[oidc:default] stanza

• discovery-endpoint
  Use this entry to set the discovery endpoint for the OP.
• redirect-uri-host
  Use this entry to set the redirect URI that has been registered with the OIDC OP.
• proxy
  Use this entry to set the proxy used to reach the OIDC endpoints.
• client-identity
  Use this entry to set the ISAM client identity as registered with the OP.
• client-secret
  Use this entry to set the ISAM client secret as registered with the OP.
• response-type
  The required response type for authentication responses.
• response-mode
  Use this entry to set the required response mode for authentication responses.
• scopes
  Use this entry to set the scopes to be sent in the authentication request in addition to the openid scope.
• bearer-token-attributes
  Use this entry to set a JSON data element from the bearer token response, which should be included in the credential as an extended attribute.
• id-token-attributes
  Use this entry to set a claim from the Id token response which should be included in the credential as an extended attribute.
• allowed-query-arg
  Additional query string arguments can be provided to the authentication kick-off URL which will in turn be appended to the corresponding authentication request.
• mapped-identity
  Use this entry to set a formatted string used to construct the ISAM principal name from elements of the ID token.
• external-user
  Use this entry to set Whether the mapped identity should correspond to a known ISAM identity.

Parent topic: Stanza reference