{ "$schema": "http://json-schema.org/draft-04/schema#", "id": "/", "title": "oxauth-config.xml", "type": "object", "additionalProperties": true, "properties": { "sessionAsJwt": { "id": "sessionAsJwt", "description": "Session as JWT.", "type": "boolean" }, "issuer": { "id": "issuer", "description": "URL using the https scheme with no query or fragment component that the OP asserts as its Issuer Identifier.", "title": "Issuer", "type": "string", "format": "url", "minLength": 1 }, "loginPage": { "id": "loginPage", "description": "URL of the login page.", "type": "string", "format": "url", "minLength": 1 }, "authorizationPage": { "id": "authorizationPage", "description": "URL of the oxAuth authorization page.", "type": "string", "format": "url", "minLength": 1 }, "baseEndpoint": { "id": "baseEndpoint", "description": "Base URL of the Endpoints.", "type": "string", "format": "url", "minLength": 1 }, "authorizationEndpoint": { "id": "authorizationEndpoint", "description": "The URL of the Authorization Endpoint.", "type": "string", "format": "url", "minLength": 1 }, "tokenEndpoint": { "id": "tokenEndpoint", "description": "The URL of the Token Endpoint.", "type": "string", "format": "url", "minLength": 1 }, "userInfoEndpoint": { "id": "userInfoEndpoint", "description": "The URL of the User Info Endpoint.", "type": "string", "format": "url", "minLength": 1 }, "clientInfoEndpoint": { "id": "clientInfoEndpoint", "description": "The URL of the Client Info Endpoint.", "type": "string", "format": "url", "minLength": 1 }, "checkSessionIFrame": { "id": "checkSessionIFrame", "description": "URL of an OP iframe that supports cross-origin communications for session state information with the RP Client, using the HTML5 postMessage API.", "type": "string", "format": "url", "minLength": 1 }, "endSessionEndpoint": { "id": "endSessionEndpoint", "description": "URL at the OP to which an RP can perform a redirect to request that the End-User be logged out at the OP.", "type": "string", "format": "url", "minLength": 1 }, "jwksUri": { "id": "jwksUri", "description": "URL of the OP's JSON Web Key Set (JWK) document. This contains the signing key(s) the RP uses to validate signatures from the OP.", "type": "string", "format": "url", "minLength": 1 }, "registrationEndpoint": { "id": "registrationEndpoint", "description": "URL of the Registration Enpoint.", "type": "string", "format": "url", "minLength": 1 }, "validateTokenEndpoint": { "id": "validateTokenEndpoint", "description": "URL of the Endpoint for token validation.", "type": "string", "format": "url", "minLength": 1 }, "openIdDiscoveryEndpoint": { "id": "openIdDiscoveryEndpoint", "description": "URL for the Discovery Endpoint.", "type": "string", "format": "url", "minLength": 1 }, "openIdConfigurationEndpoint": { "id": "openIdConfigurationEndpoint", "description": "URL for the Open ID Connect Configuration Endpoint.", "type": "string", "format": "url", "minLength": 1 }, "idGenerationEndpoint": { "id": "idGenerationEndpoint", "description": "URL for the ID Generation Endpoint.", "type": "string", "format": "url", "minLength": 1 }, "introspectionEndpoint": { "id": "introspectionEndpoint", "description": "URL for the Introspection Endpoint.", "type": "string", "format": "url", "minLength": 1 }, "umaConfigurationEndpoint": { "id": "umaConfigurationEndpoint", "description": "URL for the UMA Configuration Endpoint.", "type": "string", "format": "url", "minLength": 1 }, "sectorIdentifierEndpoint": { "id": "sectorIdentifierEndpoint", "description": "URL for the Sector Identifier Endpoint.", "type": "string", "format": "url", "minLength": 1 }, "oxElevenGenerateKeyEndpoint": { "id": "oxElevenGenerateKeyEndpoint", "description": "URL for the oxEleven Generate Key Endpoint.", "type": "string", "format": "url", "minLength": 1 }, "oxElevenSignEndpoint": { "id": "oxElevenSignEndpoint", "description": "URL for the oxEleven Sign