amAuthOpenIdConnect.properties revision 5cc6034ee1b5655af6bbf55572ae268678504633
openidconnect-service-description=OpenID Connect
header_name=Name of header referencing the ID Token
issuer_name=Name of OpenID Connect ID Token Issuer
issuer_name.help= Value must match the iss field in issued ID Token
crypto_context_type=Configuration type: please select either 1.the issuer discovery url, 2. the issuer jwk url, or 3. \
the client_secret
crypto_context_value=The discovery url, or jwk url, or the client_secret, corresponding to the selection above
crypto_context_value.help=If discovery or jwk url entered, entry must be in valid url format
principal_mapper_class=Principal mapper class
principal_mapper_class.help=Class which implements mapping of jwt state to a Principal in the local identity repository
principal_mapper_class.help.txt=Any custom implementation must implement the \
principal_provider_class=Principal Account Provider
principal_provider_class.help=Name of the class implementing the account provider.
principal_provider_class.help.txt=This class is used by the module to find the account from the attributes mapped by the Account Mapper \
<code>org.forgerock.openam.authentication.modules.common.mapping.AccountProvider</code> interface.
local_to_jwt_attr_mappings=Mapping of local LDAP attributes to jwt attributes
local_to_jwt_attr_mappings.help=Format: local_ldap_attribute=jwt_attribute
local_to_jwt_attr_mappings.help.txt=Mappings allow jwt entries to drive principal lookup. This entry determines how \
to translate between local LDAP attributes and the entries in the jwt. See \
http://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims on how to request the inclusion of additional \
attributes in issued ID Tokens.
listed_audience_name=Audience name
listed_audience_name.help=A case sensitive string
listed_audience_name.help.txt=The audience name for this OpenID Conenct module. This will be used to check that the \
ID token received is intended for this module as an audience.
listed_authorized_parties=List of accepted authorized parties
listed_authorized_parties.help=A list of case sensitive strings which can be either string or URI values
listed_authorized_parties.help.txt=A list of authorized parties which this module will accept ID tokens from. This \
will be checked against the authorized party claim of the ID token.
verification_failed=Verification of the ID Token failed.
issuer_mismatch=The issuer configured for the module, and the issuer string in discovery document referenced by \
configuration url, do not match.
token_issuer_mismatch=The issuer configured for the module, and the issuer string in the jwt, do not match.
jwt_parse_error=The ID Token jwt specified in the header could not be parsed.
missing_header=No ID Token was found referenced by the specified header.
jwk_not_loaded=The json web key state could not be loaded.
principal_mapper_instantiation_error=The principal mapper could not be instantiated.
principal_mapping_failure=No principal in the local id repo could be found.
no_attributes_mapped=None of the attributes specified in the mappings could be found in the Id Token.
id_token_bad_audience=ID token is not for this audience.
invalid_authorized_party=ID token was received from invalid authorized party.
authorized_party_not_in_audience=Authorized party was present in ID token, but its value was not found in the \
audience claim.
no_audience_claim=No audience claim present in ID token.