oidcLogin - OIDC Social Login (oidcLogin)

The configuration of a social login that uses OIDC.

NameTypeDefaultDescription
idstringThe unique ID.
clientIdstringThe application or client ID.
clientSecretReversably encoded password (string)The secret of the application or client.
authorizationEndpointstringSpecifies an Authorization end point URL.
tokenEndpointstringSpecifies a token end point URL.
jwksUristringSpecifies a JSON Web Key service URL.
scopestringopenid profile emailSpecifies required scope.
userNameAttributestringsubThe value of the claim is authenticated user principal.
mapToUserRegistrybooleanfalseSpecifies whether to map userIdentifier to registry user.
sslRefA reference to top level ssl element (string).Specifies an ID of the SSL configuration that is used to connect to the social media.
authFilterRefA reference to top level authFilter element (string).Specifies the authentication filter reference.
trustAliasNamestringSpecifies a trusted key alias for using the public key to verify the signature of the token.
isClientSideRedirectSupportedbooleantrueSpecifies whether client side redirection is supported. Examples of a client include a browser or a standalone JavaScript application. If set to true, the client must support JavaScript.
displayNamestringoidcLoginThe name of the social login configuration for display.
websitetokenTypeThe website address.
issuerstringThe url of the issuer.
realmNameAttributestringThe value of the claim is used as the subject realm.
groupNameAttributestringThe value of the claim is used as the user group membership.
userUniqueIdAttributestringThe value of the claim is used as the subject uniqueId.
clockSkewint300000The maximum time difference in milliseconds between when a key is issued and when it can be used.
signatureAlgorithmstringRS256The algorithm that is used to sign a token or key.
redirectToRPHostAndPortstringSpecifies a callback host and port number.
hostNameVerificationEnabledbooleantrueSpecifies whether to enable host name verification when the client contacts the provider.

authFilter

Specifies the authentication filter reference.

authFilter > webApp

A unique configuration ID.

NameTypeDefaultDescription
idstringA unique configuration ID.
namestringSpecifies the name.
matchType
  • contains
  • notContain
  • equals
containsSpecifies the match type.
contains
Contains
notContain
Not contain
equals
Equals

authFilter > requestUrl

A unique configuration ID.

NameTypeDefaultDescription
idstringA unique configuration ID.
urlPatternstringSpecifies the URL pattern.
matchType
  • contains
  • notContain
  • equals
containsSpecifies the match type.
contains
Contains
notContain
Not contain
equals
Equals

authFilter > remoteAddress

A unique configuration ID.

NameTypeDefaultDescription
idstringA unique configuration ID.
matchType
  • contains
  • notContain
  • equals
  • lessThan
  • greaterThan
containsSpecifies the match type.
contains
Contains
notContain
Not contain
equals
Equals
lessThan
Less than
greaterThan
Greater than
ipstringSpecifies the IP address.

authFilter > host

A unique configuration ID.

NameTypeDefaultDescription
idstringA unique configuration ID.
namestringSpecifies the name.
matchType
  • contains
  • notContain
  • equals
containsSpecifies the match type.
contains
Contains
notContain
Not contain
equals
Equals

authFilter > userAgent

A unique configuration ID.

NameTypeDefaultDescription
idstringA unique configuration ID.
agentstringSpecifies the user agent
matchType
  • contains
  • notContain
  • equals
containsSpecifies the match type.
contains
Contains
notContain
Not contain
equals
Equals

jwt

Specifies the information that is used to build the JWT tokens. This information includes the JWT builder reference and the claims from the id token.

NameTypeDefaultDescription
buildertokenTypeThe referenced JWT builder creates a JWT token, and the token is added to the authenticated subject.

jwt > claims

Specifies a comma-separated list of claims to copy from the user information or the id token.