libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Improve formatting and change display order

Browse source 
- Improve formatting of warning 
- Change the display order according to the setting page
This commit is contained in:
Kohei Tamura 2019-07-04 18:41:34 +09:00 committed by Stian Thorgersen
parent c518ee0f8a
commit e82ada56b6
1 changed files with 13 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
server_admin/topics/clients/client-oidc.adoc
View file

@ -67,6 +67,18 @@ _bearer-only_::
Bearer-only access type means that the application only allows bearer token requests.
If this is turned on, this application cannot participate in browser logins.
*Standard Flow Enabled*
If this is on, clients are allowed to use the OIDC <<_oidc-auth-flows,Authorization Code Flow>>.
*Implicit Flow Enabled*
If this is on, clients are allowed to use the OIDC <<_oidc-auth-flows,Implicit Flow>>.
*Direct Access Grants Enabled*
If this is on, clients are allowed to use the OIDC <<_oidc-auth-flows,Direct Access Grants>>.
*Root URL*
If {project_name} uses any configured relative URLs, this value is prepended to them.
@ -85,18 +97,6 @@ for more information.
If {project_name} needs to link to the client, this URL is used.
*Standard Flow Enabled*
If this is on, clients are allowed to use the OIDC <<_oidc-auth-flows,Authorization Code Flow>>.
*Implicit Flow Enabled*
If this is on, clients are allowed to use the OIDC <<_oidc-auth-flows,Implicit Flow>>.
*Direct Access Grants Enabled*
If this is on, clients are allowed to use the OIDC <<_oidc-auth-flows,Direct Access Grants>>.
*Admin URL*
For {project_name} specific client adapters, this is the callback endpoint for the client. The {project_name}
@ -145,8 +145,7 @@ In the following cases, {project_name} will verify the client sending the access
Please see https://tools.ietf.org/html/draft-ietf-oauth-mtls-08#section-3[Mutual TLS Client Certificate Bound Access Tokens] in the OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access Tokens for more details.
WARNING:
None of the keycloak client adapters currently support holder-of-key token verification.
WARNING: None of the keycloak client adapters currently support holder-of-key token verification.
Instead, keycloak adapters currently treat access and refresh tokens as bearer tokens.
[[_proof-key-for-code-exchange]]