OpenID Connect Server Provider (openidConnectProvider)

OpenID Connect server provider

Name	Type	Default	Description
allowDefaultSsoCookieName	boolean	false	When this property is set to true, the default SSO cookie name, ltpaToken2, is used if a custom SSO cookie name is not configured. If a custom cookie name is configured for SSO, that cookie name is used. If a custom cookie name is not configured and this property is set to false, an auto-generated SSO cookie name will be used.
backchannelLogoutRequestTimeout	A period of time with second precision	180s	Amount of time before a back-channel logout request to an OpenID Connect client times out. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
customClaims	string		The extra claims to be put in the payloads of the ID token, in addition to the default realmName, uniqueSecurityName, and groupIds claims.
id	string		A unique configuration ID.
idTokenCacheEnabled	boolean	true	Enable caching to save ID tokens in the database and in-memory cache.
idTokenLifetime	A period of time with second precision	2h	Time that ID token is valid (seconds). We can also specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30 or 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
issuerIdentifier	string		Specify an issuer identifier for the issuer of the response.
jwkEnabled	boolean	false	When JWK is enabled, the OpenID Connect provider dynamically generates key pairs for signing JWT tokens that it creates. To validate the signature, the client can retrieve the key from the JWK endpoint, which has the format https://<host_name>:<port_number>/oidc/endpoint/<provider_id>/jwk. When this attribute is false, the provider will use the key specified by the keyAliasName attribute to sign the JWT. The provider will still make that key available as a JWK from the JWK endpoint if this attribute is false.
jwkRotationTime	A period of time with minute precision	720m	Amount of time after which a new JWK is generated (minutes). For example, specify 90 minutes as 90 or 90m. Minimum value is 60 minutes. Specify a positive integer followed by a unit of time, which can be hours (h) or minutes (m). For example, specify 30 minutes as 30m. We can include multiple values in a single entry. For example, 1h30m is equivalent to 90 minutes.
jwkSigningKeySize	1024 2048 4096	2048	Size measured in bits of the signing key. 1024 1024 bits 2048 2048 bits 4096 4096 bits
keyAliasName	string		Key alias name to locate the private key for signing with an asymmetric algorithm.
keyStoreRef	Top level keyStore element (string).	opKeyStore	A keystore containing the private key necessary for signing with an asymmetric algorithm.
oauthProviderRef	Top level oauthProvider element (string).		A reference to the ID of an OAuth provider.
sessionManaged	boolean	false	Indicate by true or false whether session management is supported. Default is false.
signatureAlgorithm	HS256 RS256 none	HS256	Specify the signature algorithm that will be used to sign the ID token. HS256 HMAC using SHA-256 hash RS256 RSASSA-PKCS-v1_5 using SHA-256 hash none No signature
trustStoreRef	Top level keyStore element (string).		A keystore containing the public key necessary for verifying a signature of the JWT token.

claimToUserRegistryMap

Specify the user registry key for the claim.

Name	Type	Default	Description
address	string	postalAddress	Specify the user registry key that will be retrieved for the address claim.
email	string	mail	Specify the user registry key that will be retrieved for the email claim.
given_name	string	givenName	Specify the user registry key that will be retrieved for the given_name claim.
name	string	displayName	Specify the user registry key that will be retrieved for the name claim.
phone_number	string	telephoneNumber	Specify the user registry key that will be retrieved for the phone_number claim.
picture	string	photoURL	Specify the user registry key that will be retrieved for the picture claim.

claimToUserRegistryMap > property

A unique configuration ID.

Name	Type	Default	Description
id	string		A unique configuration ID.
name	string Required		Specify the name of the property
value	string Required		Specify the value of the property

discovery

Discovery is based on OpenID Connect and Jazz Authorization Server Profile.

Name	Type	Default	Description
claimsParameterSupported	boolean	false	Indicate by true or false whether claims parameter is supported.
claimsSupported	string	sub	Specify by comma the list of claims that will be supported.
grantTypesSupported	authorization_code client_credentials implicit password refresh_token urn:ietf:params:oauth:grant-type:jwt-bearer	authorization_code	Specify by comma the list of the grant types that will be used.
idTokenSigningAlgValuesSupported	HS256 RS256 none	HS256	Specify the signature algorithm that will be used to sign the ID token. HS256 HMAC using SHA-256 hash RS256 RSASSA-PKCS-v1_5 using SHA-256 hash none No signature
requestParameterSupported	boolean	false	Indicate by true or false whether request parameter is supported.
requestUriParameterSupported	boolean	false	Indicate by true or false whether request URI parameter is supported.
requireRequestUriRegistration	boolean	false	Indicate by true or false whether require request URI registration is supported.
responseModesSupported	form_post fragment query	query	Specify by comma the list of the response modes that will be used.
responseTypesSupported	code id_token token token	code	Specify by comma the list of the response types that will be supported by the OP.
scopesSupported	string	openid	Specify by comma the list of scopes that will be supported.
tokenEndpointAuthMethodsSupported	client_secret_basic client_secret_post none	client_secret_post	Specify by comma the list of the token endpoint authentication methods that will be used.

oauthProvider

A reference to the ID of an OAuth provider.

Name	Type	Default	Description
accessTokenCacheEnabled	boolean	true	Enable caching to save access tokens in the database and in-memory cache.
accessTokenEncoding	PBKDF2WithHmacSHA512 plain	plain	The encoding type for the stored access token. The default is set to plain, for compatibility with earlier versions. PBKDF2WithHmacSHA512 is recommended.
accessTokenLength	long	40	Length of the generated OAuth access token.
accessTokenLifetime	A period of time with second precision	7200	Time that access token is valid (seconds). Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
allowCertAuthentication	boolean	true	Allow the authentication of a client certificate if a client certificate is included in the https request. This attribute allows client certificates to be used for authentication even if the certAuthentication attribute is set to false.
allowPublicClients	boolean	false	A value of false disables the access of public clients as detailed in the OAuth specification.
allowSpnegoAuthentication	boolean	false	Allow the authentication of an SPNEGO token in the https request.
appPasswordLifetime	A period of time with second precision	90d	Specifies the lifetime of application passwords that are generated by this OAuth provider. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
appTokenLifetime	A period of time with second precision	90d	Specifies the lifetime of application tokens that are generated by this OAuth provider. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
appTokenOrPasswordLimit	long	100	Token limit for each user and client combination.
authorizationCodeLength	long	30	Length of the generated authorization code.
authorizationCodeLifetime	A period of time with second precision	60	Authorization code lifetime (seconds). Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
authorizationErrorTemplate	string		URL of a custom authorization error page template.
authorizationFormTemplate	string	template.html	URL of a custom authorization page template.
authorizationGrantLifetime	A period of time with second precision	604800	Authorization grant lifetime (seconds). Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
autoAuthorize	boolean	false	To use auto authorization, append the autoAuthorize parameter to requests with a value of true.
autoAuthorizeClient	string		Name of a client allowed to use auto authorization.
autoAuthorizeParam	string	autoauthz	To use auto authorization, append the autoAuthorize parameter to requests with a value of true.
certAuthentication	boolean	false	Enable the authentication of client certificate in the https request.
characterEncoding	string		Set request character encoding to this value.
clientSecretEncoding	PBKDF2WithHmacSHA512 xor	xor	The encoding type for the stored client secret. The default is set to XOR, for compatibility with earlier versions. PBKDF2WithHmacSHA512 is recommended.
clientTokenCacheSize	long		Maximum number of entries in the client token cache.
clientURISubstitutions	string		Optional value to replace client URI strings for dynamic host names.
consentCacheEntryLifetime	A period of time with second precision	1800	Time that an entry in the consent cache is valid (seconds). Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
consentCacheSize	long Min: 0	1000	Maximum number of entries allowed in the consent cache.
coverageMapSessionMaxAge	A period of time with second precision	600	The max-age value (seconds) for the cache-control header of the coverage map service. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
customLoginURL	string	login.jsp	URL of a custom login page.
filter	string		URI filter selects requests to be authorized by this provider.
grantType	string	authorization_code	An OAuth 2.0 grant type, as detailed in the OAuth 2.0 specification, allowed for the provider. By default, all grant types are allowed. The supported values are authorization_code, client_credentials, refresh_token, password, implicit and urn:ietf:params:oauth:grant-type:jwt-bearer.
httpsRequired	boolean	true	SSL communication between the OAuth client and provider is required.
includeTokenInSubject	boolean	true	If the value is true, add the com.ibm.wsspi.security.oauth20.token.WSOAuth20Token as a private credential.
internalClientId	string		The ID of an existing client that will be used to generate tokens for PersonalTokenManagement and UsersTokenManagement UI pages.
internalClientSecret	Reversably encoded password (string)		The secret of an existing client that will be used to generate tokens for PersonalTokenManagement and UsersTokenManagement UI pages.
issueRefreshToken	boolean	true	A value of false disables generation and the use of refresh tokens.
jwtAccessToken	boolean	false	Generate the Json Web Token, serialize it as a string and put in the place of the access token.
libraryRef	Top level library element (string).		Reference to shared library containing the mediator plugin class.
logoutRedirectURL	string		Optional URL that the client is redirected to after successfully invoking the logout endpoint. If a URL is not supplied, then a minimal default logout page is used.
mediatorClassname	string		Mediator plugin class name.
oauthOnly	boolean	true	If the value is true, then requests matching the filter must have an access token or they will be failed. If false, then matching requests will be checked for other authentication data if no access token is present.
passwordGrantRequiresAppPassword	boolean	false	When set to true, OAuth authorization flows that use the resource owner password credentials grant type must use an application password instead of the password configured for a user in the user registry. When this attribute is enabled, OAuth clients must obtain an application password from this OAuth provider to use the password grant type.
refreshTokenLength	long	50	Length of generated refresh token.
refreshedAccessTokenLimit	long	100	Maximum number of access tokens that can be created using refresh tokens for a single OAuth client and user combination.
revokeAccessTokensWithRefreshTokens	boolean	true	A value of false disables revocation of associated access tokens when a refresh token is revoked. The default value is true.
ropcPreferUserPrincipalName	boolean	false	If the user principal name differs from the username that is supplied in the ROPC (Resource Owner Password Credentials) request, then the username is set to the user principal name for all tokens created by the ROPC grant type. The default is false. If both ropcPreferUserSecurityName and ropcPreferUserPrincipalName are set to true, then ropcPreferUserPrincipalName takes precedence.
ropcPreferUserSecurityName	boolean	false	If the user security name differs from the username that is supplied in the ROPC (Resource Owner Password Credentials) request, then the username is set to the user security name for all tokens created by the ROPC grant type. The default is false. If both ropcPreferUserSecurityName and ropcPreferUserPrincipalName are set to true, then ropcPreferUserPrincipalName takes precedence.
skipResourceOwnerValidation	boolean	false	If the value is true, skip validation of resource owner.
tokenFormat	jwt mpjwt opaque		The type of token to be produced. One of opaque, jwt, or mpjwt. Mpjwt is microprofile standardized format. The default is opaque.
trackOAuthClients	boolean	false	Track all OAuth clients that interact with this OAuth provider.
userClientTokenLimit	long		Token limit for each user and client combination.

oauthProvider > customStore

Clients are defined, and tokens and consents are cached in a custom OAuthStore implementation.

Name	Type	Default	Description
cleanupExpiredInterval	A period of time with second precision	3600	The interval to use for cleaning up expired tokens and consents from the custom OAuthStore implementation. The valid range is 0 to Integer.MAX_VALUE in seconds. A value of 0 indicates that no cleanup is performed. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
storeId	string Required		Specifies the OAuthStore ID to use for a custom store. The value must match the value of the oauth.store.id property specified for the OAuthStore implementation.

oauthProvider > databaseStore

Clients are defined and tokens are cached in the database.

Name	Type	Default	Description
cleanupExpiredTokenInterval	A period of time with second precision	3600	The interval to use for cleaning up expired tokens from the database store. The valid range is 0 to Integer.MAX_VALUE in seconds. A value of 0 indicates that no cleanup is performed. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
dataSourceRef	Top level dataSource element (string).		Reference to the data source for the store.
password	Reversably encoded password (string)		Password used to access the database.
schema	string	OAuthDBSchema	Schema
user	string		User

oauthProvider > databaseStore > dataSource

Reference to the data source for the store.

