Connect2id server configuration
| Configuration | Description |
|---|---|
| JSON Web Key (JWK) set | Encryption keys to secure issued tokens and other objects, with optional PKCS#11 (HSM) support. |
| Core provider settings | Configuration settings for the client registration, OAuth 2.0 grants, ID / access tokens and UserInfo. |
| Session store | Configuration settings for the end-user (browser) sessions. |
| Authorisation store | Configuration settings for the OAuth 2.0 authorisation records, authorisation codes, access tokens and refresh tokens. |
| Infinispan | Configuration settings for the backend database, caching and clustering. |
| Monitoring | Configuration settings for the monitoring endpoint and reporting metrics via JMX, Graphite or Prometheus. |
| Logging | Configuration settings for logging of server and endpoint events. |
| LDAP claims source | Configuration settings for using an LDAP source of OpenID claims. For other sources see the integration guide. |
| Custom claims map | Custom map for requesting OpenID claims with scope values. |
| Access token compression | List of OpenID claims to compress in self-contained (JWT-encoded) access tokens. |
| Cross-Origin Resource Sharing | Configuration settings for handling cross-domain (CORS) access to the Connect2id server endpoints, typically for the UserInfo endpoint. |
Important
You must restart the Connect2id server in order for a configuration change to take effect.
The Connect2id server checks the configuration on startup for errors and potential security issues and logs them. Remember to check the server logs after startup.
The external configuration guide has tips for setting system properties from environment variables, local files and other locations.