openId - OpenId Authentication (openId)

OpenId authentication.

NameTypeDefaultDescription
useClientIdentitybooleanfalseSpecifies whether to use the client OpenID identity to create a user subject. If set to true, only the OpenID client identity is used. If set to false and the first element of userInfoRef is found, we use it to create a user subject. Otherwise, we use the OpenID identity to create a user subject.
mapIdentityToRegistryUserbooleanfalseSpecifies whether to map identity to registry user. The user registry is not used to create the user subject.
sslRefA reference to top level ssl element (string).Specifies an ID of the SSL configuration is used to connect to the OpenID provider.
httpsRequiredbooleantrueRequire SSL communication between the OpenID relying party and provider service.
hashAlgorithm
  • SHA256
  • SHA1
SHA256Specifies the hash algorithm that is used to sign and encrypt the OpenID provider response parameters.
SHA256
Secure hash algorithm SHA256
SHA1
Secure hash algorithm SHA1
userInfoRefList of references to top level userInfo elements (comma-separated string).emailSpecifies a list of userInfo references separated by commas for the OpenID provider to include in the response.
authenticationMode
  • checkid_immediate
  • checkid_setup
checkid_setupSpecifies the OpenID provider authentication mode either checkid_immediate or checkid_setup. checkid_setup is the default authentication mode.
checkid_immediate
The checkid_immediate disables the browser interact with the user.
checkid_setup
The checkid_setup enables the openID provider to interact with the user, to request authentication or self-registration before returning a result to the openId relying party.
hostNameVerificationEnabledbooleantrueSpecifies whether enable host name verification or not.
realmIdentifierstringSpecifies the attribute for the OpenID provider name.
providerIdentifierstringSpecifies a default OpenID provider URL where users get the Open IDs.
authFilterRefA reference to top level authFilter element (string).Specifies the authentication filter reference.

userInfo

Specifies a list of userInfo references separated by commas for the OpenID provider to include in the response.

NameTypeDefaultDescription
idstringA unique configuration ID.
aliasstringemailSpecifies an alias name.
uriTypestringhttp://axschema.org/contact/emailSpecifies a URI type.
countint
Min: 1
1Specifies how much userInfo is included in the response of the openID provider.
requiredbooleantrueSpecifies whether user information is required or not.

authFilter

Specifies the authentication filter reference.

authFilter > webApp

A unique configuration ID.

NameTypeDefaultDescription
idstringA unique configuration ID.
namestringSpecifies the name.
matchType
  • equals
  • contains
  • notContain
containsSpecifies the match type.
equals
Equals
contains
Contains
notContain
Not contain

authFilter > requestUrl

A unique configuration ID.

NameTypeDefaultDescription
idstringA unique configuration ID.
urlPatternstringSpecifies the URL pattern.
matchType
  • equals
  • contains
  • notContain
containsSpecifies the match type.
equals
Equals
contains
Contains
notContain
Not contain

authFilter > remoteAddress

A unique configuration ID.

NameTypeDefaultDescription
idstringA unique configuration ID.
matchType
  • lessThan
  • equals
  • greaterThan
  • contains
  • notContain
containsSpecifies the match type.
lessThan
Less than
equals
Equals
greaterThan
Greater than
contains
Contains
notContain
Not contain
ipstringSpecifies the IP address.

authFilter > host

A unique configuration ID.

NameTypeDefaultDescription
idstringA unique configuration ID.
namestringSpecifies the name.
matchType
  • equals
  • contains
  • notContain
containsSpecifies the match type.
equals
Equals
contains
Contains
notContain
Not contain

authFilter > userAgent

A unique configuration ID.

NameTypeDefaultDescription
idstringA unique configuration ID.
agentstringSpecifies the user agent
matchType
  • equals
  • contains
  • notContain
containsSpecifies the match type.
equals
Equals
contains
Contains
notContain
Not contain