Endpoint.", "type": "string", "format": "url", "minLength": 1 }, "oxElevenVerifySignatureEndpoint": { "id": "oxElevenVerifySignatureEndpoint", "description": "URL for the oxEleven Verify Signature Endpoint.", "type": "string", "format": "url", "minLength": 1 }, "oxElevenDeleteKeyEndpoint": { "id": "oxElevenDeleteKeyEndpoint", "description": "URL for the oxEleven Delete Key Endpoint.", "type": "string", "format": "url", "minLength": 1 }, "oxElevenJwksEndpoint": { "id": "oxElevenJwksEndpoint", "description": "URL for the oxEleven JWKS Endpoint.", "type": "string", "format": "url", "minLength": 1 }, "openidSubAttribute": { "id": "openidSubAttribute", "description": "LDAP attribute used for the sub claim.", "type": "string", "minLength": 1 }, "responseTypesSupported": { "id": "responseTypesSupported", "description": "A list of the OAuth 2.0 response_type values that this OP supports.", "type": "array", "format": "select", "minItems": 1, "uniqueItems": true, "items": { "type": "string", "enum": [ "code", "code id_token", "token", "token id_token", "code token", "code token id_token", "id_token" ] } }, "grantTypesSupported": { "id": "grantTypesSupported", "description": "A list of the OAuth 2.0 Grant Type values that this OP supports.", "type": "array", "format": "select", "minItems": 1, "uniqueItems": true, "items": { "type": "string", "enum": [ "authorization_code", "implicit", "urn:ietf:params:oauth:grant-type:jwt-bearer" ] } }, "subjectTypesSupported": { "id": "subjectTypesSupported", "description": "A list of the Subject Identifier types that this OP supports. Valid types include pairwise and public.", "type": "array", "format": "select", "minItems": 1, "uniqueItems": true, "items": { "type": "string", "enum": [ "public", "pairwise" ] } }, "defaultSubjectType": { "id": "defaultSubjectType", "description": "Default Subject Type used for Dynamic Client Registration.", "type": "string", "enum": [ "public", "pairwise" ] }, "userInfoSigningAlgValuesSupported": { "id": "userInfoSigningAlgValuesSupported", "description": "A list of the JWS signing algorithms (alg values) JWA supported by the UserInfo Endpoint to encode the Claims in a JWT.", "type": "array", "format": "select", "minItems": 1, "uniqueItems": true, "items": { "type": "string", "enum": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ] } }, "userInfoEncryptionAlgValuesSupported": { "id": "userInfoEncryptionAlgValuesSupported", "description": "A list of the JWE encryption algorithms (alg values) JWA supported by the UserInfo Endpoint to encode the Claims in a JWT.", "type": "array", "format": "select", "minItems": 1, "uniqueItems": true, "items": { "type": "string", "enum": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ] } }, "userInfoEncryptionEncValuesSupported": { "id": "userInfoEncryptionEncValuesSupported", "description": "A list of the JWE encryption algorithms (enc values) JWA supported by the UserInfo Endpoint to encode the Claims in a JWT.", "type": "array", "format": "select", "minItems": 1, "uniqueItems": true, "items": { "type": "string", "enum": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ] } }, "idTokenSigningAlgValuesSupported": { "id": "idTokenSigningAlgValuesSupported", "description": "A list of the JWS signing algorithms (alg values) supported by the OP for the ID Token to encode the Claims in a JWT.", "type": "array", "format": "select", "minItems": 1, "uniqueItems": true, "items": { "type": "string", "enum": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ] } }, "idTokenEncryptionAlgValuesSupported": { "id": "idTokenEncryptionAlgValuesSupported", "description": "A list of the JWE encryption algorithms (alg values) supported by the OP for the ID Token to encode the Claims in a JWT.", "type": "array", "format": "select", "minItems": 1, "uniqueItems": true, "items": { "type": "string", "enum": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ] } }, "idTokenEncryptionEncValuesSupported": { "id": "idTokenEncryptionEncValuesSupported", "description": "A