OAuth 2.0 provider system properties
When setting up Crowd as an OAuth 2.0 provider, you can use the following system properties.
| |
Default |
|
Description | Disables the ability to authenticate using access tokens for that node. |
| |
Default |
|
Description | Disables the HTTPS requirement for the base URL. If this is disabled, the OAuth 2.0 provider will be enabled even if the product is using HTTP. |
| |
Default |
|
Description | Disables the HTTPS requirement for the Redirect URL. If this is disabled, the OAuth 2.0 provider will allow Redirect URLs using HTTP. |
| |
Default | 10 |
Description | Number of seconds a request will await lock access before timing out. |
| |
Default | 10 |
Description | Max lifetime of authorization codes (seconds). The limit is 600 seconds. |
| |
Default |
|
Description | Cron expression for a job that removes expired authorization codes. Default is 1 minute. |
| |
Default |
|
Description | Max lifetime of access tokens (seconds). |
| |
Default |
|
Description | Cron expression for a job that removes expired access tokens. Default is 1 minute. |
| |
Default |
|
Description | Max lifetime of refresh tokens (seconds). |
| |
Default |
|
Description | Invalidates a session after a successful authentication using an OAuth token. |
| |
Default |
|
Description | Validates the client ID and client secret when revoking and creating tokens. |
| |
Default |
|
Description | Controls whether to add quotes to SQL statements. This is a sanity system property used for database requirements. PostgreSQL will always use quotes unless the |
| |
Default |
|
Description | Controls whether to add quotes to SQL statements. This is a sanity system property used for database requirements. |
| |
Default |
|
Description | Enables extracting tokens through the basic authentication password field for access token authentication. |