-
Notifications
You must be signed in to change notification settings - Fork 7
OAUTH2.Introspection
Scott Cantor edited this page Feb 19, 2021
·
8 revisions
The OAUTH2.Introspection profile configuration bean enables support for OAuth2 Token Introspection endpoint.
The response parameters returned are active, scope, client_id, username, token_type, exp, iat, sub and iss.
Released in version:v1.1.0
File(s): conf/relying-party.xml
The following example enables this profile for RPs to access it in this server's /idp/profile/oauth2/introspection -endpoint. This example must be applied in the conf/relying-party.xml.
<bean id="shibboleth.DefaultRelyingParty" p:responderIdLookupStrategy-ref="profileResponderIdLookupFunction" parent="RelyingParty">
<property name="profileConfigurations">
<list>
...
<bean parent="OAUTH2.Introspection"/>
...
</list>
</property>
</bean>
- tokenEndpointAuthMethods of type Collection<String>: The comma-separated list of supported token_endpoint_auth_method_s for this profile. Default: client_secret_basic,client_secret_post,client_secret_jwt,private_key_jwt. Can be configured with idp.oidc.tokenEndpointAuthMethods -propertiy in conf/idp.properties.
(Migrated)