list of the JWE encryption algorithms (enc values) supported by the OP for the ID Token to encode the Claims in a JWT.", "type": "array", "format": "select", "minItems": 1, "uniqueItems": true, "items": { "type": "string", "enum": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ] } }, "requestObjectSigningAlgValuesSupported": { "id": "requestObjectSigningAlgValuesSupported", "description": "A list of the JWS signing algorithms (alg values) supported by the OP for Request Objects.", "type": "array", "format": "select", "minItems": 1, "uniqueItems": true, "items": { "type": "string", "enum": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ] } }, "requestObjectEncryptionAlgValuesSupported": { "id": "requestObjectEncryptionAlgValuesSupported", "description": "A list of the JWE encryption algorithms (alg values) supported by the OP for Request Objects.", "type": "array", "format": "select", "minItems": 1, "uniqueItems": true, "items": { "type": "string", "enum": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ] } }, "requestObjectEncryptionEncValuesSupported": { "id": "requestObjectEncryptionEncValuesSupported", "description": "A list of the JWE encryption algorithms (enc values) supported by the OP for Request Objects.", "type": "array", "format": "select", "minItems": 1, "uniqueItems": true, "items": { "type": "string", "enum": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ] } }, "tokenEndpointAuthMethodsSupported": { "id": "tokenEndpointAuthMethodsSupported", "description": "A list of Client Authentication methods supported by this Token Endpoint.", "type": "array", "format": "select", "minItems": 1, "uniqueItems": true, "items": { "type": "string", "enum": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ] } }, "tokenEndpointAuthSigningAlgValuesSupported": { "id": "tokenEndpointAuthSigningAlgValuesSupported", "description": "A list of the JWS signing algorithms (alg values) supported by the Token Endpoint for the signature on the JWT used to authenticate the Client at the Token Endpoint for the private_key_jwt and client_secret_jwt authentication methods.", "type": "array", "format": "select", "minItems": 1, "uniqueItems": true, "items": { "type": "string", "enum": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ] } }, "dynamicRegistrationCustomAttributes": { "id": "dynamicRegistrationCustomAttributes", "description": "Custom attributes for the Dynamic registration.", "type": "array", "minItems": 1, "uniqueItems": true, "additionalItems": true, "items": { "type": "string", "minLength": 1 } }, "displayValuesSupported": { "id": "displayValuesSupported", "description": "A list of the display parameter values that the OpenID Provider supports.", "type": "array", "format": "select", "minItems": 1, "uniqueItems": true, "items": { "type": "string", "enum": [ "page", "popup" ] } }, "dynamicClientRegDefaultGrantTypes": { "id": "dynamicClientRegDefaultGrantTypes", "description": "A list of the OAuth 2.0 Grant Type values that this OP supports.", "type": "array", "format": "select", "minItems": 1, "uniqueItems": true, "items": { "type": "string", "enum": [ "authorization_code", "implicit", "refresh_token", "client_credentials" ] } }, "claimTypesSupported": { "id": "claimTypesSupported", "description": "A list of the Claim Types that the OpenID Provider supports.", "type": "array", "format": "select", "minItems": 1, "uniqueItems": true, "items": { "type": "string", "enum": [ "normal" ] } }, "serviceDocumentation": { "id": "serviceDocumentation", "description": "URL of a page containing human-readable information that developers might want or need to know when using the OpenID Provider.", "type": "string", "format": "url", "minLength": 1 }, "claimsLocalesSupported": { "id": "claimsLocalesSupported", "description": "Languages and scripts supported for values in Claims being returned.", "type": "array", "minItems": 