Connect2id server configuration

Configuration files

The Connect2id server is configured by a set of text files in the WEB-INF directory of the Java web application (WAR) package. Each server subsystem comes with its own independent configuration file, as detailed in the following table.

Configuration Description
Provider JSON Web Key (JWK) set The OpenID Connect provider public / private RSA key set, in JSON Web Key (JWK) set format, used to sign ID tokens and other protected objects produced by the Connect2id server.
Core provider settings Core OpenID Connect configuration settings for client registration, OAuth 2.0 authorisation, ID / access tokens and UserInfo.
Session store Configuration settings for the subject session store, used to record the browser sessions of users.
Authorisation store Configuration settings for the authorisation store, used to record the issued OAuth 2.0 authorisations for each subject / client combination as well the associated authorisation codes, access and refresh tokens.
LDAP claims source Configuration settings for the LDAP source of UserInfo and other claims.
Infinispan caching and clustering Configuration settings for the Infinispan memory and cache store, specifies the cache sizes, overflow policy and cluster replication via JGroups.
Cross-Origin Resource Sharing Configuration settings for handling cross-domain (CORS) access to the Connect2id server endpoints, typically for the UserInfo endpoint.
Logging Configuration settings for the Connect2id logging of server and endpoint events.


  • You must restart the Connect2id server for a configuration change to take effect.

  • The Connect2id server checks the configuration files on startup for errors and potential security issues and records them to the log file. Remember to check the log file after you start the server.


Need assistance with configuring your Connect2id server? Get in touch with our support.