Expose-metadata (Section)#
Path: /profiles/profile{id, type}/settings/authorization-server/expose-metadata
OAuth metadata endpoint configuration
Parameters#
| Name | Type | Required | Default | Description |
|---|---|---|---|---|
| jwks-uri-override | uri | optional | An optional value that must contain the full URL to the JWKS endpoint. If this is not set, the URL is established by deriving it from the first anonymous endpoint | |
| cache-duration | uint32 | optional | 600 | The number of seconds that the metadata can be cached as network resource, as used in HTTP response headers. |
Subsections#
| Name | Type | Description |
|---|---|---|
| authorize-endpoint | Section | The authorize-endpoint to include in the published OAuth configuration metadata. This is required when more than one authorize-endpoint is deployed on this profile. |
| token-endpoint | Section | The token-endpoint to include in the published OAuth configuration metadata. This is required when more than one token-endpoint is deployed on this profile. |
| revocation-endpoint | Section | The revocation-endpoint to include in the published OAuth configuration metadata. This is required when more than one revocation-endpoint is deployed on this profile. |
| introspection-endpoint | Section | The introspection-endpoint to include in the published OAuth configuration metadata. This is required when more than one introspection-endpoint is deployed on this profile. |
| assisted-token-endpoint | Section | The assisted-token-endpoint to include in the published OpenID Connect configuration metadata. This is required when more than one assisted-token-endpoint is deployed on this profile. |
| dynamic-client-registration-endpoint | Section | The dynamic client registration endpoint to include in the published OpenID Connect configuration metadata.This is required when more than one dynamic-client-registration endpoint is deployed on this profile. |
| device-authorization-endpoint | Section | The device authorization endpoint to include in the published OpenID Connect configuration metadata.This is required when more than one device authorization endpoint is deployed on this profile. |
| signed-metadata | Section | When present, a signed version of the metadata will be included in the response. The metadata will be included as a JWT, as issued by the default token-issuer of the current profile. |