1, "uniqueItems": true, "additionalItems": true, "items": { "type": "string", "minLength": 1 } }, "uiLocalesSupported": { "id": "uiLocalesSupported", "description": "Languages and scripts supported for the user interface.", "type": "array", "minItems": 1, "uniqueItems": true, "additionalItems": true, "items": { "type": "string", "minLength": 1 } }, "claimsParameterSupported": { "id": "claimsParameterSupported", "description": "Specifies whether the OP supports use of the claims parameter.", "type": "boolean" }, "requestParameterSupported": { "id": "requestParameterSupported", "description": "Boolean value specifying whether the OP supports use of the request parameter.", "type": "boolean" }, "requestUriParameterSupported": { "id": "requestUriParameterSupported", "description": "Boolean value specifying whether the OP supports use of the request_uri parameter.", "type": "boolean" }, "requireRequestUriRegistration": { "id": "requireRequestUriRegistration", "description": "Boolean value specifying whether the OP requires any request_uri values used to be pre-registered using the request_uris registration parameter.", "type": "boolean" }, "opPolicyUri": { "id": "opPolicyUri", "description": "URL that the OpenID Provider provides to the person registering the Client to read about the OP's requirements on how the Relying Party can use the data provided by the OP.", "type": "string", "format": "url", "minLength": 1 }, "opTosUri": { "id": "opTosUri", "description": "URL that the OpenID Provider provides to the person registering the Client to read about OpenID Provider's terms of service.", "type": "string", "format": "url", "minLength": 1 }, "authorizationCodeLifetime": { "id": "authorizationCodeLifetime", "description": "The lifetime of the Authorization Code.", "type": "integer", "multipleOf": 1, "maximum": 2147483647, "minimum": 1, "exclusiveMaximum": false, "exclusiveMinimum": false }, "refreshTokenLifetime": { "id": "refreshTokenLifetime", "description": "The lifetime of the Refresh Token.", "type": "integer", "multipleOf": 1, "maximum": 2147483647, "minimum": 1, "exclusiveMaximum": false, "exclusiveMinimum": false }, "idTokenLifetime": { "id": "idTokenLifetime", "description": "The lifetime of the ID Token.", "type": "integer", "multipleOf": 1, "maximum": 2147483647, "minimum": 1, "exclusiveMaximum": false, "exclusiveMinimum": false }, "shortLivedAccessTokenLifetime": { "id": "shortLivedAccessTokenLifetime", "description": "The lifetime of the short lived Access Token.", "type": "integer", "multipleOf": 1, "maximum": 2147483647, "minimum": 1, "exclusiveMaximum": false, "exclusiveMinimum": false }, "longLivedAccessTokenLifetime": { "id": "longLivedAccessTokenLifetime", "description": "The lifetime of the long lived Access Token.", "type": "integer", "multipleOf": 1, "maximum": 2147483647, "minimum": 1, "exclusiveMaximum": false, "exclusiveMinimum": false }, "umaRequesterPermissionTokenLifetime": { "id": "umaRequesterPermissionTokenLifetime", "description": "", "type": "integer", "multipleOf": 1, "maximum": 2147483647, "minimum": 1, "exclusiveMaximum": false, "exclusiveMinimum": false }, "umaAddScopesAutomatically": { "id": "umaAddScopesAutomatically", "description": "", "type": "boolean" }, "umaKeepClientDuringResourceSetRegistration": { "id": "umaKeepClientDuringResourceSetRegistration", "description": "", "type": "boolean" }, "umaRptAsJwt": { "id": "umaRptAsJwt", "description": "Issue RPT as JWT or as random string.", "type": "boolean" }, "cleanServiceInterval": { "id": "cleanServiceInterval", "description": "Time interval for the Clean Service in seconds.", "type": "integer", "multipleOf": 1, "maximum": 2147483647, "minimum": 1, "exclusiveMaximum": false, "exclusiveMinimum": false }, "keyRegenerationEnabled": { "id": "keyRegenerationEnabled", "description": "Boolean value specifying whether to regenerate