The HTTP OAuth2 CTS Authorization Mechanism is used to define OAuth2 authorization through a direct access to the CTS (Core Token Service).
The HTTP OAuth2 CTS Authorization Mechanism object inherits from HTTP OAuth2 Authorization Mechanism.
Use the --advanced option to access advanced properties.
Basic Properties
Advanced Properties
| Synopsis | Indicates whether the HTTP OAuth2 Authorization Mechanism is enabled for use. |
| Default Value | false |
| Allowed Values | true false |
| Multi-valued | No |
| Required | Yes |
| Admin Action Required | None |
| Advanced | No |
| Read-Only | No |
| Synopsis | Token cache expiration |
| Default Value | None |
| Allowed Values | A duration. Lower limit: 0 seconds. Upper limit: 2147483647 seconds. |
| Multi-valued | No |
| Required | No |
| Admin Action Required | None |
| Advanced | No |
| Read-Only | No |
| Synopsis | Specifies the JSON pointer to the value to use as Authorization ID. The JSON pointer is applied to the resolved access token JSON document. (example: /uid) |
| Default Value | None |
| Allowed Values | A string. |
| Multi-valued | No |
| Required | Yes |
| Admin Action Required | None |
| Advanced | No |
| Read-Only | No |
| Synopsis | The base DN of the Core Token Service where access token are stored. (example: ou=famrecords,ou=openam-session,ou=tokens,dc=example,dc=com) |
| Default Value | None |
| Allowed Values | A string. |
| Multi-valued | No |
| Required | Yes |
| Admin Action Required | None |
| Advanced | No |
| Read-Only | No |
| Synopsis | Indicates whether the HTTP Authorization Mechanism is enabled. |
| Default Value | None |
| Allowed Values | true false |
| Multi-valued | No |
| Required | Yes |
| Admin Action Required | None |
| Advanced | No |
| Read-Only | No |
| Synopsis | > Specifies the name of the identity mapper to use in conjunction with the authzid-json-pointer to get the user corresponding to the acccess-token. |
| Default Value | None |
| Allowed Values | The name of an existing Identity Mapper. The referenced identity mapper must be enabled when the HTTP OAuth2 Authorization Mechanism is enabled. |
| Multi-valued | No |
| Required | Yes |
| Admin Action Required | None |
| Advanced | No |
| Read-Only | No |
| Synopsis | Scopes required to grant access to the service. |
| Default Value | None |
| Allowed Values | A string. |
| Multi-valued | Yes |
| Required | Yes |
| Admin Action Required | None |
| Advanced | No |
| Read-Only | No |
| Synopsis | Specifies the fully-qualified name of the Java class that provides the HTTP OAuth2 CTS Authorization Mechanism implementation. |
| Default Value | org.opends.server.protocols.http.authz.HttpOAuth2CtsAuthorizationMechanism |
| Allowed Values | A Java class that extends or implements: org.opends.server.protocols.http.authz.HttpAuthorizationMechanism |
| Multi-valued | No |
| Required | Yes |
| Admin Action Required | None |
| Advanced | Yes |
| Read-Only | No |