OAuth2Provider.properties revision c7fd94c758fb78a820d0513988731c2106951f9e
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# Copyright 2012-2015 ForgeRock AS.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# The contents of this file are subject to the terms
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# of the Common Development and Distribution License
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# (the License). You may not use this file except in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# compliance with the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# You can obtain a copy of the License at
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# See the License for the specific language governing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# permission and limitations under the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# When distributing Covered Code, include this CDDL
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# Header Notice in each file and include the License file
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# If applicable, add the following below the CDDL Header,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# with the fields enclosed by brackets [] replaced by
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# your own identifying information:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# "Portions copyright [year] [name of copyright owner]"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# Portions Copyrighted 2014-2015 Nomura Research Institute, Ltd.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterforgerock-oauth2-provider-description=OAuth2 Provider
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera100=Authorization Code Lifetime (seconds)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera100.help=The time in seconds an authorization code is valid for
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera101=Refresh Token Lifetime (seconds)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera101.help=The time in seconds a refresh token is valid for
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera102=Access Token Lifetime (seconds)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera102.help=The time in seconds an access token is valid for
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera103=Issue Refresh Tokens
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera103.help=Check to enable generation of refresh tokens
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera103a=Issue Refresh Tokens on Refreshing Access Tokens
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera103a.help=Check to enable generation of refresh tokens when refreshing access tokens
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera104=Scope Implementation Class
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera104.help=The class that contains the required scope implementation
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera104a=OpenID Connect 'profile' scope attribute values
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera104a.help=Configure the mapping of user profile response attributes to data store attributes for the 'profile' scope.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera104b=OpenID Connect 'email' scope attribute value
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera104b.help=Configure the data store attribute for the 'email' scope.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera104c=OpenID Connect 'address' scope attribute values
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera104c.help=Configure the data store attribute for the 'address' scope.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera104d=OpenID Connect 'phone' scope attribute values
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera104d.help=Configure the data store attribute for the 'phone' scope.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera105=Response Type Plugins
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera105.help=Response types are input as such, code|name of plugin class. For example, code|org.forgerock.openam.oauth2.CodeClass. \
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan FosterIf there is no implementation class none should be used in place of the class name. For example id_token|none.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera106=User Profile Attribute(s) the Resource Owner is Authenticated On
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera106.help=If the attribute is mail and uid, then a search string of (|(mail=user)(uid=user)) will be used to get the \
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosteruser profile, where user is the username entered during authentication.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera107=Saved Consent Attribute Name
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera107.help=To use saved consent a list attribute must be set up and the attribute name provided.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera108=Supported Scoped
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera108.help=A list of scopes this authorization server supports.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera109=Remote JSON Web Key URL
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera109.help=The Remote URL where the providers JSON Web Key can be retrieved.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera110=Subject Types supported
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera110.help=List of subject types supported. Values are pairwise and public. Pairwise is the same as confidential.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera111=ID Token Signing Algorithms supported
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera111.help=Algorithms supported to sign id_tokens.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera112=Supported Claims
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera112.help=List of claims supported by the userinfo endpoint.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera113=OpenID Connect JWT Token Lifetime (seconds)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera113.help=The amount of time in seconds the JWT will be valid for.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera114=Alias of ID Token Signing Key
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera114.help=The name of the key put in the keystore used to sign the ID Tokens issued by OpenAM.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera115=Allow Open Dynamic Client Registration
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera115.help=Allow clients to register without an access token. If enabled, you should consider adding some form of rate \
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster limiting. See <a href="http://openid.net/specs/openid-connect-registration-1_0.html#ClientRegistration" \
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster target="_blank">Client Registration</a> in the OpenID Connect specification for details.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera116=Generate Registration Access Tokens
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera116.help=Whether to generate Registration Access Tokens for clients that register via open dynamic client \
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster registration. Such tokens allow the client to access the <a \
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster href="http://openid.net/specs/openid-connect-registration-1_0.html#ClientConfigurationEndpoint" \
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster target="_blank">Client Configuration Endpoint</a> as per the OpenID Connect specification. This setting has \
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster no effect if open dynamic client registration is disabled.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera117=OpenID Connect acr_values to Auth Chain Mapping
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera117.help=Maps OpenID Connect ACR values to authentication chains. See <a \
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster href="http://openid.net/specs/openid-connect-core-1_0.html#AuthRequest" target="_blank">the acr_values parameter</a> \
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster in the OpenID Connect authentication request specification for more details.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera118=OpenID Connect default acr claim
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera118.help=Default value to use as the 'acr' claim in an OpenID Connect ID Token when using the default authentication \
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera119=OpenID Connect id_token amr values to Auth Module mappings
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera119.help=If you require <code>amr</code> values to be returned in the OpenID Connect <code>id_token</code>, you can \
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster configure them here. Once authentication has completed, the authentication modules that were used from the \
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster authentication service will be mapped to the <code>amr</code> values. If you do not require amr values, or are not \
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster providing OpenID Connect tokens at all, this field can be left blank.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera120=Modified Timestamp attribute name
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera120.help=The attribute name of the modified timestamp in the identity repository (must also be added to the User \
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Attributes List on the Datastore Service page).
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera121=Created Timestamp attribute name
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostera121.help=The attribute name of the created timestamp in the identity repository (must also be added to the User \
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Attributes List on the Datastore Service page).