keys.", "type": "boolean" }, "keyRegenerationInterval": { "id": "keyRegenerationInterval", "description": "The interval for key regeneration in hours.", "type": "integer", "multipleOf": 1, "maximum": 2147483647, "minimum": 1, "exclusiveMaximum": false, "exclusiveMinimum": false }, "defaultSignatureAlgorithm": { "id": "defaultSignatureAlgorithm", "description": "The default signature algorithm to sign ID Tokens.", "type": "string", "enum": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ] }, "oxOpenIdConnectVersion": { "id": "oxOpenIdConnectVersion", "description": "OpenID Connect Version.", "type": "string", "minLength": 1 }, "organizationInum": { "id": "organizationInum", "description": "The Organization Inum.", "type": "string", "minLength": 1 }, "oxId": { "id": "oxId", "description": "URL for the Inum generator Service.", "type": "string", "format": "url", "minLength": 1 }, "dynamicRegistrationEnabled": { "id": "dynamicRegistrationEnabled", "description": "Boolean value specifying whether to enable Dynamic Registration.", "type": "boolean" }, "dynamicRegistrationExpirationTime": { "id": "dynamicRegistrationExpirationTime", "description": "Expiration time in seconds for clients created with dynamic registration, 0 means never expire.", "type": "integer", "multipleOf": 1, "maximum": 2147483647, "minimum": 1, "exclusiveMaximum": false, "exclusiveMinimum": false }, "dynamicRegistrationPersistClientAuthorizations": { "id": "dynamicRegistrationPersistClientAuthorizations", "description": "Boolean value specifying whether to persist client authorizations.", "type": "boolean" }, "trustedClientEnabled": { "id": "trustedClientEnabled", "description": "Boolean value specifying whether a client is trusted and no authorization is required.", "type": "boolean" }, "dynamicRegistrationScopesParamEnabled": { "id": "dynamicRegistrationScopesParamEnabled", "description": "Boolean value specifying whether to enable scopes parameter in dynamic registration.", "type": "boolean" }, "dynamicRegistrationCustomObjectClass": { "id": "dynamicRegistrationCustomObjectClass", "description": "LDAP custom object class for dynamic registration.", "type": "string", "minLength": 1 }, "authenticationFiltersEnabled": { "id": "authenticationFiltersEnabled", "description": "Boolean value specifying whether to enable user authentication filters.", "type": "boolean" }, "clientAuthenticationFiltersEnabled": { "id": "clientAuthenticationFiltersEnabled", "description": "Boolean value specifying whether to enable client authentication filters.", "type": "boolean" }, "authenticationFilters": { "id": "authenticationFilters", "description": "User authentication filters.", "type": "array", "minItems": 1, "uniqueItems": false, "additionalItems": true, "items": { "type": "object", "additionalProperties": true, "properties": { "filter": { "id": "filter", "type": "string", "minLength": 1 }, "bind": { "id": "bind", "type": "boolean" }, "bindPasswordAttribute": { "id": "bindPasswordAttribute", "type": "string", "minLength": 1 }, "baseDn": { "id": "baseDn", "type": "string", "minLength": 1 } } } }, "clientAuthenticationFilters": { "id": "clientAuthenticationFilters", "description": "Client authentication filters.", "type": "array", "minItems": 1, "uniqueItems": false, "additionalItems": true, "items": { "type": "object", "additionalProperties": true, "properties": { "filter": { "id": "filter", "type": "string", "minLength": 1 }, "bind": { "id": "bind", "type": "string", "minLength": 1 }, "bindPasswordAttribute": { "id": "bindPasswordAttribute", "type": "string", "minLength": 1 }, "baseDn": { "id": "baseDn", "type": "string", "minLength": 1 } } } }, "applianceInum": { "id": "applianceInum", "description": "The Appliance Inum", "type": "string", "minLength": 1 }, "sessionIdUnusedLifetime": { "id": "sessionIdUnusedLifetime", "description": "The lifetime for unused session IDs.", "type": "integer", "multipleOf": 1, "maximum": 2147483647, "minimum": 