OpenDJ Server - HTTP Oauth2 File Authorization Mechanism
HTTP Oauth2 File Authorization Mechanism
The HTTP Oauth2 File Authorization Mechanism is used to define OAuth2 authorization through a file based access-token resolution. For test purpose only, this mechanism is looking up for JSON access-token files under the specified path.
Indicates whether the HTTP Oauth2 Authorization Mechanism is enabled for use.
Default Value
false
Allowed Values
true
false
Multi-valued
No
Required
Yes
Admin Action Required
None
Advanced Property
No
Read-only
No
access-token-cache-expiration
Description
Token cache expiration
Default Value
None
Allowed Values
A duration Syntax. Lower limit is 0 seconds. Upper limit is 2147483647 seconds.
Multi-valued
No
Required
No
Admin Action Required
None
Advanced Property
No
Read-only
No
access-token-directory
Description
Directory containing token files. File names must be equal to the token strings. The file content must a JSON object with the following attributes: 'scope', 'expireTime' and all the field(s) needed to resolve the authzIdTemplate.
Default Value
oauth2-demo/
Allowed Values
A String
Multi-valued
No
Required
Yes
Admin Action Required
None
Advanced Property
No
Read-only
No
authzid-json-pointer
Description
Specifies the JSON pointer to the value to use as Authorization ID. The JSON pointer is applied to the resolved access token JSON document. (example: /uid)
Default Value
None
Allowed Values
A String
Multi-valued
No
Required
Yes
Admin Action Required
None
Advanced Property
No
Read-only
No
enabled
Description
Indicates whether the HTTP Authorization Mechanism is enabled.
Default Value
None
Allowed Values
true
false
Multi-valued
No
Required
Yes
Admin Action Required
None
Advanced Property
No
Read-only
No
identity-mapper
Description
> Specifies the name of the identity mapper to use in conjunction with the authzid-json-pointer to get the user corresponding to the acccess-token.
Default Value
None
Allowed Values
The DN of any Identity Mapper. The referenced identity mapper must be enabled when the HTTP Oauth2 Authorization Mechanism is enabled.
Multi-valued
No
Required
Yes
Admin Action Required
None
Advanced Property
No
Read-only
No
required-scope
Description
Scopes required to grant access to the service.
Default Value
None
Allowed Values
A String
Multi-valued
Yes
Required
Yes
Admin Action Required
None
Advanced Property
No
Read-only
No
Advanced Properties
java-class
Description
Specifies the fully-qualified name of the Java class that provides the HTTP Oauth2 File Authorization Mechanism implementation.