Name	Type	Default	Description
connectionManagerRef	Top level connectionManager element (string).		Connection manager for a data source. If updated while the server is running, existing connections are destroyed.
connectionSharing	MatchCurrentState MatchOriginalRequest	MatchOriginalRequest	Specifies how connections are matched for sharing. MatchCurrentState When sharing connections, match based on the current state of the connection. If updated while the server is running, the update is applied with each first connection handle in a transaction. MatchOriginalRequest When sharing connections, match based on the original connection request.
containerAuthDataRef	Top level authData element (string).		Default authentication data for container managed authentication that applies when bindings do not specify an authentication-alias for a resource reference with res-auth=CONTAINER. If updated while the server is running, the change is applied with new connection requests; in-use connections are not impacted.
isolationLevel	TRANSACTION_NONE TRANSACTION_READ_COMMITTED TRANSACTION_READ_UNCOMMITTED TRANSACTION_REPEATABLE_READ TRANSACTION_SERIALIZABLE TRANSACTION_SNAPSHOT		Default transaction isolation level. If unspecified and the database is identified as DB2, Derby, Informix, Microsoft SQL Server or Sybase, TRANSACTION_REPEATABLE_READ is used. If unspecified for other databases, TRANSACTION_READ_COMMITTED is used. If updated while the server is running, the update is applied with new connection requests; in-use connections are not impacted. TRANSACTION_NONE Indicates that the JDBC driver does not support transactions. TRANSACTION_READ_COMMITTED Dirty reads are prevented; non-repeatable reads and phantom reads can occur. TRANSACTION_READ_UNCOMMITTED Dirty reads, non-repeatable reads and phantom reads can occur. TRANSACTION_REPEATABLE_READ Dirty reads and non-repeatable reads are prevented; phantom reads can occur. TRANSACTION_SERIALIZABLE Dirty reads, non-repeatable reads and phantom reads are prevented. TRANSACTION_SNAPSHOT Snapshot isolation for Microsoft SQL Server JDBC Driver and DataDirect Connect for JDBC driver.
jaasLoginContextEntryRef	Top level jaasLoginContextEntry element (string).		JAAS login context entry for authentication. If updated while the server is running, the update is applied with new connection requests; in-use connections are not impacted.
jdbcDriverRef	Top level jdbcDriver element (string).		JDBC driver for a data source. If updated while the server is running, existing connections are destroyed.
jndiName	string		JNDI name for a data source. If updated while the server is running, existing connections are destroyed.
statementCacheSize	int Min: 0	10	Maximum number of cached statements per connection. If updated while the server is running, the statement cache is resized upon next use. To set this option, complete the following prerequisites: Review either the application code or a SQL trace gathered from the database or database driver for all unique prepared statements. Ensure that the cache size is larger than the number of statements.
transactional	boolean	true	Enable participation in transactions that are managed by the application server. If updated while the server is running, existing connections are destroyed.
type	java.sql.Driver javax.sql.ConnectionPoolDataSource javax.sql.DataSource javax.sql.XADataSource		Type of data source. If updated while the server is running, existing connections are destroyed.
Advanced Properties
beginTranForResultSetScrollingAPIs	boolean	true	Attempt transaction enlistment when result set scrolling interfaces are used.
beginTranForVendorAPIs	boolean	true	Attempt transaction enlistment when vendor interfaces are used.
commitOrRollbackOnCleanup	commit rollback		Determines how to clean up connections that might be in a database unit of work (AutoCommit=false) when the connection is closed or returned to the pool. commit Clean up the connection by committing. rollback Clean up the connection by rolling back.
enableConnectionCasting	boolean	false	Indicates that connections obtained from the data source should be castable to interface classes that the JDBC vendor connection implementation implements. Enable this option incurs additional overhead on each getConnection operation. If vendor JDBC interfaces are needed less frequently, it might be more efficient to leave this option disabled and use Connection.unwrap(interface) only where it is needed. If updated while the server is running, the update is applied with new connection requests; in-use connections are not impacted.
onConnect	string		SQL command to execute once on each new connection that is established to the database. The SQL statement applies only to newly created connections, not to existing connections that are reused from the connection pool. If updated while the server is running, existing connections are destroyed.
queryTimeout	A period of time with second precision		Default query timeout for SQL statements. In a JTA transaction, syncQueryTimeoutWithTransactionTimeout can override this default. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
recoveryAuthDataRef	Top level authData element (string).		Authentication data for transaction recovery.
supplementalJDBCTrace	boolean		Supplements the JDBC driver trace that is logged when JDBC driver trace is enabled in bootstrap.properties. JDBC driver trace specifications include: com.ibm.ws.database.logwriter, com.ibm.ws.db2.logwriter, com.ibm.ws.derby.logwriter, com.ibm.ws.informix.logwriter, com.ibm.ws.oracle.logwriter, com.ibm.ws.sqlserver.logwriter, com.ibm.ws.sybase.logwriter. If updated while the server is running, existing connections are destroyed.
syncQueryTimeoutWithTransactionTimeout	boolean	false	Use the time remaining (if any) in a JTA transaction as the default query timeout for SQL statements.
validationTimeout	A period of time with second precision		When specified, pooled connections are validated before being reused from the connection pool. The validation timeout is also used when the connection manager validates connections in response to a stale connection for PurgePolicy=ValidateAllConnections. The full amount of the validation timeout applies to each connection that is validated, which is done via the Connection.isValid(timeout) JDBC API operation. A value of 0 means that connections are validated without applying any timeout. Validation timeout requires a JDBC driver that complies with the JDBC 4.0 specification or higher. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.

oauthProvider > databaseStore > dataSource > connectionManager

Connection manager for a data source. If updated while the server is running, existing connections are destroyed.

Name	Type	Default	Description
agedTimeout	A period of time with second precision	-1	Amount of time before a connection can be discarded by pool maintenance. A value of -1 disables this timeout. A value of 0 discards every connection, which disables connection pooling. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
connectionTimeout	A period of time with second precision	30s	Amount of time after which a connection request times out. A value of -1 disables this timeout, meaning infinite wait. A value of 0 is immediate, meaning no wait. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
maxIdleTime	A period of time with second precision	30m	Amount of time a connection can be unused or idle until it can be discarded during pool maintenance, if doing so does not reduce the pool below the minimum size. A value of -1 disables this timeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
maxPoolSize	int Min: 0	50	Maximum number of physical connections for a pool. A value of 0 means unlimited. The optimal setting depends on the application characteristics. For an application in which every thread obtains a connection to the database, we might start with a 1:1 mapping to the `coreThreads` attribute.
minPoolSize	int Min: 0		Minimum number of physical connections to maintain in the pool. The pool is not pre-populated. Aged timeout can override the minimum.
purgePolicy	EntirePool FailingConnectionOnly ValidateAllConnections	EntirePool	Specifies which connections to destroy when a stale connection is detected in a pool. EntirePool When a stale connection is detected, all connections in the pool are marked stale, and when no longer in use, are closed. FailingConnectionOnly When a stale connection is detected, only the connection which was found to be bad is closed. ValidateAllConnections When a stale connection is detected, connections are tested and those found to be bad are closed.
reapTime	A period of time with second precision	3m	Amount of time between runs of the pool maintenance thread. A value of -1 disables pool maintenance. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
Advanced Properties
autoCloseConnections	boolean	true	Attempts to clean up after applications that leave connections open after the end of a servlet request, enterprise bean instance, managed executor task, contextual task, or managed completion stage. When an unsharable connection is obtained within one of these application artifacts and remains open when it ends, the container attempts to close the connection handle. The container may also close sharable connections that do not support DissociatableManagedConnection. Applications should always follow the programming model defined by the specification and close connections at the appropriate times rather than relying on the container, even when this option is enabled.
enableContainerAuthForDirectLookups	boolean	false	If set to true, connections use container authentication. If set to false, connections use application authentication.
enableSharingForDirectLookups	boolean	true	If set to true, connections are shared. If set to false, connections are unshared.
maxConnectionsPerThread	int Min: 0		Limits the number of open connections on each thread.
numConnectionsPerThreadLocal	int Min: 0		Caches the specified number of connections for each thread. This setting can provide a performance improvement on large multi-core (8+) machines by reserving the specified number of database connections for each thread. For best performance, if we have n applications threads, set the maximum pool connections to at least n times the value of the numConnectionsPerThreadLocal attribute. Use the same credentials for all connection requests. For example, if we use 20 application threads, set the maximum pool connections to 20 or more. If we set the value of numConnectionPerThreadLocal attribute as 2 and we have 20 application threads, set the maximum pool connection to 40 or more. If setting numConnectionsPerThreadLocal does not improve performance due to application connection usage patterns that do not benefit from using numConnectionsPerThreadLocal, remove the attribute from configuration or set the value to 0.

oauthProvider > databaseStore > dataSource > containerAuthData

Default authentication data for container managed authentication that applies when bindings do not specify an authentication-alias for a resource reference with res-auth=CONTAINER. If updated while the server is running, the change is applied with new connection requests; in-use connections are not impacted.

Name	Type	Default	Description
krb5Principal	string		The name of the Kerberos principal name or Kerberos service name to be used.
krb5TicketCache	Path to a file		The file location where Kerberos credentials for the Kerberos principal name or service name will be stored. Also known as the Kerberos credential cache (ccache)
password	Reversably encoded password (string)		Password of the user to use when connecting to the EIS. The value can be stored in clear text or encoded form. IBM recommends encoding the password using the securityUtility tool with the encode option.
user	string		Name of the user to use when connecting to the EIS.

oauthProvider > databaseStore > dataSource > heritageSets

Heritage settings for data sources.

Name	Type	Default	Description
helperClass	string		An implementation of the com.ibm.websphere.rsadapter.DataStoreHelper interface with the com.ibm.websphere.rsadapter.GenericDataStoreHelper class in its inheritance hierarchy.
replaceExceptions	boolean	false	Replace exceptions that are raised by the JDBC driver instead of only identifying them.

oauthProvider > databaseStore > dataSource > identifyException

Identify a specific SQL error code or SQL state on a SQLException. This enables the server to take appropriate action based on the error condition. For example, closing a stale connection instead of returning it to the connection pool.

Name	Type	Default	Description
as	string Required		Identifies the error condition that the SQL error code or SQL state represents. Allowed values are: None, StaleConnection, StaleStatement, Unsupported. None removes the identification of the exception. StaleConnection causes connections to be evicted from the connection pool per the purge policy. StaleStatement causes statements to be evicted from the statement cache. Unsupported indicates an operation that is not supported by the JDBC driver.
errorCode	int		An error code specific to the backend database. Normally, this is the actual error code that is returned by the underlying database.
id	string		A unique configuration ID.
sqlState	string		A string that follows either the XOPEN SQL state conventions or the SQL:2003 conventions.

oauthProvider > databaseStore > dataSource > jaasLoginContextEntry

JAAS login context entry for authentication. If updated while the server is running, the update is applied with new connection requests; in-use connections are not impacted.

Name	Type	Default	Description
loginModuleRef	List of references to top level jaasLoginModule elements (comma-separated string).	hashtable,userNameAndPassword,certificate,token	A reference to the ID of a JAAS login module.
name	string Required		Name of a JAAS configuration entry.

oauthProvider > databaseStore > dataSource > jdbcDriver

JDBC driver for a data source. If updated while the server is running, existing connections are destroyed.

Name	Type	Default	Description
libraryRef	Top level library element (string).		Identifies JDBC driver JARs and native files.
Advanced Properties
javax.sql.ConnectionPoolDataSource	string		JDBC driver implementation of javax.sql.ConnectionPoolDataSource.
javax.sql.DataSource	string		JDBC driver implementation of javax.sql.DataSource.
javax.sql.XADataSource	string		JDBC driver implementation of javax.sql.XADataSource.

oauthProvider > databaseStore > dataSource > jdbcDriver > library

Identifies JDBC driver JARs and native files.

Name	Type	Default	Description
apiTypeVisibility	string	spec,ibm-api,api,stable	The types of API packages that this class loader supports. This value is a comma-separated list of any combination of the following API packages: spec, ibm-api, api, stable, third-party.
description	string		Description of shared library for administrators
filesetRef	List of references to top level fileset elements (comma-separated string).		Specifies a set of JAR or ZIP files to include in the class path for this library
name	string		Name of shared library for administrators

oauthProvider > databaseStore > dataSource > jdbcDriver > library > file

Add a JAR or ZIP file to include in the class path for this library. Classes and resources that are contained in the specified JAR or ZIP are available to load for this library.