1, "exclusiveMaximum": false, "exclusiveMinimum": false }, "sessionIdUnauthenticatedUnusedLifetime": { "id": "sessionIdUnauthenticatedUnusedLifetime", "description": "The lifetime for unused unauthenticated session IDs.", "type": "integer", "multipleOf": 1, "maximum": 2147483647, "minimum": 1, "exclusiveMaximum": false, "exclusiveMinimum": false }, "sessionIdEnabled": { "id": "sessionIdEnabled", "description": "Boolean value specifying whether to enable session ID parameter.", "type": "boolean" }, "sessionIdPersistOnPromptNone": { "id": "sessionIdPersistOnPromptNone", "description": "Boolean value specifying whether to persist session ID on prompt none.", "type": "boolean" }, "sessionStateHttpOnly": { "id": "sessionStateHttpOnly", "description": "Boolean value specifying whether to set Session State HttpOnly.", "type": "boolean" }, "configurationUpdateInterval": { "id": "configurationUpdateInterval", "description": "The interval for configuration update in seconds.", "type": "integer", "multipleOf": 1, "maximum": 2147483647, "minimum": 1, "exclusiveMaximum": false, "exclusiveMinimum": false }, "cssLocation": { "id": "cssLocation", "description": "The location for CSS files.", "type": "string", "minLength": 1 }, "jsLocation": { "id": "jsLocation", "description": "The location for JavaScript files.", "type": "string", "minLength": 1 }, "imgLocation": { "id": "imgLocation", "description": "The location for image files.", "type": "string", "minLength": 1 }, "metricReporterInterval": { "id": "metricReporterInterval", "description": "The interval for metric reporter in seconds.", "type": "integer", "multipleOf": 1, "maximum": 2147483647, "minimum": 1, "exclusiveMaximum": false, "exclusiveMinimum": false }, "metricReporterKeepDataDays": { "id": "metricReporterKeepDataDays", "description": "The days to keep metric reported data.", "type": "integer", "multipleOf": 1, "maximum": 2147483647, "minimum": 1, "exclusiveMaximum": false, "exclusiveMinimum": false }, "pairwiseIdType": { "id": "pairwiseIdType", "description": "The pairwise ID type.", "type": "string", "enum": [ "persistent", "algorithmic" ] }, "pairwiseCalculationKey": { "id": "pairwiseCalculationKey", "description": "Key to calculate algorithmic pairwise IDs.", "type": "string", "minLength": 1 }, "pairwiseCalculationSalt": { "id": "pairwiseCalculationSalt", "description": "Salt to calculate algorithmic pairwise IDs.", "type": "string", "minLength": 1 }, "webKeysStorage": { "id": "webKeysStorage", "description": "Web Key Storage Type.", "type": "string", "enum": [ "keystore", "pkcs11" ] }, "dnName": { "id": "dnName", "description": "DN of certificate issuer.", "type": "string", "minLength": 1 }, "keyStoreFile": { "id": "keyStoreFile", "description": "The Key Store File (JKS).", "type": "string", "minLength": 1 }, "keyStoreSecret": { "id": "keyStoreSecret", "description": "The password of the Key Store.", "type": "string", "minLength": 1 }, "endSessionWithAccessToken": { "id": "endSessionWithAccessToken", "description": "Accept access token to call end_session endpoint.", "type": "boolean" }, "clientWhiteList": { "id": "clientWhiteList", "description": "White List for Client Redirection URIs.", "type": "array", "minItems": 0, "uniqueItems": true, "additionalItems": true, "items": { "type": "string", "minLength": 1 } }, "clientBlackList": { "id": "clientBlackList", "description": "Black List for Client Redirection URIs.", "type": "array", "minItems": 0, "uniqueItems": true, "additionalItems": true, "items": { "type": "string", "minLength": 1 } }, "legacyIdTokenClaims": { "id": "legacyIdTokenClaims", "description": "Include Claims in ID Token.", "type": "boolean" }, "customHeadersWithAuthorizationResponse": { "id": "customHeadersWithAuthorizationResponse", "description": "Boolean value specifying whether to enable Custom Response Header parameter to return custom headers with the Authorization