.5.0Specific applicationEnables additional audit logging for OAuth 2.0 applications. Additional audit logging for OAuth 2.0

Finnish Trust Network specific configurations

Trusted OAuth 2.0 and OpenID Connect applications in Finnish Trust Network (FTN) can provide their friendly name to be shown in the login UI and sent as the display name for Authentication Methods by setting Configuration String AllowFtnSpname as true. To do this in the Management UI, add AllowFtnSpname=true to the last line in Configuration String.

Configuration StringSince VersionDescription
AllowFtnSpname8.10.0

Can be true or false.

Controls whether or not the value of Authorization Request parameter ftn_spname is allowed to be used as the friendly name for the application.

If true, then the value of ftn_spname is used as the friendly name of the application and overrides any value of client_name in the Client Metadata.

If false, then the value of ftn_spname is ignored.

Default is false.