Enable Custom Login Mode

Set the login redirection mode, as follows:

false: Use default login redirection mode.
- The agent can redirect requests to any AM instance that supports the /oauth2/authorize endpoint. By default, this is the AM instance that is specified during installation.
- The /oauth2/authorize endpoint returns an OIDC ID token. This is the only response the agent accepts.
- Use with OAuth Login URL List to modify or redirect calls to the endpoint that provides the tokens.
true: Use custom login redirection mode.
- The agent handles JWTs or SSO tokens as session tokens for authentication and authorization, and can can redirect login anywhere.
- Use with AM Login URL List and Legacy Login URL List to modify or redirect calls.

During session upgrade, the format of the composite advice is as follows:

When both this property and Enable SSO Token Acceptance are true, the composite advice has the following format: ?authIndexType=composite_advice&authIndexValue=<Advices Value>
When either property is false, the composite advice has the following format: ?composite_advice=<Advices Value>

Property name

org.forgerock.agents.legacy.login.enabled

Aliases

org.forgerock.agents.legacy.login.enabled
Introduced in Java Agent 5.6

org.forgerock.openam.agents.config.allow.custom.login
Introduced in Java Agent 5.6
Recognized from AM 7

Type

Boolean: true returns true; all other strings return false.

Default

false

Bootstrap property

Required property

Restart required

Local configuration file

AgentConfig.properties

AM console

Tab: AM Services (from AM 7)

Title: Enable Custom Login Mode

Legacy title: Allow Custom Login Mode