Response.", "type": "boolean" }, "frontChannelLogoutSessionSupported": { "id": "frontChannelLogoutSessionSupported", "description": "Boolean value to specify support for front channel logout session.", "type": "boolean" }, "updateUserLastLogonTime": { "id": "updateUserLastLogonTime", "description": "Boolean value to specify if application should update oxLastLogonTime attribute on user authentication.", "type": "boolean" }, "updateClientAccessTime": { "id": "updateClientAccessTime", "description": "Boolean value to specify if application should update oxLastAccessTime/oxLastLogonTime attributes on client authentication.", "type": "boolean" }, "enableClientGrantUpdate": { "id": "enableClientGrantUpdate", "description": "Boolean value to specify if application should allow changing grant types for domain attributes on client authentication.", "type": "boolean" }, "loggingLevel": { "id": "loggingLevel", "description": "Logging level for oxAuth logers.", "type": "string", "format": "select", "enum": [ "DEFAULT", "OFF", "FATAL", "ERROR", "WARN", "INFO", "DEBUG", "TRACE", "ALL" ] } }, "required": [ "issuer", "loginPage", "authorizationPage", "baseEndpoint", "authorizationEndpoint", "tokenEndpoint", "userInfoEndpoint", "clientInfoEndpoint", "checkSessionIFrame", "endSessionEndpoint", "jwksUri", "registrationEndpoint", "validateTokenEndpoint", "openIdDiscoveryEndpoint", "openIdConfigurationEndpoint", "idGenerationEndpoint", "introspectionEndpoint", "umaConfigurationEndpoint", "sectorIdentifierEndpoint", "oxElevenGenerateKeyEndpoint", "oxElevenSignEndpoint", "oxElevenVerifySignatureEndpoint", "oxElevenDeleteKeyEndpoint", "oxElevenJwksEndpoint", "openidSubAttribute", "responseTypesSupported", "grantTypesSupported", "subjectTypesSupported", "defaultSubjectType", "userInfoSigningAlgValuesSupported", "userInfoEncryptionAlgValuesSupported", "userInfoEncryptionEncValuesSupported", "idTokenSigningAlgValuesSupported", "idTokenEncryptionAlgValuesSupported", "idTokenEncryptionEncValuesSupported", "requestObjectSigningAlgValuesSupported", "requestObjectEncryptionAlgValuesSupported", "requestObjectEncryptionEncValuesSupported", "tokenEndpointAuthMethodsSupported", "tokenEndpointAuthSigningAlgValuesSupported", "dynamicRegistrationCustomAttributes", "dynamicClientRegDefaultGrantTypes", "displayValuesSupported", "claimTypesSupported", "serviceDocumentation", "claimsLocalesSupported", "uiLocalesSupported", "claimsParameterSupported", "requestParameterSupported", "requestUriParameterSupported", "requireRequestUriRegistration", "opPolicyUri", "opTosUri", "authorizationCodeLifetime", "refreshTokenLifetime", "idTokenLifetime", "shortLivedAccessTokenLifetime", "longLivedAccessTokenLifetime", "umaRequesterPermissionTokenLifetime", "umaAddScopesAutomatically", "umaKeepClientDuringResourceSetRegistration", "cleanServiceInterval", "keyRegenerationEnabled", "keyRegenerationInterval", "defaultSignatureAlgorithm", "oxOpenIdConnectVersion", "organizationInum", "oxId", "dynamicRegistrationEnabled", "dynamicRegistrationExpirationTime", "dynamicRegistrationPersistClientAuthorizations", "trustedClientEnabled", "dynamicRegistrationScopesParamEnabled", "dynamicRegistrationCustomObjectClass", "authenticationFiltersEnabled", "clientAuthenticationFiltersEnabled", "authenticationFilters", "clientAuthenticationFilters", "applianceInum", "sessionIdUnusedLifetime", "sessionIdUnauthenticatedUnusedLifetime", "sessionIdEnabled", "sessionIdPersistOnPromptNone", "sessionStateHttpOnly", "configurationUpdateInterval", "cssLocation", "jsLocation", "imgLocation", "metricReporterInterval", "metricReporterKeepDataDays", "pairwiseIdType", "pairwiseCalculationKey", "pairwiseCalculationSalt", "webKeysStorage", "dnName", "keyStoreFile", "keyStoreSecret", "endSessionWithAccessToken", "legacyIdTokenClaims", "customHeadersWithAuthorizationResponse", "frontChannelLogoutSessionSupported", "updateUserLastLogonTime", "updateClientAccessTime", "enableClientGrantUpdate", "loggingLevel" ] }