Documentation
Visit curity.io
Developer
Curity Developer Portal
Downloads
Support
Resource Library
Libraries and SDKs
OAuth Tools
Contact
Docs
/
Configuration Guide
/
Configuration Reference
Menu
Configuration Reference
ΒΆ
Environment
Localization
White-listed-proxies
Cluster
Admin-service
Http
Web-ui
Restconf
Devops-dashboard
Themes
Default-theme
Template-variables
Zones
Default-zone
Mobile-app-association
Zone
Mobile-app-association
Service-role
Hsts
Content-security-policy
Reporting-endpoint
Server-tls
Sni-host-check
Mutual-tls
Thread-count
Ciphers
Webfinger
Runtime-service
Reporting
Alarms
Alarm-handler
Choice: alarm-handler-type
Option: email-notifier
Email-notifier
Option: webhook-notifier
Webhook-notifier
Option: pagerduty-notifier
Pagerduty-notifier
Option: slack-notifier
Slack-notifier
Profile
Authentication-service
Base-url
Redirect-url-whitelist
Account-domain
Authentication-actions
Authentication-action
Authenticator
Geo-filtering
Authentication-actions
Additional-context-attributes
Choice: registration-requirement
Request-validations
Choice: authenticator-type
Group
Sms
Email
Encap
Option: windows
Windows
Bankid
Openid-wallet
Option: siths
Siths
Option: passkeys
Passkeys
Option: oidc
Oidc
Option: facebook
Facebook
Option: google
Google
Duo
Option: html-form
Html-form
Option: saml2
Saml2
Option: sign-in-with-apple
Sign-in-with-apple
Option: pingfederate
Pingfederate
Option: webauthn
Webauthn
Option: dynamic
Dynamic
Option: ping-idp-adapter
Ping-idp-adapter
Option: totp
Totp
Backchannel-authenticator
Authentication-actions
Choice: backchannel-authenticator-type
Option: bankid-backchannel
Bankid-backchannel
Option: bankid-phone
Bankid-phone
Option: sms-backchannel
Sms-backchannel
Option: email-backchannel
Email-backchannel
Service-provider
Protocol
Choice: protocol-type
Simple-api
Ping-federate
Saml
Authenticator-filter
Choice: filter-type
Option: user-agent
User-agent
Option: geo-country
Geo-country
Option: script-filter
Script-filter
Option: cidr
Cidr
Authorization-server
Database-client
Client-tags
Client-authentication
Asymmetrically-signed-jwt
Symmetrically-signed-jwt
Using-jwt
Mutual-tls
Request-object
Encrypted-jwt
Asymmetrically-signed-jwt
Authentication-service
Client-capabilities
Code
Implicit
Resource-owner-password-credentials
Client-credentials
Introspection
Token-exchange
Oauth-token-exchange
Assisted-token
Backchannel-authentication
Device-authorization
Assertion
Scopes
Scope
Claims
Claim
Claims-value-provider
Claims-mappers
Expose-metadata
Authorize-endpoint
Token-endpoint
Revocation-endpoint
Introspection-endpoint
Assisted-token-endpoint
Dynamic-client-registration-endpoint
Device-authorization-endpoint
Signed-metadata
Openid-connect
Expose-metadata
Require-pairwise-subject-identifiers
Id-token-encryption
Token-procedure-plugins
Token-procedure-plugin
Consentors
Consentor
Redirect-uri-validation-policies
Redirect-uri-validation-policy
Client-store
Config-backed
Dynamic-client-registration
Templatized
Non-templatized
Client-management
Dpop
Verifiable-credentials
W3c
Vc-sd-jwt
Verifiable-credential
Expose-metadata
User-management-service
Api-authentication
Choice: user-data-store
Option: data-sources
Option: account-manager
Attribute-data-sources
Credential-management
Graphql-schema
Additional-account-attribute
Apps-service
Applications
Application
Endpoints
Endpoint
Authorize-endpoint-procedures
Token-endpoint-procedures
Introspect-endpoint-procedures
Assisted-token-endpoint-procedures
