libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Improve formatting and change display order

Browse source 
- Improve formatting of warning 
- Change the display order according to the setting page
This commit is contained in:
Kohei Tamura 2019-07-04 18:41:34 +09:00 committed by Stian Thorgersen
parent c518ee0f8a
commit e82ada56b6
1 changed files with 13 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
server_admin/topics/clients/client-oidc.adoc
View file

@ -67,6 +67,18 @@ _bearer-only_::
Bearer-only access type means that the application only allows bearer token requests. Bearer-only access type means that the application only allows bearer token requests.
If this is turned on, this application cannot participate in browser logins. If this is turned on, this application cannot participate in browser logins.
*Standard Flow Enabled*
If this is on, clients are allowed to use the OIDC <<_oidc-auth-flows,Authorization Code Flow>>.
*Implicit Flow Enabled*
If this is on, clients are allowed to use the OIDC <<_oidc-auth-flows,Implicit Flow>>.
*Direct Access Grants Enabled*
If this is on, clients are allowed to use the OIDC <<_oidc-auth-flows,Direct Access Grants>>.
*Root URL* *Root URL*
If {project_name} uses any configured relative URLs, this value is prepended to them. If {project_name} uses any configured relative URLs, this value is prepended to them.
@ -85,18 +97,6 @@ for more information.
If {project_name} needs to link to the client, this URL is used. If {project_name} needs to link to the client, this URL is used.
*Standard Flow Enabled*
If this is on, clients are allowed to use the OIDC <<_oidc-auth-flows,Authorization Code Flow>>.
*Implicit Flow Enabled*
If this is on, clients are allowed to use the OIDC <<_oidc-auth-flows,Implicit Flow>>.
*Direct Access Grants Enabled*
If this is on, clients are allowed to use the OIDC <<_oidc-auth-flows,Direct Access Grants>>.
*Admin URL* *Admin URL*
For {project_name} specific client adapters, this is the callback endpoint for the client. The {project_name} For {project_name} specific client adapters, this is the callback endpoint for the client. The {project_name}
@ -145,8 +145,7 @@ In the following cases, {project_name} will verify the client sending the access
Please see https://tools.ietf.org/html/draft-ietf-oauth-mtls-08#section-3[Mutual TLS Client Certificate Bound Access Tokens] in the OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access Tokens for more details. Please see https://tools.ietf.org/html/draft-ietf-oauth-mtls-08#section-3[Mutual TLS Client Certificate Bound Access Tokens] in the OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access Tokens for more details.
WARNING: WARNING: None of the keycloak client adapters currently support holder-of-key token verification.
None of the keycloak client adapters currently support holder-of-key token verification.
Instead, keycloak adapters currently treat access and refresh tokens as bearer tokens. Instead, keycloak adapters currently treat access and refresh tokens as bearer tokens.
[[_proof-key-for-code-exchange]] [[_proof-key-for-code-exchange]]