Connect2id server configuration

Configuration Description
JSON Web Key (JWK) set Encryption keys to secure issued tokens and other objects, with optional PKCS#11 (HSM) support.
Core settings Configuration settings for the client registration, OAuth 2.0 grants, ID / access tokens and UserInfo.
Session store Configuration settings for the end-user (browser) sessions.
Authorisation store Configuration settings for the OAuth 2.0 authorisation records, authorisation codes, access tokens and refresh tokens.
Infinispan Configuration settings for the backend database, caching and clustering.
Monitoring Configuration settings for the monitoring endpoint and reporting metrics via JMX, Graphite or Prometheus.
Tenants Configuration settings for the tenants registry (multitenant edition only).
Logging Configuration settings for logging of server and endpoint events.
Claims sources Configuration settings for the LDAP and HTTP-based OpenID claims sources. For other sources see the integration guide.
Custom scopes for claims Custom map for requesting OpenID claims with scope values.
Access token compression List of OpenID claims to compress in self-contained (JWT-encoded) access tokens.
Cross-Origin Resource Sharing Configuration settings for handling cross-domain (CORS) access to the Connect2id server endpoints, typically for the UserInfo endpoint.


  • You must restart the Connect2id server in order for a configuration change to take effect.

  • The Connect2id server checks the configuration on startup for errors and potential security issues and logs them. Remember to check the server logs after startup.

  • The external configuration guide has tips for setting system properties from environment variables, local files and other locations.