OIDC
Configuration tab
Name | Basic Description | Default Value |
---|---|---|
Issuer* | URL using the https scheme with no query or fragment components that the OP asserts as its Issuer Identifier | |
Subject attribute | Subject source attribute | userPrincipleName |
ID Token Lifetime* | Lifetime of ID token | PT1H |
Access Token Lifetime* | Lifetime of access token. | PT10M |
Authorization Code Lifetime* | Lifetime of authorization code | PT5M |
Refresh token default timeout* | The refresh token & token chain timeout | PT1H |
Force PKCE | Whether client is required to use PKCE | Turned off |
Allow PKCE plain | Whether client is allowed to use PKCE code challenge method "plain" | Turned off |
Encode consent in tokens | Whether to embed consent decision(s) in access/refresh tokens and authorization code to allow for client-side consent storage | Turned off |
Use Request Objects | Whether to enforce use of request objects | Turned off |
Sign Request Object | Whether to enforce signing of request objects if they’re used. | Turned off |
Encrypt Request Object | Whether to enforce encryption of request objects if they’re used. | Turned off |
Subject salt* | The salt used in generating the subject | secret |
Actions available on page:
Download OIDC metadata
Copy OIDC metadata URL

Security tab
Actions available on page:
Download OIDC metadata
Copy OIDC metadata URL
Add JWK
Generate JWK

Scopes tab
Actions available on page:
Download OIDC metadata
Copy OIDC metadata URL
Add scope

Attributes tab
Actions available on page:
Download OIDC metadata
Copy OIDC metadata URL

ACR&AMR claims tab
Actions available on page:
Download OIDC metadata
Copy OIDC metadata URL
Add AMR claim
Add ACR claim