Name	Type	Default	Description
id	string		A unique configuration ID.
name	Path to a file Required		The path to a file can be a fully qualified path or a relative path. Relative paths are relative to the value of the ${server.config.dir} property.

oauthProvider > databaseStore > dataSource > jdbcDriver > library > fileset

Specifies a set of JAR or ZIP files to include in the class path for this library

Name	Type	Default	Description
caseSensitive	boolean	true	Boolean to indicate whether or not the search should be case sensitive (default: true).
dir	Path to a directory	${server.config.dir}	The base directory to search for files.
excludes	string		The comma or space separated list of file name patterns to exclude from the search results, by default no files are excluded.
id	string		A unique configuration ID.
includes	string	*	The comma or space separated list of file name patterns to include in the search results (default: *).
scanInterval	A period of time with millisecond precision	0	The scanning interval to determine whether files are added or removed from the fileset. The individual files are not scanned. The suffix for the interval of time is h-hour, m-minute, s-second, and ms-millisecond, for example, 2ms or 5s. The scanning interval is disabled by default and is disabled manually by setting the scan interval, scanInterval, to 0. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.

oauthProvider > databaseStore > dataSource > jdbcDriver > library > folder

Add a folder to include in the class path for this library. Classes and resources that are contained in the specified folder and its subfolders are available to load for this library. JAR and ZIP files that are contained in the specified folder are not added to the class path for this library.

Name	Type	Default	Description
dir	Path to a directory Required		The path to a folder can be a fully qualified path or a relative path. Relative paths are relative to the value of the ${server.config.dir} property.
id	string		A unique configuration ID.

oauthProvider > databaseStore > dataSource > jdbcDriver > library > path

Add a JAR file, ZIP file or folder to include in the class path for this library. If the specified path is a JAR or ZIP file, then classes and resources that are contained in the specified JAR or ZIP file are available to load for this library. If the specified path is a folder, then classes and resources that are contained in the specified folder and its subfolders are available to load for this library. JAR and ZIP files contained in the specified folder are not added to the class path for this library.

Name	Type	Default	Description
id	string		A unique configuration ID.
name	A file, directory or url. Required		The path can be a fully qualified path or a relative path. Relative paths are relative to the value of the ${server.config.dir} property.

oauthProvider > databaseStore > dataSource > properties

List of JDBC vendor properties for the data source. For example, databaseName="dbname" serverName="localhost" portNumber="50000". Use this generic properties list when no vendor-specific properties list type is available for the JDBC driver. Do not specify multiple properties elements under a data source. Instead, place all property name-value pairs on a single properties or properties.{JDBC_VENDOR_TYPE} element.

Name	Type	Default	Description
URL	string		URL for connecting to the database.
databaseName	string		JDBC driver property: databaseName.
password	Reversably encoded password (string)		It is recommended to use a container managed authentication alias instead of configuring this property.
portNumber	int		Port on which to obtain database connections.
serverName	string		Server where the database is running.
user	string		It is recommended to use a container managed authentication alias instead of configuring this property.

oauthProvider > databaseStore > dataSource > properties.datadirect.sqlserver

Data source properties for the DataDirect Connect for JDBC driver for Microsoft SQL Server.

Name	Type	Default	Description
databaseName	string		JDBC driver property: databaseName.
portNumber	int		Port on which to obtain database connections.
serverName	string	localhost	Server where the database is running.
Advanced Properties
JDBCBehavior	0 1	0	JDBC driver property: JDBCBehavior. Values are: 0 (JDBC 4.0) or 1 (JDBC 3.0). 0 JDBC 4.0 1 JDBC 3.0
XATransactionGroup	string		JDBC driver property: XATransactionGroup.
XMLDescribeType	longvarbinary longvarchar		JDBC driver property: XMLDescribeType.
accountingInfo	string		JDBC driver property: accountingInfo.
alwaysReportTriggerResults	boolean		JDBC driver property: alwaysReportTriggerResults.
applicationName	string		JDBC driver property: applicationName.
authenticationMethod	auto kerberos ntlm userIdPassword		JDBC driver property: authenticationMethod.
bulkLoadBatchSize	long		JDBC driver property: bulkLoadBatchSize.
bulkLoadOptions	long		JDBC driver property: bulkLoadOptions.
clientHostName	string		JDBC driver property: clientHostName.
clientUser	string		JDBC driver property: clientUser.
codePageOverride	string		JDBC driver property: codePageOverride.
convertNull	int		JDBC driver property: convertNull.
dateTimeInputParameterType	auto dateTime dateTimeOffset		JDBC driver property: dateTimeInputParameterType.
dateTimeOutputParameterType	auto dateTime dateTimeOffset		JDBC driver property: dateTimeOutputParameterType.
describeInputParameters	describeAll describeIfDateTime describeIfString noDescribe		JDBC driver property: describeInputParameters.
describeOutputParameters	describeAll describeIfDateTime describeIfString noDescribe		JDBC driver property: describeOutputParameters.
enableBulkLoad	boolean		JDBC driver property: enableBulkLoad.
enableCancelTimeout	boolean		JDBC driver property: enableCancelTimeout.
encryptionMethod	SSL loginSSL noEncryption requestSSL		JDBC driver property: encryptionMethod.
hostNameInCertificate	string		JDBC driver property: hostNameInCertificate.
initializationString	string		JDBC driver property: initializationString.
insensitiveResultSetBufferSize	int		JDBC driver property: insensitiveResultSetBufferSize.
javaDoubleToString	boolean		JDBC driver property: javaDoubleToString.
loginTimeout	A period of time with second precision		JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
longDataCacheSize	int Min: -1		JDBC driver property: longDataCacheSize.
netAddress	string		JDBC driver property: netAddress.
packetSize	int Min: -1 Max: 128		JDBC driver property: packetSize.
password	Reversably encoded password (string)		It is recommended to use a container managed authentication alias instead of configuring this property.
queryTimeout	A period of time with second precision		JDBC driver property: queryTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
resultsetMetaDataOptions	int		JDBC driver property: resultsetMetaDataOptions.
selectMethod	cursor direct		JDBC driver property: selectMethod.
snapshotSerializable	boolean		JDBC driver property: snapshotSerializable.
spyAttributes	string		JDBC driver property: spyAttributes.
stringInputParameterType	nvarchar varchar	varchar	JDBC driver property: stringInputParameterType.
stringOutputParameterType	nvarchar varchar	varchar	JDBC driver property: stringOutputParameterType.
suppressConnectionWarnings	boolean		JDBC driver property: suppressConnectionWarnings.
transactionMode	explicit implicit		JDBC driver property: transactionMode.
truncateFractionalSeconds	boolean		JDBC driver property: truncateFractionalSeconds.
trustStore	string		JDBC driver property: trustStore.
trustStorePassword	Reversably encoded password (string)		JDBC driver property: trustStorePassword.
useServerSideUpdatableCursors	boolean		JDBC driver property: useServerSideUpdatableCursors.
user	string		It is recommended to use a container managed authentication alias instead of configuring this property.
validateServerCertificate	boolean		JDBC driver property: validateServerCertificate.
Failover Properties
alternateServers	string		JDBC driver property: alternateServers.
connectionRetryCount	int		JDBC driver property: connectionRetryCount.
connectionRetryDelay	A period of time with second precision		JDBC driver property: connectionRetryDelay. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
failoverGranularity	atomic atomicWithRepositioning disableIntegrityCheck nonAtomic		JDBC driver property: failoverGranularity.
failoverMode	connect extended select		JDBC driver property: failoverMode.
failoverPreconnect	boolean		JDBC driver property: failoverPreconnect.
loadBalancing	boolean		JDBC driver property: loadBalancing.

oauthProvider > databaseStore > dataSource > properties.db2.i.native

Data source properties for the IBM DB2 for i Native JDBC driver.

Name	Type	Default	Description
databaseName	string	*LOCAL	JDBC driver property: databaseName.
Advanced Properties
access	all read call read only	all	JDBC driver property: access.
autoCommit	boolean	true	JDBC driver property: autoCommit.
batchStyle	2.0 2.1	2.0	JDBC driver property: batchStyle.
behaviorOverride	int		JDBC driver property: behaviorOverride.
blockSize	0 8 16 32 64 128 256 512	32	JDBC driver property: blockSize.
cursorHold	boolean	false	JDBC driver property: cursorHold.
cursorSensitivity	asensitive sensitive	asensitive	JDBC driver property: cursorSensitivity. Values are: 0 (TYPE_SCROLL_SENSITIVE_STATIC), 1 (TYPE_SCROLL_SENSITIVE_DYNAMIC), 2 (TYPE_SCROLL_ASENSITIVE).
dataTruncation	string	true	JDBC driver property: dataTruncation.
dateFormat	dmy eur iso jis julian mdy usa ymd		JDBC driver property: dateFormat.
dateSeparator	- . / \, b		JDBC driver property: dateSeparator. - The dash character (-). . The period character (.). / The forward slash character (/). \, The comma character (,). b The character b
decimalSeparator	. \,		JDBC driver property: decimalSeparator. . The period character (.). \, The comma character (,).
directMap	boolean	true	JDBC driver property: directMap.
doEscapeProcessing	boolean	true	JDBC driver property: doEscapeProcessing.
fullErrors	boolean		JDBC driver property: fullErrors.
libraries	string		JDBC driver property: libraries.
lobThreshold	int Max: 500000	0	JDBC driver property: lobThreshold.
lockTimeout	A period of time with second precision	0	JDBC driver property: lockTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
loginTimeout	A period of time with second precision		JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
maximumPrecision	31 63	31	JDBC driver property: maximumPrecision.
maximumScale	int Min: 0 Max: 63	31	JDBC driver property: maximumScale.
minimumDivideScale	int Min: 0 Max: 9	0	JDBC driver property: minimumDivideScale.
networkProtocol	int		JDBC driver property: networkProtocol.
password	Reversably encoded password (string)		It is recommended to use a container managed authentication alias instead of configuring this property.
portNumber	int		Port on which to obtain database connections.
prefetch	boolean	true	JDBC driver property: prefetch.
queryOptimizeGoal	1 2	2	JDBC driver property: queryOptimizeGoal. Values are: 1 (*FIRSTIO) or 2 (*ALLIO). 1 *FIRSTIO 2 *ALLIO
reuseObjects	boolean	true	JDBC driver property: reuseObjects.
serverName	string		Server where the database is running.
serverTraceCategories	int	0	JDBC driver property: serverTraceCategories.
systemNaming	boolean	false	JDBC driver property: systemNaming.
timeFormat	eur hms iso jis usa		JDBC driver property: timeFormat.
timeSeparator	. : \, b		JDBC driver property: timeSeparator. . The period character (.). : The colon character (:). \, The comma character (,). b The character b
trace	boolean		JDBC driver property: trace.
transactionTimeout	A period of time with second precision	0	JDBC driver property: transactionTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
translateBinary	boolean	false	JDBC driver property: translateBinary.
translateHex	binary character	character	JDBC driver property: translateHex.
useBlockInsert	boolean	false	JDBC driver property: useBlockInsert.
user	string		It is recommended to use a container managed authentication alias instead of configuring this property.

oauthProvider > databaseStore > dataSource > properties.db2.i.toolbox

Data source properties for the IBM DB2 for i Toolbox JDBC driver.

