Introduction
The GenericOpenIdConnectOptions
can be used to configure external OIDC identity providers.
Format
The GenericOpenIdConnectOptions
are usually stored as a JSON objects:
{ "authoritiy": "String", "clientId": "String", "clientSecret": "", "responseType": "String" # defaults to "code" "certificateValidationOptions": { "certificateDistinguesedName": "String", "tokenLifetimeInMinutes": "String" }, "Scopes": ["String"], "audience": "String", "callbackPath": "String", "useUserInfoEndpoint": "Boolean" # defaults to 'true', "requireHttpsMetadata": "Boolean" # defaults to 'true', "useIFrameLogoutWithIdTokenHint": "Boolean" }
Options
Options | Type | Default Value | Description |
---|---|---|---|
| String | N/A | The authority for the IDP server. |
| String | N/A | The client identifier for the OIDC application. |
| String | N/A | The client secret for the OIDC application. |
| String |
| The response type for the OIDC request. |
| Object | N/A | Options for certificate validation. |
└─ | String | N/A | The distinguished name of the certificate is defined in the Windows Certificate Store. If the value is |
└─ | String | N/A | Lifetime of the token in minutes. |
| String Array | N/A | List of scopes for the OIDC application. |
| String | N/A | The audience of the OIDC request. |
| String | N/A | The callback path for the OIDC application. |
| Boolean |
| Whether to use the User Info Endpoint. |
| Boolean |
| Whether HTTPS metadata is required. |
| Boolean | N/A | Whether to use iframe logout with ID token hint. |