The HTTP OAuth2 OpenAM Authorization Mechanism is used to define OAuth2 authorization using an OpenAM server as authorization server .
The HTTP OAuth2 OpenAM Authorization Mechanism object inherits from HTTP OAuth2 Authorization Mechanism.
HTTP OAuth2 OpenAM Authorization Mechanisms depend on the following objects:
Use the --advanced
option to access advanced properties.
Basic Properties
Advanced Properties
Synopsis | Indicates whether the HTTP OAuth2 Authorization Mechanism is enabled for use. |
Default Value | false |
Allowed Values | true false |
Multi-valued | No |
Required | Yes |
Admin Action Required | None |
Advanced | No |
Read-Only | No |
Synopsis | Token cache expiration |
Default Value | None |
Allowed Values | A duration. Lower limit: 0 seconds. Upper limit: 2147483647 seconds. |
Multi-valued | No |
Required | No |
Admin Action Required | None |
Advanced | No |
Read-Only | No |
Synopsis | Specifies the JSON pointer to the value to use as Authorization ID. The JSON pointer is applied to the resolved access token JSON document. (example: /uid) |
Default Value | None |
Allowed Values | A string. |
Multi-valued | No |
Required | Yes |
Admin Action Required | None |
Advanced | No |
Read-Only | No |
Synopsis | Indicates whether the HTTP Authorization Mechanism is enabled. |
Default Value | None |
Allowed Values | true false |
Multi-valued | No |
Required | Yes |
Admin Action Required | None |
Advanced | No |
Read-Only | No |
Synopsis | > Specifies the name of the identity mapper to use in conjunction with the authzid-json-pointer to get the user corresponding to the acccess-token. |
Default Value | None |
Allowed Values | The name of an existing Identity Mapper. The referenced identity mapper must be enabled when the HTTP OAuth2 Authorization Mechanism is enabled. |
Multi-valued | No |
Required | Yes |
Admin Action Required | None |
Advanced | No |
Read-Only | No |
Synopsis | Specifies the name of the key manager that should be used with this HTTP OAuth2 OpenAM Authorization Mechanism . |
Default Value | By default the system key manager(s) will be used. |
Allowed Values | The name of an existing Key Manager Provider. The referenced key manager provider must be enabled. |
Multi-valued | No |
Required | No |
Admin Action Required | None Changes to this property take effect immediately, but only for subsequent requests to the authorization server. |
Advanced | No |
Read-Only | No |
Synopsis | Scopes required to grant access to the service. |
Default Value | None |
Allowed Values | A string. |
Multi-valued | Yes |
Required | Yes |
Admin Action Required | None |
Advanced | No |
Read-Only | No |
Synopsis | Defines the OpenAM endpoint URL where the access-token resolution request should be sent. |
Default Value | None |
Allowed Values | A string. |
Multi-valued | No |
Required | Yes |
Admin Action Required | None |
Advanced | No |
Read-Only | No |
Synopsis | Specifies the name of the trust manager that should be used when negotiating SSL connections with the remote authorization server. |
Default Value | By default, no trust manager is specified indicating that only certificates signed by the authorities associated with this JVM will be accepted. |
Allowed Values | The name of an existing Trust Manager Provider. The referenced trust manager provider must be enabled when SSL is enabled. |
Multi-valued | No |
Required | No |
Admin Action Required | None Changes to this property take effect immediately, but only impact subsequent SSL connection negotiations. |
Advanced | No |
Read-Only | No |
Synopsis | Specifies the fully-qualified name of the Java class that provides the HTTP OAuth2 OpenAM Authorization Mechanism implementation. |
Default Value | org.opends.server.protocols.http.authz.HttpOAuth2OpenAmAuthorizationMechanism |
Allowed Values | A Java class that extends or implements: org.opends.server.protocols.http.authz.HttpAuthorizationMechanism |
Multi-valued | No |
Required | Yes |
Admin Action Required | None |
Advanced | Yes |
Read-Only | No |