Name	Type	Default	Description
databaseName	string		JDBC driver property: databaseName.
serverName	string Required		Server where the database is running.
Advanced Properties
access	all read call read only	all	JDBC driver property: access.
behaviorOverride	int		JDBC driver property: behaviorOverride.
bidiImplicitReordering	boolean	true	JDBC driver property: bidiImplicitReordering.
bidiNumericOrdering	boolean	false	JDBC driver property: bidiNumericOrdering.
bidiStringType	int		JDBC driver property: bidiStringType.
bigDecimal	boolean	true	JDBC driver property: bigDecimal.
blockCriteria	0 1 2	2	JDBC driver property: blockCriteria. Values are: 0 (no record blocking), 1 (block if FOR FETCH ONLY is specified), 2 (block if FOR UPDATE is specified).
blockSize	0 8 16 32 64 128 256 512	32	JDBC driver property: blockSize.
characterTruncation	default none warning		JDBC driver property: CharacterTruncation.
concurrentAccessResolution	int Min: 0 Max: 3		JDBC driver property: concurrentAccessResolution.
cursorHold	boolean	false	JDBC driver property: cursorHold.
cursorSensitivity	asensitive insensitive sensitive	asensitive	JDBC driver property: cursorSensitivity. Values are: 0 (TYPE_SCROLL_SENSITIVE_STATIC), 1 (TYPE_SCROLL_SENSITIVE_DYNAMIC), 2 (TYPE_SCROLL_ASENSITIVE).
dataCompression	boolean	true	JDBC driver property: dataCompression.
dataTruncation	boolean	true	JDBC driver property: dataTruncation.
dateFormat	dmy eur iso jis julian mdy usa ymd		JDBC driver property: dateFormat.
dateSeparator	* * - * . * / * \,		JDBC driver property: dateSeparator. * * The space character ( ). - The dash character (-). . The period character (.). / The forward slash character (/). \, The comma character (,).
decfloatRoundingMode	ceiling down floor half down half even half up up		JDBC driver property: decfloatRoundingMode.
decimalDataErrors	string		JDBC driver property: decimalDataErrors.
decimalSeparator	. \,		JDBC driver property: decimalSeparator. . The period character (.). \, The comma character (,).
describeOption	string		JDBC driver property: describeOption.
driver	native toolbox	toolbox	JDBC driver property: driver.
errors	basic full	basic	JDBC driver property: errors.
extendedDynamic	boolean	false	JDBC driver property: extendedDynamic.
extendedMetaData	boolean	false	JDBC driver property: extendedMetaData.
fullOpen	boolean	false	JDBC driver property: fullOpen.
holdInputLocators	boolean	true	JDBC driver property: holdInputLocators.
holdStatements	boolean	false	JDBC driver property: holdStatements.
ignoreWarnings	string		JDBC driver property: ignoreWarnings.
isolationLevelSwitchingSupport	boolean	false	JDBC driver property: isolationLevelSwitchingSupport.
keepAlive	boolean		JDBC driver property: keepAlive.
lazyClose	boolean	false	JDBC driver property: lazyClose.
libraries	string		JDBC driver property: libraries.
lobThreshold	int Min: 0 Max: 16777216	0	JDBC driver property: lobThreshold.
loginTimeout	A period of time with second precision		JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
maximumBlockedInputRows	int Min: 1 Max: 32000		JDBC driver property: maximumBlockedInputRows.
maximumPrecision	31 63	31	JDBC driver property: maximumPrecision. 63 64
maximumScale	int Min: 0 Max: 63	31	JDBC driver property: maximumScale.
metaDataSource	int Min: 0 Max: 1	1	JDBC driver property: metaDataSource.
minimumDivideScale	int Min: 0 Max: 9	0	JDBC driver property: minimumDivideScale.
naming	sql system	sql	JDBC driver property: naming.
numericRangeError	default none warning		JDBC driver property: numericRangeError.
package	string		JDBC driver property: package.
packageAdd	boolean	true	JDBC driver property: packageAdd.
packageCCSID	1200 13488	13488	JDBC driver property: packageCCSID. Values are: 1200 (UCS-2) or 13488 (UTF-16). 1200 1200 (UCS-2) 13488 13488 (UTF-16)
packageCache	boolean	false	JDBC driver property: packageCache.
packageCriteria	default select	default	JDBC driver property: packageCriteria.
packageError	exception none warning	warning	JDBC driver property: packageError.
packageLibrary	string	QGPL	JDBC driver property: packageLibrary.
password	Reversably encoded password (string)		It is recommended to use a container managed authentication alias instead of configuring this property.
prefetch	boolean	true	JDBC driver property: prefetch.
prompt	boolean	false	JDBC driver property: prompt.
proxyServer	string		JDBC driver property: proxyServer.
qaqqiniLibrary	string		JDBC driver property: qaqqiniLibrary.
queryOptimizeGoal	int Min: 0 Max: 2	0	JDBC driver property: queryOptimizeGoal. Values are: 1 (*FIRSTIO) or 2 (*ALLIO).
queryReplaceTruncatedParameter	string		JDBC driver property: queryReplaceTruncatedParameter.
queryStorageLimit	int Min: -1		Query storage limit
queryTimeoutMechanism	cancel qqrytimlmt		JDBC driver property: queryTimeoutMechanism.
receiveBufferSize	int Min: 1		JDBC driver property: receiveBufferSize.
remarks	sql system	system	JDBC driver property: remarks.
rollbackCursorHold	boolean	false	JDBC driver property: rollbackCursorHold.
savePasswordWhenSerialized	boolean	false	JDBC driver property: savePasswordWhenSerialized.
secondaryUrl	string		JDBC driver property: secondaryUrl.
secure	boolean	false	JDBC driver property: secure.
secureCurrentUser	boolean		JDBC driver property: secureCurrentUser.
sendBufferSize	int Min: 1		JDBC driver property: sendBufferSize.
serverTrace	int		JDBC driver property: serverTrace.
serverTraceCategories	int	0	JDBC driver property: serverTraceCategories.
soLinger	A period of time with second precision		JDBC driver property: soLinger. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
soTimeout	A period of time with millisecond precision		JDBC driver property: soTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.
sort	hex language table	hex	JDBC driver property: sort.
sortLanguage	string		JDBC driver property: sortLanguage.
sortTable	string		JDBC driver property: sortTable.
sortWeight	shared unqiue		JDBC driver property: sortWeight. unqiue unique
tcpNoDelay	boolean		JDBC driver property: tcpNoDelay.
threadUsed	boolean	true	JDBC driver property: threadUsed.
timeFormat	eur hms iso jis usa		JDBC driver property: timeFormat.
timeSeparator	* * . * : * \,		JDBC driver property: timeSeparator. * * The space character ( ). . The period character (.). : The colon character (:). \, The comma character (,).
timestampFormat	ibmsql iso		JDBC driver property: timestampFormat.
toolboxTrace	all conversion datastream diagnostic error information jdbc none pcml proxy thread warning		JDBC driver property: toolboxTrace.
trace	boolean		JDBC driver property: trace.
translateBinary	boolean	false	JDBC driver property: translateBinary.
translateBoolean	boolean	true	JDBC driver property: translateBoolean.
translateHex	binary character	character	JDBC driver property: translateHex.
trueAutoCommit	boolean	false	JDBC driver property: trueAutoCommit.
useBlockUpdate	boolean		JDBC driver property: useBlockUpdate.
useDrdaMetadataVersion	boolean		JDBC driver property: useDrdaMetadataVersion.
user	string		It is recommended to use a container managed authentication alias instead of configuring this property.
variableFieldCompression	all false insert true		JDBC driver property: variableFieldCompression.
xaLooselyCoupledSupport	int Min: 0 Max: 1	0	JDBC driver property: xaLooselyCoupledSupport.

oauthProvider > databaseStore > dataSource > properties.db2.jcc

Data source properties for the IBM Data Server Driver for JDBC and SQLJ for DB2.

