The GenericOpenIdConnectOptions can be used to configure external OIDC identity providers.
The GenericOpenIdConnectOptions are usually stored as a JSON objects:
{
"authoritiy": "String",
"clientId": "String",
"clientSecret": "String",
"responseType": "String" # defaults to "code"
"certificateValidationOptions": {
"certificateDistinguesedName": "String",
"tokenLifetimeInMinutes": "String"
},
"Scopes": ["String"],
"audience": "String",
"callbackPath": "String",
"useUserInfoEndpoint": "Boolean" # defaults to 'true',
"requireHttpsMetadata": "Boolean" # defaults to 'true',
"useIFrameLogoutWithIdTokenHint": "Boolean"
} |
Options | Type | Default Value | Description |
|---|---|---|---|
| String | N/A | The authority for the IDP server. |
| String | N/A | The client identifier for the OIDC application. |
| String | N/A | The client secret for the OIDC application. If this option is set, then If this option is set, then |
| String |
| The response type for the OIDC request. |
| Object | N/A | Options for certificate validation. |
└─ | String | N/A | The distinguished name of the certificate is defined in the Windows Certificate Store. If the value is If this option is set, then If this option is set, then |
└─ | String | N/A | Lifetime of the token in minutes. |
| String Array | N/A | List of scopes for the OIDC application. |
| String | N/A | The audience of the OIDC request. |
| String | N/A | The callback path for the OIDC application. |
| Boolean |
| Whether to use the User Info Endpoint. |
| Boolean |
| Whether HTTPS metadata is required. |
| Boolean | N/A | Whether to use iframe logout with ID token hint. |