libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

KEYCLOAK-16679 Add algorithm settings for client assertion signature in OIDC identity broker

Browse source
This commit is contained in:
i7a7467 2020-12-20 13:08:17 +09:00 committed by Marek Posolda
parent 8aa8ee4862
commit ecc3176455
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
server_admin/topics/identity-broker/oidc.adoc
View file

@ -45,6 +45,10 @@ You must define the OpenID Connect configuration options as well. They basicall
|Client Secret
|This realm will need a client secret to use when using the Authorization Code Flow. The value of this field can refer a value from an external <<_vault-administration,vault>>.
|Client Assertion Signature Algorithm
|Signature algorithm to create JWT assertion as client authentication.
In the case of JWT signed with private key or Client secret as jwt, it is required. If no algorithm is specified, the following algorithm is adapted. `RS256` is adapted the in the case of JWT signed with private key. `HS256` is adapted the in the case of Client secret as jwt.
|Issuer
|Responses from the IDP may contain an issuer claim. This config value is optional. If specified, this claim will be validated against the value you provide.