OAuth2Provider.properties revision c7fd94c758fb78a820d0513988731c2106951f9e
#
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
#
# Copyright 2012-2015 ForgeRock AS.
#
# The contents of this file are subject to the terms
# of the Common Development and Distribution License
# (the License). You may not use this file except in
# compliance with the License.
#
# You can obtain a copy of the License at
# See the License for the specific language governing
# permission and limitations under the License.
#
# When distributing Covered Code, include this CDDL
# Header Notice in each file and include the License file
# If applicable, add the following below the CDDL Header,
# with the fields enclosed by brackets [] replaced by
# your own identifying information:
# "Portions copyright [year] [name of copyright owner]"
#
#
# Portions Copyrighted 2014-2015 Nomura Research Institute, Ltd.
#
forgerock-oauth2-provider-description=OAuth2 Provider
a100=Authorization Code Lifetime (seconds)
a100.help=The time in seconds an authorization code is valid for
a101=Refresh Token Lifetime (seconds)
a101.help=The time in seconds a refresh token is valid for
a102=Access Token Lifetime (seconds)
a102.help=The time in seconds an access token is valid for
a103=Issue Refresh Tokens
a103.help=Check to enable generation of refresh tokens
a103a=Issue Refresh Tokens on Refreshing Access Tokens
a103a.help=Check to enable generation of refresh tokens when refreshing access tokens
a104=Scope Implementation Class
a104.help=The class that contains the required scope implementation
a104a=OpenID Connect 'profile' scope attribute values
a104a.help=Configure the mapping of user profile response attributes to data store attributes for the 'profile' scope.
a104b=OpenID Connect 'email' scope attribute value
a104b.help=Configure the data store attribute for the 'email' scope.
a104c=OpenID Connect 'address' scope attribute values
a104c.help=Configure the data store attribute for the 'address' scope.
a104d=OpenID Connect 'phone' scope attribute values
a104d.help=Configure the data store attribute for the 'phone' scope.
a105=Response Type Plugins
a105.help=Response types are input as such, code|name of plugin class. For example, code|org.forgerock.openam.oauth2.CodeClass. \
If there is no implementation class none should be used in place of the class name. For example id_token|none.
a106=User Profile Attribute(s) the Resource Owner is Authenticated On
a106.help=If the attribute is mail and uid, then a search string of (|(mail=user)(uid=user)) will be used to get the \
user profile, where user is the username entered during authentication.
a107=Saved Consent Attribute Name
a107.help=To use saved consent a list attribute must be set up and the attribute name provided.
a108=Supported Scoped
a108.help=A list of scopes this authorization server supports.
a109=Remote JSON Web Key URL
a109.help=The Remote URL where the providers JSON Web Key can be retrieved.
a110=Subject Types supported
a110.help=List of subject types supported. Values are pairwise and public. Pairwise is the same as confidential.
a111=ID Token Signing Algorithms supported
a111.help=Algorithms supported to sign id_tokens.
a112=Supported Claims
a112.help=List of claims supported by the userinfo endpoint.
a113=OpenID Connect JWT Token Lifetime (seconds)
a113.help=The amount of time in seconds the JWT will be valid for.
a114=Alias of ID Token Signing Key
a114.help=The name of the key put in the keystore used to sign the ID Tokens issued by OpenAM.
a115=Allow Open Dynamic Client Registration
a115.help=Allow clients to register without an access token. If enabled, you should consider adding some form of rate \
limiting. See <a href="http://openid.net/specs/openid-connect-registration-1_0.html#ClientRegistration" \
target="_blank">Client Registration</a> in the OpenID Connect specification for details.
a116=Generate Registration Access Tokens
a116.help=Whether to generate Registration Access Tokens for clients that register via open dynamic client \
registration. Such tokens allow the client to access the <a \
href="http://openid.net/specs/openid-connect-registration-1_0.html#ClientConfigurationEndpoint" \
target="_blank">Client Configuration Endpoint</a> as per the OpenID Connect specification. This setting has \
no effect if open dynamic client registration is disabled.
a117=OpenID Connect acr_values to Auth Chain Mapping
a117.help=Maps OpenID Connect ACR values to authentication chains. See <a \
href="http://openid.net/specs/openid-connect-core-1_0.html#AuthRequest" target="_blank">the acr_values parameter</a> \
in the OpenID Connect authentication request specification for more details.
a118=OpenID Connect default acr claim
a118.help=Default value to use as the 'acr' claim in an OpenID Connect ID Token when using the default authentication \
chain.
a119=OpenID Connect id_token amr values to Auth Module mappings
a119.help=If you require <code>amr</code> values to be returned in the OpenID Connect <code>id_token</code>, you can \
configure them here. Once authentication has completed, the authentication modules that were used from the \
authentication service will be mapped to the <code>amr</code> values. If you do not require amr values, or are not \
providing OpenID Connect tokens at all, this field can be left blank.
a120=Modified Timestamp attribute name
a120.help=The attribute name of the modified timestamp in the identity repository (must also be added to the User \
Attributes List on the Datastore Service page).
a121=Created Timestamp attribute name
a121.help=The attribute name of the created timestamp in the identity repository (must also be added to the User \
Attributes List on the Datastore Service page).