HTTP OAuth2 CTS Authorization Mechanism

The HTTP OAuth2 CTS Authorization Mechanism is used to define OAuth2 authorization through a direct access to the CTS (Core Token Service).

Parent

The HTTP OAuth2 CTS Authorization Mechanism object inherits from HTTP OAuth2 Authorization Mechanism.

Basic Properties

access-token-cache-enabled

SynopsisIndicates whether the HTTP OAuth2 Authorization Mechanism is enabled for use.
Default Value

false

Allowed Values

true

false

Multi-valued

No

Required

Yes

Admin Action Required

None

Advanced

No

Read-Only

No

access-token-cache-expiration

SynopsisToken cache expiration
Default Value

None

Allowed Values

Uses Duration Syntax .

Lower limit: 0 seconds.

Upper limit: 2147483647 seconds.

Multi-valued

No

Required

No

Admin Action Required

None

Advanced

No

Read-Only

No

authzid-json-pointer

SynopsisSpecifies the JSON pointer to the value to use as Authorization ID. The JSON pointer is applied to the resolved access token JSON document.
Default Value

None

Allowed Values

A string.

Multi-valued

No

Required

Yes

Admin Action Required

None

Advanced

No

Read-Only

No

base-dn

SynopsisThe base DN of the Core Token Service where access token are stored. (example: ou=famrecords,ou=openam-session,ou=tokens,dc=example,dc=com)
Default Value

None

Allowed Values

A string.

Multi-valued

No

Required

Yes

Admin Action Required

None

Advanced

No

Read-Only

No

enabled

SynopsisIndicates whether the HTTP Authorization Mechanism is enabled.
Default Value

None

Allowed Values

true

false

Multi-valued

No

Required

Yes

Admin Action Required

None

Advanced

No

Read-Only

No

identity-mapper

SynopsisSpecifies the name of the identity mapper(s) to use in conjunction with the authzid-json-pointer to get the user corresponding to the acccess-token.
Default Value

None

Allowed Values

The name of an existing Identity Mapper .

The referenced identity mapper(s) must be enabled when the HTTP OAuth2 Authorization Mechanism is enabled.

Multi-valued

Yes

Required

Yes

Admin Action Required

None

Advanced

No

Read-Only

No

required-scope

SynopsisScopes required to grant access to the service.
Default Value

None

Allowed Values

A string.

Multi-valued

Yes

Required

Yes

Admin Action Required

None

Advanced

No

Read-Only

No

Advanced Properties

Use the --advanced option to access advanced properties.

java-class

SynopsisSpecifies the fully-qualified name of the Java class that provides the HTTP OAuth2 CTS Authorization Mechanism implementation.
Default Value

org.opends.server.protocols.http.authz.HttpOAuth2CtsAuthorizationMechanism

Allowed Values

A Java class that extends or implements:

  • org.opends.server.protocols.http.authz.HttpAuthorizationMechanism

Multi-valued

No

Required

Yes

Admin Action Required

None

Advanced

Yes

Read-Only

No

Read a different version of :