The chain authenticator orchestrates one or more authenticators that perform(s) the actual authentication.
The chain is complete when all (required) authenticators in the chain are completed.
A chain authenticator can be nested with Selectors and other chains.
Authenticator type: Chain
Common Authenticator configuration can be found here.
| Name | Description | Default |
|---|---|---|
An authenticator ref points to an actual authenticator available in the current configuration.
| Name | Description | Default | Mandatory |
|---|---|---|---|
API not available.
chain
List of authenticator refs defining the content and order of the chain. An empty chain will block the authentication and therefor at least one ref must be present.
[]
require_subject
Flag controlling if this authenticator requires a subject to be set before completing. Use only for nested chains.
true
proceed_on_error
Flag controlling how chain behaves on authenticator failure. If enabled, all authenticators in chain will be executed before error is raised (stealth behaviour).
true
require_chain
Flag specifying if this authenticator must be executed inside a chain.
false
verbose
Turns on extended trace logging. Use for troubleshooting only.
false
id
Authenticator id
required
Flag controlling if authenticator is required to complete or not. Authentication will fail if a required authenticator does not complete.
true
