Enable SSO Token Acceptance

Accept SSO Tokens

Set this property as follows:

  • true: Accept SSO tokens. Use this option when the agent and the token issuer are in the same domain.

  • false: Do not accept SSO tokens. Use this option for web applications and APIs where the backend requires user information in form of an OIDC token.

During session upgrade the format of the composite advice is as follows:

  • When both this property and Enable Custom Login Mode are true, the composite advice has the following format: ?authIndexType=composite_advice&authIndexValue=<Advices Value>

  • When either property is false, the composite advice has the following format: ?composite_advice=<Advices Value>

Property name

org.forgerock.agents.accept.sso.tokens.enabled

Property aliases

org.forgerock.agents.accept.sso.tokens.enabled (since 5.7.1)

org.forgerock.agents.accept.sso.tokens (since 5.7.1)

com.forgerock.agents.accept.sso.tokens (since 5.7.1)

Type

Boolean: true returns true; all other strings return false.

Default

false

Bootstrap property

No

Required property

No

Restart required

No

Local configuration file

AgentConfig.properties

AM console tab

SSO