HTTP OAuth2 Authorization Mechanism

This is an abstract object type that cannot be instantiated.

The HTTP OAuth2 Authorization Mechanism is used to define HTTP OAuth2 authorization mechanism.

HTTP OAuth2 Authorization Mechanisms

The following HTTP OAuth2 Authorization Mechanisms are available:

These HTTP OAuth2 Authorization Mechanisms inherit the properties described below.

Parent

The HTTP OAuth2 Authorization Mechanism object inherits from HTTP Authorization Mechanism.

Dependencies

HTTP OAuth2 Authorization Mechanisms depend on the following objects:

Properties

Use the --advanced option to access advanced properties.

Basic Properties

Advanced Properties

Basic Properties

access-token-cache-enabled

SynopsisIndicates whether the HTTP OAuth2 Authorization Mechanism is enabled for use.
Default Valuefalse
Allowed Valuestrue
false
Multi-valuedNo
RequiredYes
Admin Action RequiredNone
AdvancedNo
Read-OnlyNo

access-token-cache-expiration

SynopsisToken cache expiration
Default ValueNone
Allowed ValuesA duration. Lower limit: 0 seconds. Upper limit: 2147483647 seconds.
Multi-valuedNo
RequiredNo
Admin Action RequiredNone
AdvancedNo
Read-OnlyNo

authzid-json-pointer

SynopsisSpecifies the JSON pointer to the value to use as Authorization ID. The JSON pointer is applied to the resolved access token JSON document. (example: /uid)
Default ValueNone
Allowed ValuesA string.
Multi-valuedNo
RequiredYes
Admin Action RequiredNone
AdvancedNo
Read-OnlyNo

enabled

SynopsisIndicates whether the HTTP Authorization Mechanism is enabled.
Default ValueNone
Allowed Valuestrue
false
Multi-valuedNo
RequiredYes
Admin Action RequiredNone
AdvancedNo
Read-OnlyNo

identity-mapper

Synopsis> Specifies the name of the identity mapper to use in conjunction with the authzid-json-pointer to get the user corresponding to the acccess-token.
Default ValueNone
Allowed ValuesThe name of an existing Identity Mapper. The referenced identity mapper must be enabled when the HTTP OAuth2 Authorization Mechanism is enabled.
Multi-valuedNo
RequiredYes
Admin Action RequiredNone
AdvancedNo
Read-OnlyNo

required-scope

SynopsisScopes required to grant access to the service.
Default ValueNone
Allowed ValuesA string.
Multi-valuedYes
RequiredYes
Admin Action RequiredNone
AdvancedNo
Read-OnlyNo

Advanced Properties

java-class

SynopsisSpecifies the fully-qualified name of the Java class that provides the HTTP Authorization Mechanism implementation.
Default ValueNone
Allowed ValuesA Java class that extends or implements:
org.opends.server.protocols.http.authz.HttpAuthorizationMechanism
Multi-valuedNo
RequiredYes
Admin Action RequiredNone
AdvancedYes
Read-OnlyNo