Connect2id server configuration
| Configuration | Description |
|---|---|
| JSON Web Key (JWK) set | Encryption keys to secure issued tokens and other objects, with optional PKCS#11 (HSM) support. |
| Core provider settings | Configuration settings for the client registration, OAuth 2.0 grants, ID / access tokens and UserInfo. |
| Session store | Configuration settings for the end-user (browser) sessions. |
| Authorisation store | Configuration settings for the OAuth 2.0 authorisation records, authorisation codes, access tokens and refresh tokens. |
| Infinispan | Configuration settings for the backend database, caching and clustering. |
| Monitoring | Configuration settings for the monitoring endpoint and reporting metrics via JMX, Graphite or Prometheus. |
| Logging | Configuration settings for logging of server and endpoint events. |
| LDAP claims source | Configuration settings for using an LDAP source of OpenID claims. For other sources see the integration guide. |
| Custom claims map | Custom map for requesting OpenID claims with scope values. |
| Access token compression | List of OpenID claims to compress in self-contained (JWT-encoded) access tokens. |
| Cross-Origin Resource Sharing | Configuration settings for handling cross-domain (CORS) access to the Connect2id server endpoints, typically for the UserInfo endpoint. |
Important
-
You must restart the Connect2id server in order for a configuration change to take effect.
-
The Connect2id server checks the configuration on startup for errors and potential security issues and logs them. Remember to check the server logs after startup.
-
The external configuration guide has tips for setting system properties from environment variables, local files and other locations.