Authentication Setting
3. Authentication Settings
OIDC Provider performs authorization only. It relies on IBM Security Verify Access Web Reverse Proxy to perform user authentication.
The following settings are extra settings that can be used, if authentication is needed.
| Name | Description | Valid Value | Mandatory | Default |
|---|---|---|---|---|
| endpoint | Endpoint to redirect when authentication is needed. This setting is mandatory when grant_types contains authorization_code or implicit (refer to Definition). | string | No | https://isvaop.ibm.com:445/isvaop/oauth2/auth |
| callback_param_name | Parameter name to specify the callback target URI. If it is not specified, the default callback param name is Target. | string | No | Target |
| subject_attribute_name | Name of the user or credential attribute that is used to populate the sub. If it is not specified, the default attribute is uid. | string | No | uid |
The endpoint must be a full URL. For example, https://isvaop.ibm.com:445/isvaop.
authentication: # Authentication Settings
endpoint: https://isvaop.ibm.com:445/isvaop/oauth2/auth
# Endpoint to redirect when authentication is required. This is mandatory when `grant_types` contains `authorization_code` or `implicit`
callback_param_name: Target # Parameter name to specify the callback target URI. If it is not specified, the default callback param name is `Target`.
subject_attribute_name: uid # Name of the user or credential attribute that will be used to populate the `sub`. If it is not specified, the default attribute is `uid`.
Updated about 2 years ago