Name	Type	Default	Description
databaseName	string		JDBC driver property: databaseName. This property overrides the databaseName specified in the URL if one was configured.
driverType	2 4	4	JDBC driver property: driverType. 2 Type 2 JDBC driver. 4 Type 4 JDBC driver.
portNumber	int	50000	JDBC driver property: portNumber. This property overrides the portNumber specified in the URL if one was configured.
serverName	string		JDBC driver property: serverName. This property overrides the serverName specified in the URL if one was configured.
Advanced Properties
SSLCipherSuites	string		JDBC driver property: SSLCipherSuites.
accessToken	Reversably encoded password (string)		JDBC driver property: accessToken.
accountingInterval	string		JDBC driver property: accountingInterval.
activateDatabase	int		JDBC driver property: activateDatabase.
allowNextOnExhaustedResultSet	1 2		JDBC driver property: allowNextOnExhaustedResultSet. 1 YES 2 NO
allowNullResultSetForExecuteQuery	1 2		JDBC driver property: allowNullResultSetForExecuteQuery. 1 YES 2 NO
alternateGroupDatabaseName	string		JDBC driver property: alternateGroupDatabaseName.
alternateGroupPortNumber	string		JDBC driver property: alternateGroupPortNumber.
alternateGroupServerName	string		JDBC driver property: alternateGroupServerName.
apiKey	Reversably encoded password (string)		JDBC driver property: apiKey.
atomicMultiRowInsert	1 2		JDBC driver property: atomicMultiRowInsert. 1 YES 2 NO
blockingReadConnectionTimeout	A period of time with second precision		JDBC driver property: blockingReadConnectionTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
charOutputSize	short		JDBC driver property: charOutputSize.
clientAccountingInformation	string		JDBC driver property: clientAccountingInformation.
clientApplcompat	string		JDBC driver property: clientApplcompat.
clientApplicationInformation	string		JDBC driver property: clientApplicationInformation.
clientBidiStringType	4 5 6 7 8 9 10 11		JDBC driver property: clientBidiStringType. 4 BIDI_ST4 5 BIDI_ST5 6 BIDI_ST6 7 BIDI_ST7 8 BIDI_ST8 9 BIDI_ST9 10 BIDI_ST10 11 BIDI_ST11
clientDebugInfo	string Max: 254		JDBC driver property: clientDebugInfo.
clientProgramId	string Max: 80		JDBC driver property: clientProgramId.
clientProgramName	string Max: 12		JDBC driver property: clientProgramName.
clientUser	string		JDBC driver property: clientUser.
clientWorkstation	string		JDBC driver property: clientWorkstation.
commandTimeout	A period of time with second precision		JDBC driver property: commandTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
concurrentAccessResolution	1 2		JDBC driver property: concurrentAccessResolution. 1 CONCURRENTACCESS_USE_CURRENTLY_COMMITTED 2 CONCURRENTACCESS_WAIT_FOR_OUTCOME
connectNode	int Min: 0 Max: 999		JDBC driver property: connectNode.
connectionCloseWithInFlightTransaction	1 2		JDBC driver property: connectionCloseWithInFlightTransaction. 1 CONNECTION_CLOSE_WITH_EXCEPTION 2 CONNECTION_CLOSE_WITH_ROLLBACK
connectionTimeout	A period of time with second precision		JDBC driver property: connectionTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
currentAlternateGroupEntry	int		JDBC driver property: currentAlternateGroupEntry.
currentDegree	string		JDBC driver property: currentDegree.
currentExplainMode	string Max: 254		JDBC driver property: currentExplainMode.
currentExplainSnapshot	int Max: 8		JDBC driver property: currentExplainSnapshot.
currentFunctionPath	string		JDBC driver property: currentFunctionPath.
currentLocaleLcCtype	string		JDBC driver property: currentLocaleLcCtype.
currentLockTimeout	A period of time with second precision		JDBC driver property: currentLockTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
currentMaintainedTableTypesForOptimization	ALL NONE SYSTEM USER		JDBC driver property: currentMaintainedTableTypesForOptimization.
currentPackagePath	string		JDBC driver property: currentPackagePath.
currentPackageSet	string		JDBC driver property: currentPackageSet.
currentQueryOptimization	0 1 2 3 5 7 9		JDBC driver property: currentQueryOptimization.
currentSQLID	string		JDBC driver property: currentSQLID.
currentSchema	string		JDBC driver property: currentSchema.
cursorSensitivity	0 1 2		JDBC driver property: cursorSensitivity. Values are: 0 (TYPE_SCROLL_SENSITIVE_STATIC), 1 (TYPE_SCROLL_SENSITIVE_DYNAMIC), 2 (TYPE_SCROLL_ASENSITIVE). 0 TYPE_SCROLL_SENSITIVE_STATIC 1 TYPE_SCROLL_SENSITIVE_DYNAMIC 2 TYPE_SCROLL_ASENSITIVE
dateFormat	1 2 3 4		JDBC driver property: dateFormat. 1 ISO 2 USA 3 EUR 4 JIS
decimalRoundingMode	1 2 3 4 6		JDBC driver property: decimalRoundingMode. 1 ROUND_DOWN 2 ROUND_CEILING 3 ROUND_HALF_EVEN 4 ROUND_HALF_UP 6 ROUND_FLOOR
decimalSeparator	1 2		JDBC driver property: decimalSeparator. 1 DECIMAL_SEPARATOR_PERIOD 2 DECIMAL_SEPARATOR_COMMA
decimalStringFormat	1 2		JDBC driver property: decimalStringFormat. 1 DECIMAL_STRING_FORMAT_TO_STRING 2 DECIMAL_STRING_FORMAT_TO_PLAIN_STRING
deferPrepares	boolean	true	JDBC driver property: deferPrepares.
downgradeHoldCursorsUnderXa	boolean		JDBC driver property: downgradeHoldCursorsUnderXa.
enableAlternateGroupSeamlessACR	boolean		JDBC driver property: enableAlternateGroupSeamlessACR.
enableBidiLayoutTransformation	boolean		JDBC driver property: enableBidiLayoutTransformation.
enableClientAffinitiesList	1 2		JDBC driver property: enableClientAffinitiesList. Values are: 1 (YES) or 2 (NO). 1 YES 2 NO
enableConnectionConcentrator	boolean		JDBC driver property: enableConnectionConcentrator.
enableExtendedDescribe	1 2		JDBC driver property: enableExtendedDescribe. 1 YES 2 NO
enableExtendedIndicators	1 2		JDBC driver property: enableExtendedIndicators. 1 YES 2 NO
enableMultiRowInsertSupport	boolean		JDBC driver property: enableMultiRowInsertSupport.
enableNamedParameterMarkers	1 2		JDBC driver property: enableNamedParameterMarkers. Values are: 1 (YES) or 2 (NO). 1 YES 2 NO
enableRowsetSupport	1 2		JDBC driver property: enableRowsetSupport. 1 YES 2 NO
enableSeamlessFailover	1 2		JDBC driver property: enableSeamlessFailover. Values are: 1 (YES) or 2 (NO). 1 YES 2 NO
enableSysplexWLB	boolean		JDBC driver property: enableSysplexWLB.
enableT2zosLBF	1 2		JDBC driver property: enableT2zosLBF. 1 YES 2 NO
enableT2zosLBFSPResultSets	1 2		JDBC driver property: enableT2zosLBFSPResultSets. 1 YES 2 NO
enableXACleanTransaction	boolean		JDBC driver property: enableXACleanTransaction.
encryptionAlgorithm	1 2		JDBC driver property: encryptionAlgorithm.
extendedTableInfo	1 2		JDBC driver property: extendedTableInfo. 1 YES 2 NO
fetchSize	int		JDBC driver property: fetchSize.
fullyMaterializeInputStreams	boolean		JDBC driver property: fullyMaterializeInputStreams.
fullyMaterializeInputStreamsOnBatchExecution	1 2		JDBC driver property: fullyMaterializeInputStreamsOnBatchExecution. 1 YES 2 NO
fullyMaterializeLobData	boolean		JDBC driver property: fullyMaterializeLobData.
implicitRollbackOption	0 1 2		JDBC driver property: implicitRollbackOption. 0 IMPLICIT_ROLLBACK_OPTION_NOT_SET 1 IMPLICIT_ROLLBACK_OPTION_NOT_CLOSE_CONNECTION 2 IMPLICIT_ROLLBACK_OPTION_CLOSE_CONNECTION
interruptProcessingMode	0 1 2		JDBC driver property: interruptProcessingMode. 0 INTERRUPT_PROCESSING_MODE_DISABLED 1 INTERRUPT_PROCESSING_MODE_STATEMENT_CANCEL 2 INTERRUPT_PROCESSING_MODE_CLOSE_SOCKET
jdbcCollection	string		JDBC driver property: jdbcCollection.
keepAliveTimeOut	A period of time with second precision		JDBC driver property: keepAliveTimeOut. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
keepDynamic	int		JDBC driver property: keepDynamic.
kerberosServerPrincipal	string		JDBC driver property: kerberosServerPrincipal.
loginTimeout	A period of time with second precision		JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
maxConnCachedParamBufferSize	int		JDBC driver property: maxConnCachedParamBufferSize.
maxRowsetSize	int		JDBC driver property: maxRowsetSize.
maxTransportObjects	int		JDBC driver property: maxTransportObjects.
optimizationProfile	string		JDBC driver property: optimizationProfile.
optimizationProfileToFlush	string		JDBC driver property: optimizationProfileToFlush.
password	Reversably encoded password (string)		It is recommended to use a container managed authentication alias instead of configuring this property.
pkList	string		JDBC driver property: pkList.
profileName	string		JDBC driver property: profileName.
progressiveStreaming	1 2		JDBC driver property: progressiveStreaming. Values are: 1 (YES) or 2 (NO). 1 YES 2 NO
queryCloseImplicit	1 2		JDBC driver property: queryCloseImplicit. Values are: 1 (QUERY_CLOSE_IMPLICIT_YES) or 2 (QUERY_CLOSE_IMPLICIT_NO). 1 QUERY_CLOSE_IMPLICIT_YES 2 QUERY_CLOSE_IMPLICIT_NO
queryDataSize	int Min: 4096 Max: 10485760		JDBC driver property: queryDataSize.
queryTimeoutInterruptProcessingMode	1 2		JDBC driver property: queryTimeoutInterruptProcessingMode. 1 INTERRUPT_PROCESSING_MODE_STATEMENT_CANCEL 2 INTERRUPT_PROCESSING_MODE_CLOSE_SOCKET
readOnly	boolean		JDBC driver property: readOnly.
recordTemporalHistory	1 2		JDBC driver property: recordTemporalHistory. 1 YES 2 NO
reportLongTypes	1 2		JDBC driver property: reportLongTypes. 1 YES 2 NO
resultSetHoldability	1 2		JDBC driver property: resultSetHoldability. Values are: 1 (HOLD_CURSORS_OVER_COMMIT) or 2 (CLOSE_CURSORS_AT_COMMIT). 1 HOLD_CURSORS_OVER_COMMIT 2 CLOSE_CURSORS_AT_COMMIT
resultSetHoldabilityForCatalogQueries	1 2		JDBC driver property: resultSetHoldabilityForCatalogQueries. Values are: 1 (HOLD_CURSORS_OVER_COMMIT) or 2 (CLOSE_CURSORS_AT_COMMIT). 1 HOLD_CURSORS_OVER_COMMIT 2 CLOSE_CURSORS_AT_COMMIT
retrieveMessagesFromServerOnGetMessage	boolean	true	JDBC driver property: retrieveMessagesFromServerOnGetMessage.
retryWithAlternativeSecurityMechanism	1 2		JDBC driver property: retryWithAlternativeSecurityMechanism. 1 YES 2 NO
returnAlias	1 2		JDBC driver property: returnAlias.
securityMechanism	3 4 7 9 11 12 13 15 16 18		JDBC driver property: securityMechanism. Values are: 3 (CLEAR_TEXT_PASSWORD_SECURITY), 4 (USER_ONLY_SECURITY), 7 (ENCRYPTED_PASSWORD_SECURITY), 9 (ENCRYPTED_USER_AND_PASSWORD_SECURITY), 11 (KERBEROS_SECURITY), 12 (ENCRYPTED_USER_AND_DATA_SECURITY), 13 (ENCRYPTED_USER_PASSWORD_AND_DATA_SECURITY), 15 (PLUGIN_SECURITY), 16 (ENCRYPTED_USER_ONLY_SECURITY), 18 (TLS_CLIENT_CERTIFICATE_SECURITY). 3 CLEAR_TEXT_PASSWORD_SECURITY 4 USER_ONLY_SECURITY 7 ENCRYPTED_PASSWORD_SECURITY 9 ENCRYPTED_USER_AND_PASSWORD_SECURITY 11 KERBEROS_SECURITY 12 ENCRYPTED_USER_AND_DATA_SECURITY 13 ENCRYPTED_USER_PASSWORD_AND_DATA_SECURITY 15 PLUGIN_SECURITY 16 ENCRYPTED_USER_ONLY_SECURITY 18 TLS_CLIENT_CERTIFICATE_SECURITY
sendCharInputsUTF8	1 2		JDBC driver property: sendCharInputsUTF8. 1 YES 2 NO
sendDataAsIs	boolean		JDBC driver property: sendDataAsIs.
serverBidiStringType	4 5 6 7 8 9 10 11		JDBC driver property: serverBidiStringType. 4 BIDI_ST4 5 BIDI_ST5 6 BIDI_ST6 7 BIDI_ST7 8 BIDI_ST8 9 BIDI_ST9 10 BIDI_ST10 11 BIDI_ST11
sessionTimeZone	string		JDBC driver property: sessionTimeZone.
sqljCloseStmtsWithOpenResultSet	boolean		JDBC driver property: sqljCloseStmtsWithOpenResultSet.
sqljEnableClassLoaderSpecificProfiles	boolean		JDBC driver property: sqljEnableClassLoaderSpecificProfiles.
ssid	string		JDBC driver property: ssid.
sslCertLocation	string		JDBC driver property: sslCertLocation.
sslConnection	boolean		JDBC driver property: sslConnection.
sslKeyStoreLocation	string		JDBC driver property: sslKeyStoreLocation.
sslKeyStorePassword	Reversably encoded password (string)		JDBC driver property: sslKeyStorePassword.
sslKeyStoreType	string		JDBC driver property: sslKeyStoreType.
sslTrustStoreLocation	string		JDBC driver property: sslTrustStoreLocation.
sslTrustStorePassword	Reversably encoded password (string)		JDBC driver property: sslTrustStorePassword.
sslTrustStoreType	string		JDBC driver property: sslTrustStoreType.
statementConcentrator	1 2		JDBC driver property: statementConcentrator. 1 STATEMENT_CONCENTRATOR_OFF 2 STATEMENT_CONCENTRATOR_WITH_LITERALS
streamBufferSize	int		JDBC driver property: streamBufferSize.
stripTrailingZerosForDecimalNumbers	1 2		JDBC driver property: stripTrailingZerosForDecimalNumbers. 1 YES 2 NO
sysSchema	string		JDBC driver property: sysSchema.
timeFormat	1 2 3 4		JDBC driver property: timeFormat. 1 ISO 2 USA 3 EUR 4 JIS
timerLevelForQueryTimeOut	-1 1 2		JDBC driver property: timerLevelForQueryTimeOut. -1 QUERYTIMEOUT_DISABLED 1 QUERYTIMEOUT_STATEMENT_LEVEL 2 QUERYTIMEOUT_CONNECTION_LEVEL
timestampFormat	1 5		JDBC driver property: timestampFormat. 1 ISO 5 JDBC
timestampOutputType	1 2		JDBC driver property: timestampOutputType. 1 JDBC_TIMESTAMP 2 JCC_DBTIMESTAMP
timestampPrecisionReporting	1 2		JDBC driver property: timestampPrecisionReporting. 1 TIMESTAMP_JDBC_STANDARD 2 TIMESTAMP_ZERO_PADDING
traceDirectory	string		JDBC driver property: traceDirectory.
traceFile	string		JDBC driver property: traceFile.
traceFileAppend	boolean		JDBC driver property: traceFileAppend.
traceFileCount	int		JDBC driver property: traceFileCount.
traceFileSize	int		JDBC driver property: traceFileSize.
traceLevel	int	0	Bitwise combination of the following constant values: TRACE_NONE=0, TRACE_CONNECTION_CALLS=1, TRACE_STATEMENT_CALLS=2, TRACE_RESULT_SET_CALLS=4, TRACE_DRIVER_CONFIGURATION=16, TRACE_CONNECTS=32, TRACE_DRDA_FLOWS=64, TRACE_RESULT_SET_META_DATA=128, TRACE_PARAMETER_META_DATA=256, TRACE_DIAGNOSTICS=512, TRACE_SQLJ=1024, TRACE_META_CALLS=8192, TRACE_DATASOURCE_CALLS=16384, TRACE_LARGE_OBJECT_CALLS=32768, TRACE_SYSTEM_MONITOR=131072, TRACE_TRACEPOINTS=262144, TRACE_ALL=-1.
traceOption	0 1		JDBC driver property: traceOption
translateForBitData	1 2		JDBC driver property: translateForBitData. 1 HEX_REPRESENTATION 2 SERVER_ENCODING_REPRESENTATION
updateCountForBatch	1 2		JDBC driver property: updateCountForBatch. 1 NO_UPDATE_COUNT 2 TOTAL_UPDATE_COUNT
useCachedCursor	boolean		JDBC driver property: useCachedCursor.
useIdentityValLocalForAutoGeneratedKeys	boolean		JDBC driver property: useIdentityValLocalForAutoGeneratedKeys.
useJDBC41DefinitionForGetColumns	1 2		JDBC driver property: useJDBC41DefinitionForGetColumns. 1 YES 2 NO
useJDBC4ColumnNameAndLabelSemantics	1 2		JDBC driver property: useJDBC4ColumnNameAndLabelSemantics. Values are: 1 (YES) or 2 (NO). 1 YES 2 NO
useRowsetCursor	boolean		JDBC driver property: useRowsetCursor.
useTransactionRedirect	boolean		JDBC driver property: useTransactionRedirect.
user	string		It is recommended to use a container managed authentication alias instead of configuring this property.
xaNetworkOptimization	boolean		JDBC driver property: xaNetworkOptimization.
xmlFormat	0 1		JDBC driver property: xmlFormat. 0 XML_FORMAT_TEXTUAL 1 XML_FORMAT_BINARY
Automatic Client Reroute Properties
affinityFailbackInterval	A period of time with second precision		JDBC driver property: affinityFailbackInterval. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
clientRerouteAlternatePortNumber	string		JDBC driver property: clientRerouteAlternatePortNumber.
clientRerouteAlternateServerName	string		JDBC driver property: clientRerouteAlternateServerName.
maxRetriesForClientReroute	int		JDBC driver property: maxRetriesForClientReroute.
memberConnectTimeout	A period of time with second precision		JDBC driver property: memberConnectTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
retryIntervalForClientReroute	A period of time with second precision		JDBC driver property: retryIntervalForClientReroute. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.

oauthProvider > databaseStore > dataSource > properties.derby.client

Data source properties for Derby Network Client JDBC driver.

