Client configuration reference - SSO
This page lists Client Configuration parameters used when SSO Server acts as OAuth 2.0 or OpenID Connect provider
Name | Description |
---|---|
OAuth 2.0 parameters | |
redirect_uris | List of allowed redirect_uri values for client |
token_endpoint_auth_method | Controls Client Authentication method for client |
grant_types | List of allowed grant types for client. If not specified then authorization_code, password and refresh_token are allowed |
response_types | List of allowed response types for client Only code is currently implemented |
client_name | Human readable name of client. |
logo_uri | Uri that references a logo for the client |
scope | List of allowed attribute scope values for client. If not specified then all scope values are allowed When also When |
aud | List of allowed client_id values to be used as scope values for authentication and token requests specifying which clients are allowed as audience for the access token. If not specified, then the |
jwks | Public keys of client as a JSON Web Key Set |
client_id | Unique client identifier Configuration response only |
client_secret | Client secret Configuration response only |
code_challenge_method | Default code_challenge_method for authorization request. When set as either "plain" or "S256", sending authorization requests without a code_challenge is not allowed. When set as "S256", use of "plain" code_challenge_method is not allowed. See RFC 7636 - Proof Key for Code Exchange by OAuth Public Clients. |
OpenID Connect parameters | |
id_token_signed_response_alg id_token_encrypted_response_alg id_token_encrypted_response_enc | Controls ID Token signature and encryption algorithms |
userinfo_signed_response_alg userinfo_encrypted_response_alg userinfo_encrypted_response_enc | Controls UserInfo Response signature and encryption algorithms |
request_object_signing_alg request_object_encryption_alg request_object_encryption_enc | Controls Authorization Request signature and encryption algorithms |
token_endpoint_auth_signing_alg | Controls JWT Client Authentication signature algorithm |