Versions Compared

Version Old Version 13 New Version 14
Changes made by

Raffael Limberger

Witold Wabik

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Name

Datatype

Mandatory

Example

Description

Allowed Cross-Origin Resource Sharing origins

string

http://www.externalorigin.com

A collection of sources that will be used in the CORS policy.

Require client secret

Checkbox

true

Whether or not the client needs a secret to request a token or not.

Require PKCE

Checkbox

true

Whether clients using an authorization code based grant type must send a proof key.

Allow plain text PKCE

Checkbox

false

Whether clients using PKCE can use a plain text code challenge.

Allow access token via browser

Checkbox

false

Whether this client is allowed to receive access tokens via the browser.

Allow offline access

Checkbox

false

Specifies whether this client can request refresh tokens (by requesting the offline_access scope)

Flow

Multi Select

authorization code

One of the following grant types according to the OIDC and OAuth 2 specification

Implicit

Authorization code

Hybrid

Client credentials

Resource owner password

Device flow

Refresh tokens

Extension grants

See also https://itsense.atlassian.net/l/c/Tk3J589J

Secret

Password

🔑 * * * * * * *

The secret that will be shared with the client.

BackChannelLogoutUri

String

https://localhost:5411/backchannel-logout

Backchannel logout URL. Logout token will be send there with POST method when user logs out from different client but is also logged in with this client.

Relying party

Those options are only available if the token specification ws-fedwas selected.

...