By-proxy (Section)#
Path: /profiles/profile/settings/authorization-server/client-authentication/mutual-tls/by-proxy
Allow mutual TLS to be terminated in a proxy instead of directly within the identity server
Parameters#
| Name | Type | Required | Default | Description |
|---|---|---|---|---|
| userid | string | optional | - | User ID credential that the proxy uses to authenticate using HTTP Basic authentication through a Proxy-Authorization header. |
| password | string (length: 1..9223372036854775807) | optional | - | Password credential that the proxy uses to authenticate using HTTP Basic authentication through a Proxy-Authorization header. |
| client-certificate-http-header | string (length: 1..9223372036854775807) | required | - | Name of the HTTP header that the proxy uses to include the PEM- or base64-encoded DER representation of the client certificate in the forwarded request. Must be set for mutual-tls by-proxy to work. |