By-proxy (Section)#
Path: /profiles/profile{id, type}/settings/authorization-server/client-authentication/mutual-tls/by-proxy
Allow mutual TLS to be terminated in a proxy instead of directly within the identity server
Parameters#
| Name | Type | Required | Default | Description |
|---|---|---|---|---|
| userid | string | optional | User ID credential that the proxy uses to authenticate using HTTP Basic authentication through a Proxy-Authorization header. | |
| password | non-empty-string | optional | Password credential that the proxy uses to authenticate using HTTP Basic authentication through a Proxy-Authorization header. | |
| client-certificate-http-header | non-empty-string | required | Name of the HTTP header that the proxy uses to include the PEM- or base64-encoded DER representation of the client certificate in the forwarded request. Must be set for mutual-tls by-proxy to work. |