Name	Type	Default	Description
createDatabase	create false		JDBC driver property: createDatabase. create When the first connection is established, automatically create the database if it doesn't exist. false Do not automatically create the database.
databaseName	string		JDBC driver property: databaseName. This property is ignored by the driver if a URL is configured.
portNumber	int	1527	JDBC driver property: portNumber. This property is ignored by the driver if a URL is configured.
serverName	string	localhost	JDBC driver property: serverName. This property is ignored by the driver if a URL is configured.
Advanced Properties
connectionAttributes	string		JDBC driver property: connectionAttributes.
loginTimeout	A period of time with second precision		JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
password	Reversably encoded password (string)		It is recommended to use a container managed authentication alias instead of configuring this property.
retrieveMessageText	boolean	true	JDBC driver property: retrieveMessageText.
securityMechanism	3 4 7 8 9	3	JDBC driver property: securityMechanism. Values are: 3 (CLEAR_TEXT_PASSWORD_SECURITY), 4 (USER_ONLY_SECURITY), 7 (ENCRYPTED_PASSWORD_SECURITY), 8 (STRONG_PASSWORD_SUBSTITUTE_SECURITY), 9 (ENCRYPTED_USER_AND_PASSWORD_SECURITY). 3 CLEAR_TEXT_PASSWORD_SECURITY 4 USER_ONLY_SECURITY 7 ENCRYPTED_PASSWORD_SECURITY 8 STRONG_PASSWORD_SUBSTITUTE_SECURITY 9 ENCRYPTED_USER_AND_PASSWORD_SECURITY
shutdownDatabase	false shutdown		JDBC driver property: shutdownDatabase. false Do not shut down the database. shutdown Shut down the database when a connection is attempted.
ssl	basic off peerAuthentication		JDBC driver property: ssl.
traceDirectory	string		JDBC driver property: traceDirectory.
traceFile	string		JDBC driver property: traceFile.
traceFileAppend	boolean		JDBC driver property: traceFileAppend.
traceLevel	int		Bitwise combination of the following constant values: TRACE_NONE=0, TRACE_CONNECTION_CALLS=1, TRACE_STATEMENT_CALLS=2, TRACE_RESULT_SET_CALLS=4, TRACE_DRIVER_CONFIGURATION=16, TRACE_CONNECTS=32, TRACE_DRDA_FLOWS=64, TRACE_RESULT_SET_META_DATA=128, TRACE_PARAMETER_META_DATA=256, TRACE_DIAGNOSTICS=512, TRACE_XA_CALLS=2048, TRACE_ALL=-1.
user	string		It is recommended to use a container managed authentication alias instead of configuring this property.

oauthProvider > databaseStore > dataSource > properties.derby.embedded

Data source properties for Derby Embedded JDBC driver.

Name	Type	Default	Description
createDatabase	create false		JDBC driver property: createDatabase. create When the first connection is established, automatically create the database if it doesn't exist. false Do not automatically create the database.
databaseName	string		JDBC driver property: databaseName. This property is ignored by the driver if a URL is configured.
Advanced Properties
connectionAttributes	string		JDBC driver property: connectionAttributes.
loginTimeout	A period of time with second precision		JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
password	Reversably encoded password (string)		It is recommended to use a container managed authentication alias instead of configuring this property.
shutdownDatabase	false shutdown		JDBC driver property: shutdownDatabase. false Do not shut down the database. shutdown Shut down the database when a connection is attempted.
user	string		It is recommended to use a container managed authentication alias instead of configuring this property.

oauthProvider > databaseStore > dataSource > properties.informix

Data source properties for the Informix JDBC driver.

Name	Type	Default	Description
databaseName	string		JDBC driver property: databaseName.
ifxIFXHOST	string	localhost	JDBC driver property: ifxIFXHOST.
portNumber	int	1526	Port on which to obtain database connections.
serverName	string		Server where the database is running.
Advanced Properties
ifxCLIENT_LOCALE	string		JDBC driver property: ifxCLIENT_LOCALE.
ifxDBANSIWARN	boolean		JDBC driver property: ifxDBANSIWARN.
ifxDBCENTURY	string		JDBC driver property: ifxDBCENTURY.
ifxDBDATE	string		JDBC driver property: ifxDBDATE.
ifxDBSPACETEMP	string		JDBC driver property: ifxDBSPACETEMP.
ifxDBTEMP	string		JDBC driver property: ifxDBTEMP.
ifxDBTIME	string		JDBC driver property: ifxDBTIME.
ifxDBUPSPACE	string		JDBC driver property: ifxDBUPSPACE.
ifxDB_LOCALE	string		JDBC driver property: ifxDB_LOCALE.
ifxDELIMIDENT	boolean		JDBC driver property: ifxDELIMIDENT.
ifxENABLE_TYPE_CACHE	boolean		JDBC driver property: ifxENABLE_TYPE_CACHE.
ifxFET_BUF_SIZE	int		JDBC driver property: ifxFET_BUF_SIZE.
ifxGL_DATE	string		JDBC driver property: ifxGL_DATE.
ifxGL_DATETIME	string		JDBC driver property: ifxGL_DATETIME.
ifxIFX_AUTOFREE	boolean		JDBC driver property: ifxIFX_AUTOFREE.
ifxIFX_DIRECTIVES	string		JDBC driver property: ifxIFX_DIRECTIVES.
ifxIFX_LOCK_MODE_WAIT	A period of time with second precision	2s	JDBC driver property: ifxIFX_LOCK_MODE_WAIT. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
ifxIFX_SOC_TIMEOUT	A period of time with millisecond precision		JDBC driver property: ifxIFX_SOC_TIMEOUT. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.
ifxIFX_USEPUT	boolean		JDBC driver property: ifxIFX_USEPUT.
ifxIFX_USE_STRENC	boolean		JDBC driver property: ifxIFX_USE_STRENC.
ifxIFX_XASPEC	string	y	JDBC driver property: ifxIFX_XASPEC.
ifxINFORMIXCONRETRY	int		JDBC driver property: ifxINFORMIXCONRETRY.
ifxINFORMIXCONTIME	A period of time with second precision		JDBC driver property: ifxINFORMIXCONTIME. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
ifxINFORMIXOPCACHE	string		JDBC driver property: ifxINFORMIXOPCACHE.
ifxINFORMIXSTACKSIZE	int		JDBC driver property: ifxINFORMIXSTACKSIZE.
ifxJDBCTEMP	string		JDBC driver property: ifxJDBCTEMP.
ifxLDAP_IFXBASE	string		JDBC driver property: ifxLDAP_IFXBASE.
ifxLDAP_PASSWD	string		JDBC driver property: ifxLDAP_PASSWD.
ifxLDAP_URL	string		JDBC driver property: ifxLDAP_URL.
ifxLDAP_USER	string		JDBC driver property: ifxLDAP_USER.
ifxLOBCACHE	int		JDBC driver property: ifxLOBCACHE.
ifxNEWCODESET	string		JDBC driver property: ifxNEWCODESET.
ifxNEWLOCALE	string		JDBC driver property: ifxNEWLOCALE.
ifxNODEFDAC	string		JDBC driver property: ifxNODEFDAC.
ifxOPTCOMPIND	string		JDBC driver property: ifxOPTCOMPIND.
ifxOPTOFC	string		JDBC driver property: ifxOPTOFC.
ifxOPT_GOAL	string		JDBC driver property: ifxOPT_GOAL.
ifxPATH	string		JDBC driver property: ifxPATH.
ifxPDQPRIORITY	string		JDBC driver property: ifxPDQPRIORITY.
ifxPLCONFIG	string		JDBC driver property: ifxPLCONFIG.
ifxPLOAD_LO_PATH	string		JDBC driver property: ifxPLOAD_LO_PATH.
ifxPROTOCOLTRACE	int		JDBC driver property: ifxPROTOCOLTRACE.
ifxPROTOCOLTRACEFILE	string		JDBC driver property: ifxPROTOCOLTRACEFILE.
ifxPROXY	string		JDBC driver property: ifxPROXY.
ifxPSORT_DBTEMP	string		JDBC driver property: ifxPSORT_DBTEMP.
ifxPSORT_NPROCS	boolean		JDBC driver property: ifxPSORT_NPROCS.
ifxSECURITY	string		JDBC driver property: ifxSECURITY.
ifxSQLH_FILE	string		JDBC driver property: ifxSQLH_FILE.
ifxSQLH_LOC	string		JDBC driver property: ifxSQLH_LOC.
ifxSQLH_TYPE	string		JDBC driver property: ifxSQLH_TYPE.
ifxSSLCONNECTION	string		JDBC driver property: ifxSSLCONNECTION.
ifxSTMT_CACHE	string		JDBC driver property: ifxSTMT_CACHE.
ifxTRACE	int		JDBC driver property: ifxTRACE.
ifxTRACEFILE	string		JDBC driver property: ifxTRACEFILE.
ifxTRUSTED_CONTEXT	string		JDBC driver property: ifxTRUSTED_CONTEXT.
ifxUSEV5SERVER	boolean		JDBC driver property: ifxUSEV5SERVER.
ifxUSE_DTENV	boolean		JDBC driver property: ifxUSE_DTENV.
loginTimeout	A period of time with second precision		JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
password	Reversably encoded password (string)		It is recommended to use a container managed authentication alias instead of configuring this property.
roleName	string		JDBC driver property: roleName.
user	string		It is recommended to use a container managed authentication alias instead of configuring this property.
Informix Connection Pool Properties
ifxCPMAgeLimit	A period of time with second precision		JDBC driver property: ifxCPMAgeLimit. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
ifxCPMInitPoolSize	int		JDBC driver property: ifxCPMInitPoolSize.
ifxCPMMaxConnections	int		JDBC driver property: ifxCPMMaxConnections.
ifxCPMMaxPoolSize	int		JDBC driver property: ifxCPMMaxPoolSize.
ifxCPMMinAgeLimit	A period of time with second precision		JDBC driver property: ifxCPMMinAgeLimit. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
ifxCPMMinPoolSize	int		JDBC driver property: ifxCPMMinPoolSize.
ifxCPMServiceInterval	A period of time with millisecond precision		JDBC driver property: ifxCPMServiceInterval. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.

oauthProvider > databaseStore > dataSource > properties.informix.jcc

Data source properties for the IBM Data Server Driver for JDBC and SQLJ for Informix.

