ModelOp Center , adheres to the Spring Security Architecture for OAuth2 applications.
...
| Code Block | ||
|---|---|---|
| ||
oauth2:
# Values for Resource Servers.
resource-server:
# Specifically opaque-queryparam is for a specific client needs that supports 2 OAuth2 providers at the same time...
opaque-queryparam:
queryparam: otoken
introspection-uri: https://authorization.server/rs/validate/AppIdClaim |
...
Token Claims to User Attributes Mapping
By default, ModelOp Center maps each user attribute to its corresponding standard claim. The standard claims used by ModelOp Center are defined in the OpenID Connect specification as a set of OpenID Connect Standard Claims. For the complete list of standard claims, please refer to section 5.1 Standard Claims of the OpenID Connect specification.
ModelOp Center’s default use of the standard claims can be adjusted to use other claims by adding configuration properties. For example, the standard claim for a user’s given name is given_name. However, if that particular claim is not available, one could use the username claim instead (assuming the claim is available) by adding the following configuration properties:
| Code Block | ||
|---|---|---|
| ||
oauth2:
resource-server:
base-conf:
claim-names:
givenName: username |
Please note that the configuration above is overriding one claim name only, but multiple or all claim names can be overridden, if necessary.