HTTP OAuth2 File Based Authorization Mechanism
The HTTP OAuth2 File Based Authorization Mechanism is used to define OAuth2 authorization through a file based access-token resolution. For test purpose only, this mechanism is looking up for JSON access-token files under the specified path.
Parent
The HTTP OAuth2 File Based Authorization Mechanism object inherits from HTTP OAuth2 Authorization Mechanism.
HTTP OAuth2 File Based Authorization Mechanism properties
You can use configuration expressions to set property values at startup time. For details, see Property value substitution.
| Basic Properties | Advanced Properties |
|---|---|
access-token-cache-enabled |
access-token-cache-enabled
Synopsis |
Indicates whether the HTTP OAuth2 Authorization Mechanism is enabled for use. |
Default value |
false |
Allowed values |
true false |
Multi-valued |
No |
Required |
Yes |
Admin action required |
None |
Advanced |
No |
Read-only |
No |
access-token-cache-expiration
Synopsis |
Token cache expiration |
Default value |
None |
Allowed values |
|
Multi-valued |
No |
Required |
No |
Admin action required |
None |
Advanced |
No |
Read-only |
No |
access-token-directory
Synopsis |
Directory containing token files. File names must be equal to the token strings. The file content must a JSON object with the following attributes: 'scope', 'expireTime' and all the field(s) needed to resolve the authzIdTemplate. |
Default value |
oauth2-demo/ |
Allowed values |
A string. |
Multi-valued |
No |
Required |
Yes |
Admin action required |
None |
Advanced |
No |
Read-only |
No |
authzid-json-pointer
Synopsis |
Specifies the JSON pointer to the value to use as Authorization ID. The JSON pointer is applied to the resolved access token JSON document. |
Default value |
None |
Allowed values |
A string. |
Multi-valued |
No |
Required |
Yes |
Admin action required |
None |
Advanced |
No |
Read-only |
No |
enabled
Synopsis |
Indicates whether the HTTP Authorization Mechanism is enabled. |
Default value |
None |
Allowed values |
true false |
Multi-valued |
No |
Required |
Yes |
Admin action required |
None |
Advanced |
No |
Read-only |
No |
identity-mapper
Synopsis |
Specifies the name of the identity mapper(s) to use in conjunction with the authzid-json-pointer to get the user corresponding to the acccess-token. |
Default value |
None |
Allowed values |
The name of an existing identity-mapper. The referenced identity mapper(s) must be enabled when the HTTP OAuth2 Authorization Mechanism is enabled. |
Multi-valued |
Yes |
Required |
Yes |
Admin action required |
None |
Advanced |
No |
Read-only |
No |
Advanced properties
Use the --advanced
option to access advanced properties.
java-class
Synopsis |
Specifies the fully-qualified name of the Java class that provides the HTTP OAuth2 File Based Authorization Mechanism implementation. |
Default value |
org.opends.server.protocols.http.authz.HttpOAuth2FileAuthorizationMechanism |
Allowed values |
A Java class that extends or implements:
|
Multi-valued |
No |
Required |
Yes |
Admin action required |
None |
Advanced |
Yes |
Read-only |
No |