Name	Type	Default	Description
databaseName	string		JDBC driver property: databaseName.
portNumber	int	1526	Port on which to obtain database connections.
serverName	string	localhost	Server where the database is running.
Advanced Properties
DBANSIWARN	boolean		JDBC driver property: DBANSIWARN.
DBDATE	string		JDBC driver property: DBDATE.
DBPATH	string		JDBC driver property: DBPATH.
DBSPACETEMP	string		JDBC driver property: DBSPACETEMP.
DBTEMP	string		JDBC driver property: DBTEMP.
DBUPSPACE	string		JDBC driver property: DBUPSPACE.
DELIMIDENT	boolean		JDBC driver property: DELIMIDENT.
IFX_DIRECTIVES	OFF ON		JDBC driver property: IFX_DIRECTIVES.
IFX_EXTDIRECTIVES	OFF ON		JDBC driver property: IFX_EXTDIRECTIVES.
IFX_UPDDESC	string		JDBC driver property: IFX_UPDDESC.
IFX_XASTDCOMPLIANCE_XAEND	0 1		JDBC driver property: IFX_XASTDCOMPLIANCE_XAEND.
INFORMIXOPCACHE	string		JDBC driver property: INFORMIXOPCACHE.
INFORMIXSTACKSIZE	string		JDBC driver property: INFORMIXSTACKSIZE.
NODEFDAC	no yes		JDBC driver property: NODEFDAC.
OPTCOMPIND	0 1 2		JDBC driver property: OPTCOMPIND.
OPTOFC	0 1		JDBC driver property: OPTOFC.
PDQPRIORITY	HIGH LOW OFF		JDBC driver property: PDQPRIORITY.
PSORT_DBTEMP	string		JDBC driver property: PSORT_DBTEMP.
PSORT_NPROCS	string Max: 10		JDBC driver property: PSORT_NPROCS.
STMT_CACHE	0 1		JDBC driver property: STMT_CACHE.
currentLockTimeout	A period of time with second precision	2s	JDBC driver property: currentLockTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
deferPrepares	boolean		JDBC driver property: deferPrepares.
driverType	int	4	JDBC driver property: driverType.
enableNamedParameterMarkers	int		JDBC driver property: enableNamedParameterMarkers. Values are: 1 (YES) or 2 (NO).
enableSeamlessFailover	int		JDBC driver property: enableSeamlessFailover. Values are: 1 (YES) or 2 (NO).
enableSysplexWLB	boolean		JDBC driver property: enableSysplexWLB.
fetchSize	int		JDBC driver property: fetchSize.
fullyMaterializeLobData	boolean		JDBC driver property: fullyMaterializeLobData.
keepDynamic	int		JDBC driver property: keepDynamic.
loginTimeout	A period of time with second precision		JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
password	Reversably encoded password (string)		It is recommended to use a container managed authentication alias instead of configuring this property.
progressiveStreaming	1 2		JDBC driver property: progressiveStreaming. Values are: 1 (YES) or 2 (NO). 1 YES 2 NO
queryDataSize	int Min: 4096 Max: 10485760		JDBC driver property: queryDataSize.
resultSetHoldability	1 2		JDBC driver property: resultSetHoldability. Values are: 1 (HOLD_CURSORS_OVER_COMMIT) or 2 (CLOSE_CURSORS_AT_COMMIT). 1 HOLD_CURSORS_OVER_COMMIT 2 CLOSE_CURSORS_AT_COMMIT
resultSetHoldabilityForCatalogQueries	1 2		JDBC driver property: resultSetHoldabilityForCatalogQueries. Values are: 1 (HOLD_CURSORS_OVER_COMMIT) or 2 (CLOSE_CURSORS_AT_COMMIT). 1 HOLD_CURSORS_OVER_COMMIT 2 CLOSE_CURSORS_AT_COMMIT
retrieveMessagesFromServerOnGetMessage	boolean	true	JDBC driver property: retrieveMessagesFromServerOnGetMessage.
securityMechanism	3 4 7 9		JDBC driver property: securityMechanism. Values are: 3 (CLEAR_TEXT_PASSWORD_SECURITY), 4 (USER_ONLY_SECURITY), 7 (ENCRYPTED_PASSWORD_SECURITY), 9 (ENCRYPTED_USER_AND_PASSWORD_SECURITY). 3 CLEAR_TEXT_PASSWORD_SECURITY 4 USER_ONLY_SECURITY 7 ENCRYPTED_PASSWORD_SECURITY 9 ENCRYPTED_USER_AND_PASSWORD_SECURITY
traceDirectory	string		JDBC driver property: traceDirectory.
traceFile	string		JDBC driver property: traceFile.
traceFileAppend	boolean		JDBC driver property: traceFileAppend.
traceLevel	int		Bitwise combination of the following constant values: TRACE_NONE=0, TRACE_CONNECTION_CALLS=1, TRACE_STATEMENT_CALLS=2, TRACE_RESULT_SET_CALLS=4, TRACE_DRIVER_CONFIGURATION=16, TRACE_CONNECTS=32, TRACE_DRDA_FLOWS=64, TRACE_RESULT_SET_META_DATA=128, TRACE_PARAMETER_META_DATA=256, TRACE_DIAGNOSTICS=512, TRACE_SQLJ=1024, TRACE_META_CALLS=8192, TRACE_DATASOURCE_CALLS=16384, TRACE_LARGE_OBJECT_CALLS=32768, TRACE_SYSTEM_MONITOR=131072, TRACE_TRACEPOINTS=262144, TRACE_ALL=-1.
useJDBC4ColumnNameAndLabelSemantics	int		JDBC driver property: useJDBC4ColumnNameAndLabelSemantics. Values are: 1 (YES) or 2 (NO).
user	string		It is recommended to use a container managed authentication alias instead of configuring this property.

oauthProvider > databaseStore > dataSource > properties.microsoft.sqlserver

Data source properties for Microsoft SQL Server JDBC Driver.

Name	Type	Default	Description
databaseName	string		JDBC driver property: databaseName. This property overrides the databaseName specified in the URL if one was configured.
instanceName	string		JDBC driver property: instanceName. This property overrides the instanceName specified in the URL if one was configured.
portNumber	int		JDBC driver property: portNumber. This property overrides the portNumber specified in the URL if one was configured.
serverName	string		JDBC driver property: serverName. This property overrides the serverName specified in the URL if one was configured.
Advanced Properties
URL	string		URL for connecting to the database. Example: jdbc:sqlserver://localhost:1433;databaseName=myDB.
accessToken	Reversably encoded password (string)		JDBC driver property: accessToken.
applicationIntent	ReadOnly ReadWrite		JDBC driver property: applicationIntent.
applicationName	string		JDBC driver property: applicationName.
authentication	ActiveDirectoryDefault ActiveDirectoryIntegrated ActiveDirectoryMSI ActiveDirectoryPassword NotSpecified SqlPassword		JDBC driver property: authentication.
authenticationScheme	JavaKerberos NTLM NativeAuthentication		JDBC driver property: authenticationScheme.
columnEncryptionSet	Disabled Enabled		JDBC driver property: columnEncryptionSet.
encrypt	boolean		JDBC driver property: encrypt.
failoverPartner	string		JDBC driver property: failoverPartner.
hostNameInCertificate	string		JDBC driver property: hostNameInCertificate.
integratedSecurity	boolean		JDBC driver property: integratedSecurity.
keyStoreAuthentication	JavaKeyStorePassword		JDBC driver property: keyStoreAuthentication.
keyStoreLocation	Path to a file		JDBC driver property: keyStoreLocation.
keyStoreSecret	Reversably encoded password (string)		JDBC driver property: keyStoreSecret.
lastUpdateCount	boolean		JDBC driver property: lastUpdateCount.
lockTimeout	A period of time with millisecond precision		JDBC driver property: lockTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.
loginTimeout	A period of time with second precision		JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
multiSubnetFailover	boolean		JDBC driver property: multiSubnetFailover.
packetSize	int Min: -1 Max: 32767		JDBC driver property: packetSize.
password	Reversably encoded password (string)		It is recommended to use a container managed authentication alias instead of configuring this property.
responseBuffering	adaptive full		JDBC driver property: responseBuffering.
selectMethod	cursor direct		JDBC driver property: selectMethod.
sendStringParametersAsUnicode	boolean	false	JDBC driver property: sendStringParametersAsUnicode.
sendTimeAsDatetime	boolean		JDBC driver property: sendTimeAsDatetime.
serverNameAsACE	boolean		JDBC driver property: serverNameAsACE.
serverSpn	string		JDBC driver property: serverSpn.
transparentNetworkIPResolution	boolean		JDBC driver property: transparentNetworkIPResolution.
trustServerCertificate	boolean		JDBC driver property: trustServerCertificate.
trustStore	string		JDBC driver property: trustStore.
trustStorePassword	Reversably encoded password (string)		JDBC driver property: trustStorePassword.
user	string		It is recommended to use a container managed authentication alias instead of configuring this property.
workstationID	string		JDBC driver property: workstationID.
xopenStates	boolean		JDBC driver property: xopenStates.

oauthProvider > databaseStore > dataSource > properties.oracle

Data source properties for Oracle JDBC driver.

Name	Type	Default	Description
URL	string		JDBC driver property: URL. URL for connecting to the database. If a URL is configured, the Oracle JDBC driver ignores individual connection properties such as serverName and driverType. Oracle JDBC driver updates might impact this behavior. Examples: jdbc:oracle:thin:@//localhost:1521/sample or jdbc:oracle:oci:@//localhost:1521/sample.
databaseName	string		JDBC driver property: databaseName. This property is ignored by the driver if a URL is configured.
driverType	oci thin	thin	JDBC driver property: driverType.
portNumber	int	1521	JDBC driver property: portNumber. This property is ignored by the driver if a URL is configured.
serverName	string	localhost	JDBC driver property: serverName. This property is ignored by the driver if a URL is configured.
Advanced Properties
ONSConfiguration	string		JDBC driver property: ONSConfiguration.
TNSEntryName	string		JDBC driver property: TNSEntryName.
connectionProperties	string		JDBC driver property: connectionProperties. Encrypted values can be configured for the javax.net.ssl.keyStorePassword and javax.net.ssl.trustStorePassword SSL properties using the same process used for other data source passwords.
loginTimeout	A period of time with second precision		JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
networkProtocol	string		JDBC driver property: networkProtocol.
password	Reversably encoded password (string)		It is recommended to use a container managed authentication alias instead of configuring this property.
roleName	string		JDBC driver property: roleName.
serviceName	string		JDBC driver property: serviceName. This property is ignored by the driver if a URL is configured.
user	string		It is recommended to use a container managed authentication alias instead of configuring this property.

oauthProvider > databaseStore > dataSource > properties.oracle.ucp

Data source properties for Oracle Universal Connection Pooling.

Name	Type	Default	Description
URL	string		JDBC driver property: URL. URL for connecting to the database. If a URL is configured, the Oracle JDBC driver ignores individual connection properties such as serverName and driverType. Oracle JDBC driver updates might impact this behavior. Examples: jdbc:oracle:thin:@//localhost:1521/sample or jdbc:oracle:oci:@//localhost:1521/sample.
connectionFactoryClassName	oracle.jdbc.pool.OracleConnectionPoolDataSource oracle.jdbc.pool.OracleDataSource oracle.jdbc.replay.OracleConnectionPoolDataSourceImpl oracle.jdbc.replay.OracleDataSourceImpl oracle.jdbc.replay.OracleXADataSourceImpl oracle.jdbc.xa.client.OracleXADataSource		JDBC driver property: connectionFactoryClassName.
connectionPoolName	string		JDBC driver property: connectionPoolName.
databaseName	string		JDBC driver property: databaseName. This property is ignored by the driver if a URL is configured.
portNumber	int	1521	JDBC driver property: portNumber. This property is ignored by the driver if a URL is configured.
serverName	string	localhost	JDBC driver property: serverName. This property is ignored by the driver if a URL is configured.
Advanced Properties
ONSConfiguration	string		JDBC driver property: ONSConfiguration.
SQLForValidateConnection	string		JDBC driver property: SQLForValidateConnection.
abandonedConnectionTimeout	A period of time with second precision		JDBC driver property: abandonedConnectionTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
connectionFactoryProperties	string		JDBC driver property: connectionFactoryProperties.
connectionHarvestMaxCount	int		JDBC driver property: connectionHarvestMaxCount.
connectionHarvestTriggerCount	int		JDBC driver property: connectionHarvestTriggerCount.
connectionProperties	string		JDBC driver property: connectionProperties. Encrypted values can be configured for the javax.net.ssl.keyStorePassword and javax.net.ssl.trustStorePassword SSL properties using the same process used for other data source passwords.
connectionWaitTimeout	A period of time with second precision		JDBC driver property: connectionWaitTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
fastConnectionFailoverEnabled	boolean		JDBC driver property: fastConnectionFailoverEnabled.
initialPoolSize	int		JDBC driver property: initialPoolSize.
loginTimeout	A period of time with second precision		JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
maxConnectionReuseCount	int		JDBC driver property: maxConnectionReuseCount.
maxConnectionReuseTime	A period of time with second precision		JDBC driver property: maxConnectionReuseTime. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
maxConnectionsPerShard	int		JDBC driver property: maxConnectionsPerShard.
maxIdleTime	A period of time with second precision		JDBC driver property: maxIdleTime. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
maxPoolSize	int		JDBC driver property: maxPoolSize.
maxStatements	int		JDBC driver property: maxStatements.
minPoolSize	int		JDBC driver property: minPoolSize.
networkProtocol	string		JDBC driver property: networkProtocol.
password	Reversably encoded password (string)		It is recommended to use a container managed authentication alias instead of configuring this property.
roleName	string		JDBC driver property: roleName.
secondsToTrustIdleConnection	A period of time with second precision		JDBC driver property: secondsToTrustIdleConnection. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
timeToLiveConnectionTimeout	A period of time with second precision		JDBC driver property: timeToLiveConnectionTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
timeoutCheckInterval	A period of time with second precision		JDBC driver property: timeoutCheckInterval. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
user	string		It is recommended to use a container managed authentication alias instead of configuring this property.
validateConnectionOnBorrow	boolean		JDBC driver property: validateConnectionOnBorrow.

oauthProvider > databaseStore > dataSource > properties.postgresql

Data source properties for PostgreSQL JDBC driver.