Userinfo-endpoint-procedures
Verifiable-credential-endpoint-procedures
Device-authorization-procedures
Token-issuers
Custom-token-issuer
Data-sources
Jwt
Default-token-issuer
Jwt-issuer-settings
Use-caching-services
Facilities
Cache
Choice: cache-type
In-memory-cache
Client
Connection-pool
Choice: http-authentication
Http-basic-authn
Oauth-credentials
Choice: inner-client-or-legacy-settings
Token-endpoint-tls
Tls
Proxy
Client-alarms
Failed-communication-alarm
Retry-on-failures
Data-source
Data-source-alarms
Slow-connection-alarm
Failed-communication-alarm
Choice: data-source-type
Option: scim2
Scim2
Account
Attributes
Option: multi-zone
Multi-zone
Zone-mapping
Option: ldap
Ldap
Account
Attributes
Credentials
Tls
Option: scim
Scim
Option: dynamodb
Dynamodb
Choice: dynamodb-access-method
Option: access-key-id-and-secret
Access-key-id-and-secret
Option: awsprofile
Awsprofile
Option: default-credentials-provider
Default-credentials-provider
Option: ec2-instance-profile
Option: web-identity-token-file
Web-identity-token-file
Option: json
Json
Web-service-client
Attributes
Buckets
Credential-access
Option: jdbc
Jdbc
Choice: credentials-mode
Option: credentials-in-accounts-table-mode
Option: credentials-migration-mode
Credentials-migration-mode
Option: standard-credentials-mode
Standard-credentials-mode
Email-provider
Choice: provider-type
Smtp
Dkim
Tls
Sms-provider
Choice: provider-type
Twilio
Choice: auth-token-or-api-key
Option: api-key
Api-key
Option: rest
Rest
Web-service-client
Crypto
Hardware-security-module
Choice: slot
Choice: mechanisms
Ssl
Server-keystore
Server-truststore
Client-truststore
Client-keystores
Signing-keys
Signing-key
Signature-verification-keys
Signature-verification-key
Signer-truststores
Issuer-certificate
Encryption-keys
Encryption-key
Decryption-keys
Decryption-key
Credentials
Credential
Certificate-alarms
Caching-services
Default-caching-service
Client-attestation
Android-policy
Override-certificate-chain-validation
Web-policy
Ios-policy
Override-certificate-chain-validation
Processing
Token-procedure
Global-script
Validation-procedure
Transformation-procedure
Filter-procedure
Event-listener-procedure
Claims-provider-procedure
Credential-transformation-procedure
Pre-processing-procedure
Post-processing-procedure
Authorization-manager
Choice: authorization-manager-type
Option: scopes
Policies
Policy
Option: groups
Groups
Group
Option: attribute
Attribute
Rule-list
Event-listener
Choice: event-listener-type
Audit-to-data-source
Option: script-event-listener
Script-event-listener
Webservice
Sms-sender
Email-sender
Account-manager
Bucket
Account-manager
Enable-registration
Credential-manager
Credential-verification-type
Choice: credential-type
Client-credentials-only
Choice: algorithm
Plaintext
Bcrypt
Phpass
Sha2withsha256
Sha2withsha512
Pbkdf2
Credential-transformation-procedure
Choice: data-source
Data-source-backed
Check-account-status
Config-backed
Users
Credential-policy
Credential-upgrade
Choice: credential-upgrade-option
Credential-migration
Credential-rehashing
Credential-policies
Credential-policy
Complexity
Temporary-lockout
Aging
History
Alarms
Control
Alarm-shelving
Shelf
Alarm-inventory
Alarm-type
Summary
Alarm-summary
Alarm-list
Alarm
Operator-state-change
Related-alarm
Status-change
Shelved-alarms
Shelved-alarm
Operator-state-change
Related-alarm
Status-change
Alarm-profile
Alarm-severity-assignment-profile
Base Types
Type Reference
Types
Identities