OIDC
Acts as an OpenID Connect Provider.
Introduction
Can be configured in multiple instances allowing for multi tenancy.
Acts as an OpenID Connect provider. It acts as a controller for issuing Json Web Tokens (JWT). Typically the configured authenticator is the first point of contact coming from an OpenID Connect Relying Party, requesting identification.
Fortified Integrity have achieved certifications for five OpenID Provider conformance profiles. Read more about these profiles here: https://openid.net/certification/
OpenID Connect Provider Configuration
Module name: OIDCModule
http_context
Base URI for the endpoints.
N/A
http_port
Port
N/A
tenant_op_path
A tenant specific path part of the endpoint URIs. Example: http://127.0.0.1:8080/oidc/tenant1/token-endpoint
N/A
discovery_meta
Discovery data presented at the OpenID Configuration endpoint.
N/A
keystore
Keystore reference or json object containing key store configuration. Used for JWT signing.
N/A
sign_jwt_keystore_password
Keystore password.
N/A
sign_jwt_keystore_alias
Keystore alias.
N/A
required_request_parameters
Required request parameters for the token endpoint.
["redirect_uri","code"]
code_verifier_hash_alg
Hash algorithm used for Proof Key of Code Exchange (PKCE).
"SHA-256"
use_refresh_token
Set to true
if using refresh tokens.
false
Relying party Configuration
client_id
Used for identifying and authenticating the client.
N/A
client_secret
Used for identifying and authenticating the client.
N/A
pipe_id
Pipe reference. Pipe is run after user authentication. Used for collecting user data.
N/A
redirect_uri
Redirect location where the authorization code or JWT should be sent.
N/A
post_logout_redirect_uris
Redirect location after logout.
N/A