Name	Type	Default	Description
databaseName	string		JDBC driver property: databaseName. When the PostgreSQL driver uses type java.sql.Driver and a URL and this property are configured, the PostgreSQL driver ignores this property. When the PostgreSQL driver uses type javax.sql.DataSource, and a URL and this property are configured, the PostgreSQL driver ignores the databaseName property.
portNumber	int		JDBC driver property: portNumber. When the PostgreSQL driver uses type java.sql.Driver and a URL and this property are configured, the PostgreSQL driver ignores this property. When the PostgreSQL driver uses type javax.sql.DataSource, and a URL and this property are configured, the PostgreSQL driver ignores the portNumber property.
serverName	string		JDBC driver property: serverName. When the PostgreSQL driver uses type java.sql.Driver and a URL and this property are configured, the PostgreSQL driver ignores this property. When the PostgreSQL driver uses type javax.sql.DataSource, and a URL and this property are configured, the PostgreSQL driver ignores the serverName property.
Advanced Properties
URL	string		URL for connecting to the database.
applicationName	string		JDBC driver property: applicationName.
cancelSignalTimeout	A period of time with second precision		JDBC driver property: cancelSignalTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
connectTimeout	A period of time with second precision		JDBC driver property: connectTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
currentSchema	string		JDBC driver property: currentSchema.
defaultRowFetchSize	int Min: 0		JDBC driver property: defaultRowFetchSize.
loginTimeout	A period of time with second precision		JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
password	Reversably encoded password (string)		It is recommended to use a container managed authentication alias instead of configuring this property.
preparedStatementCacheQueries	int Min: 0	0	JDBC driver property: preparedStatementCacheQueries.
readOnly	boolean		JDBC driver property: readOnly.
socketTimeout	A period of time with second precision		JDBC driver property: socketTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
ssl	boolean		JDBC driver property: ssl.
sslCert	A file, directory or url.		JDBC driver property: sslCert.
sslKey	A file, directory or url.		JDBC driver property: sslKey.
sslMode	allow disable prefer require verify-ca verify-full		JDBC driver property: sslMode.
sslPassword	Reversably encoded password (string)		JDBC driver property: sslPassword.
sslRootCert	A file, directory or url.		JDBC driver property: sslRootCert.
sslfactory	string		JDBC driver property: sslfactory.
targetServerType	string		JDBC driver property: targetServerType.
tcpKeepAlive	boolean		JDBC driver property: tcpKeepAlive.
user	string		It is recommended to use a container managed authentication alias instead of configuring this property.

oauthProvider > databaseStore > dataSource > properties.sybase

Data source properties for Sybase JDBC driver.

Name	Type	Default	Description
databaseName	string Required		JDBC driver property: databaseName.
portNumber	int	5000	Port on which to obtain database connections.
serverName	string	localhost	Server where the database is running.
Advanced Properties
SERVER_INITIATED_TRANSACTIONS	false true	false	JDBC driver property: SERVER_INITIATED_TRANSACTIONS.
connectionProperties	string	SELECT_OPENS_CURSOR=true	JDBC driver property: connectionProperties. Encrypted values can be configured for the javax.net.ssl.keyStorePassword and javax.net.ssl.trustStorePassword SSL properties using the same process used for other data source passwords.
loginTimeout	A period of time with second precision		JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
networkProtocol	SSL socket		JDBC driver property: networkProtocol.
password	Reversably encoded password (string)		It is recommended to use a container managed authentication alias instead of configuring this property.
resourceManagerName	string		JDBC driver property: resourceManagerName.
user	string		It is recommended to use a container managed authentication alias instead of configuring this property.
version	int		JDBC driver property: version.

oauthProvider > databaseStore > dataSource > recoveryAuthData

Authentication data for transaction recovery.

Name	Type	Default	Description
krb5Principal	string		The name of the Kerberos principal name or Kerberos service name to be used.
krb5TicketCache	Path to a file		The file location where Kerberos credentials for the Kerberos principal name or service name will be stored. Also known as the Kerberos credential cache (ccache)
password	Reversably encoded password (string)		Password of the user to use when connecting to the EIS. The value can be stored in clear text or encoded form. IBM recommends encoding the password using the securityUtility tool with the encode option.
user	string		Name of the user to use when connecting to the EIS.

oauthProvider > jwtGrantType

The grant_type for JWT Token handler

Name	Type	Default	Description
clockSkew	A period of time with second precision	300s	The time difference allowed between OpenID Connect Client and OpenID Connect Provider systems when they are not synchronized. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
iatRequired	boolean	false	The iat claim in a jwt token is required.
maxJtiCacheSize	long Min: 1	10000	The maximum size of cache, which keeps jti data of jwt token, to prevent the jti from being reused.
tokenMaxLifetime	A period of time with second precision	7200s	The time indicates the maximum lifetime of an alive jwt token since its issued-at-time. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.

oauthProvider > library

Reference to shared library containing the mediator plugin class.

Name	Type	Default	Description
apiTypeVisibility	string	spec,ibm-api,api,stable	The types of API packages that this class loader supports. This value is a comma-separated list of any combination of the following API packages: spec, ibm-api, api, stable, third-party.
description	string		Description of shared library for administrators
filesetRef	List of references to top level fileset elements (comma-separated string).		Specifies a set of JAR or ZIP files to include in the class path for this library
name	string		Name of shared library for administrators

oauthProvider > library > file

Add a JAR or ZIP file to include in the class path for this library. Classes and resources that are contained in the specified JAR or ZIP are available to load for this library.

Name	Type	Default	Description
id	string		A unique configuration ID.
name	Path to a file Required		The path to a file can be a fully qualified path or a relative path. Relative paths are relative to the value of the ${server.config.dir} property.

oauthProvider > library > fileset

Specifies a set of JAR or ZIP files to include in the class path for this library

Name	Type	Default	Description
caseSensitive	boolean	true	Boolean to indicate whether or not the search should be case sensitive (default: true).
dir	Path to a directory	${server.config.dir}	The base directory to search for files.
excludes	string		The comma or space separated list of file name patterns to exclude from the search results, by default no files are excluded.
id	string		A unique configuration ID.
includes	string	*	The comma or space separated list of file name patterns to include in the search results (default: *).
scanInterval	A period of time with millisecond precision	0	The scanning interval to determine whether files are added or removed from the fileset. The individual files are not scanned. The suffix for the interval of time is h-hour, m-minute, s-second, and ms-millisecond, for example, 2ms or 5s. The scanning interval is disabled by default and is disabled manually by setting the scan interval, scanInterval, to 0. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.

oauthProvider > library > folder

Add a folder to include in the class path for this library. Classes and resources that are contained in the specified folder and its subfolders are available to load for this library. JAR and ZIP files that are contained in the specified folder are not added to the class path for this library.

Name	Type	Default	Description
dir	Path to a directory Required		The path to a folder can be a fully qualified path or a relative path. Relative paths are relative to the value of the ${server.config.dir} property.
id	string		A unique configuration ID.

oauthProvider > library > path

Add a JAR file, ZIP file or folder to include in the class path for this library. If the specified path is a JAR or ZIP file, then classes and resources that are contained in the specified JAR or ZIP file are available to load for this library. If the specified path is a folder, then classes and resources that are contained in the specified folder and its subfolders are available to load for this library. JAR and ZIP files contained in the specified folder are not added to the class path for this library.

Name	Type	Default	Description
id	string		A unique configuration ID.
name	A file, directory or url. Required		The path can be a fully qualified path or a relative path. Relative paths are relative to the value of the ${server.config.dir} property.

oauthProvider > localStore

Clients are defined in server.xml and tokens are cached in the server.

Name	Type	Default	Description
tokenStoreSize	long	2000	Token store size

oauthProvider > localStore > client

A unique configuration ID.

Name	Type	Default	Description
allowRegexpRedirects	boolean	false	Allow redirect URLs to contain regular expressions. The default is false.
appPasswordAllowed	boolean	false	When set to true, the OAuth client is allowed to request application passwords.
appTokenAllowed	boolean	false	When set to true, the OAuth client is allowed to request application tokens.
applicationType	native web	web	The type of application best describing the client.
backchannelLogoutUri	string		Specifies the back-channel logout URI for an OpenID Connect client.
displayname	string		Display name of the client.
enabled	boolean	true	Client is enabled if true, disabled if false.
functionalUserGroupIds	string		A list of group ids to be to be associated with access tokens obtained by this client using the client credentials grant type. When this client parameter is specified, the value is returned in the functional_user_groupIds response parameter from the introspect endpoint.
functionalUserId	string		A user identifier to be associated with access tokens obtained by this client using the client credentials grant type. When this client parameter is specified, the value is returned in the functional_user_id response parameter from the introspect endpoint.
grantTypes	authorization_code client_credentials implicit password refresh_token urn:ietf:params:oauth:grant-type:jwt-bearer	authorization_code	Grant types the client may use.
id	string		A unique configuration ID.
introspectTokens	boolean	false	Boolean value specifying whether the client is allowed to access the introspection endpoint to introspect tokens issued by the authorization server.
name	string		Name of the client (sometimes referred to as the Id).
postLogoutRedirectUris	string		Array of URLs supplied by the RP to which it may request that the end-user's user agent be redirected using the post_logout_redirect_uri parameter after a logout has been performed.
preAuthorizedScope	string		Space separated list of scope values that the client can use when requesting access tokens that are deemed to have been pre-approved by the resource owner and therefore does not require the resource owner's consent.
proofKeyForCodeExchange	boolean	false	Proof key for code exchange support for OAuth clients.
publicClient	boolean	false	Specify whether OAuth client is public.
redirect	string		Array of redirect URIs for use in redirect-based flows such as the authorization code and implicit grant types of the client. The first redirect URI is used as a default, when none is specified in a request. Each URI must be an absolute URI as defined by RFC 3986.
resourceIds	string		The resource identifiers which are the audiences of the Json Web Token.
responseTypes	code id_token token token	code	Response types the client may use.
scope	string		Specify by spaces the list of scopes of the client.
secret	Reversably encoded password (string)		Secret key of the client.
sessionManaged	boolean	false	Boolean indicating whether the client participates in OpenID session management.
subjectType	public		Subject type requested for response to this client.
tokenEndpointAuthMethod	client_secret_basic client_secret_post none	client_secret_basic	The requested authentication method for the token endpoint of the client.
trustedUriPrefixes	string		URIs for use by the coverage map.

scopeToClaimMap

Specify the claims for the scope.

Name	Type	Default	Description
address	string	address	Specify a comma-separated list of claims associated with the address scope.
email	string	email, email_verified	Specify a comma-separated list of claims associated with the email scope.
phone	string	phone_number, phone_number_verified	Specify a comma-separated list of claims associated with the phone scope.
profile	string	name, family_name, given_name, middle_name, nickname, preferred_username, profile, picture, website, gender, birthdate, zoneinfo, locale, updated_at	Specify a comma-separated list of claims associated with the profile scope.

scopeToClaimMap > property

A unique configuration ID.

Name	Type	Default	Description
id	string		A unique configuration ID.
name	string Required		Specify the name of the property
value	string Required		Specify the value of the property