Configuration for handling basic authentication with support for customizable IdPs and grant types.
Allows for the specification of a default IdP, domain-to-IdP mappings, and defines the grant type to be used while processing basic auth requests.
If neither type of IdP is specified OpenID Discovery will be used to attempt to find and authorization endpoint on the host used to make the original request (adding the path from jwt.issuerHostPath).
Name |
Type |
Details |
Get the type of grant to use when processing a basic auth request. |
||
Sets the credentials used for connecting to the authorization endpoint when OpenID Discovery is used.This only needs to be set when OpenID Discovery is used with . |
||
Set the IdP to use when no "domain" is specified in the username. Note that this IdP will also be used for all requests if the IdMap is empty. This should be the full URL to which the grant request will be POSTed. |
||
Set the path to append to the current host (and scheme) to perform an authorization request. This is only useful in a "path hijack" configuration, where some base path on the domain is routed to the query engine, but other paths are routed to an authorization subsystem. |
||
Set a map of "domains" to IdP URLs that will be consulted if the username in the request is of the form "user@domain". The domain specified in the username is used as the key to this map, but serves no other purpose and does not have to be recognised by the IdP itself (the domain will be removed from the username when the request to the IdP is made). |