Connect2id server configuration

Configuration files

The Connect2id server is configured by a set of files in the WEB-INF directory of the Java web application (WAR) package. Each server subsystem comes with its own independent configuration file.

Configuration Description
Provider JSON Web Key (JWK) set The OpenID Connect provider public / private RSA key set, in JSON Web Key (JWK) set format, used to sign ID tokens and other cryptographically secured objects issued by the Connect2id server.
Core provider settings Core OpenID Connect configuration settings for client registration, OAuth 2.0 authorisation, ID / access tokens and UserInfo.
Session store Configuration settings for the subject session store, used to keep track of the browser sessions of end-users.
Authorisation store Configuration settings for the authorisation store, used to record the OAuth 2.0 authorisations for each subject and client, and the associated authorisation codes, access and refresh tokens.
Access token compression Compression map for the OpenID claims field of self-contained (JWT-encoded) access tokens.
LDAP claims source Configuration settings for the LDAP source of UserInfo and other claims.
Infinispan Configuration settings for the backend database, caching and clustering.
Monitoring Configuration settings for the monitoring endpoint and reporting metrics via JMX or Graphite.
Cross-Origin Resource Sharing Configuration settings for handling cross-domain (CORS) access to the Connect2id server endpoints, typically for the UserInfo endpoint.
Logging Configuration settings for the logging of server and endpoint events.


  • You must restart the Connect2id server for a configuration change to take effect.

  • The Connect2id server checks the configuration files on startup for errors and potential security issues and records them to the log file. Remember to check the log file after you start the server.