Openid-connect (Section)#
Path: /profiles/profile{id, type}/settings/authorization-server/openid-connect
Parameters#
| Name | Type | Required | Default | Description |
|---|
| id-token-ttl | token-time-to-live | optional | 3600 | The number of seconds an id token will be valid. Can be overruled by individual client configuration. |
| passthrough-unscoped-claims | boolean | optional | false | When set, any claim that is not defined by the OpenID Connect specification, but is added by a procedure, is not removed by scope filtering. |
Subsections#
| Name | Type | Description |
|---|
| expose-metadata | Section | This section specifies what metadata is exposed on the OpenID Connect discovery endpoint for this profile. |
| require-pairwise-subject-identifiers | Section | Set when clients on this profile must always be issued pairwise pseudonyms for authenticated subjects |
| id-token-encryption | Section | Enables the use of issuing encrypted ID tokens. |