OpenID Connect Policy Fields
| Field/Field set | Description |
|---|---|
| When this policy should be applied | An expression that defines one or more conditions that must be
true for the policy to execute.
Default value: N/A Example: The expression |
| Use OpenID Connect |
Select to use an OpenID Connect (OIDC) vendor as the 3rd-party IdP. |
| OpenID Discovery Document URL |
Required. The OIDC discovery document URL. |
| Login URL |
Required. The authorization endpoint for the IdP from the Discovery Document. |
| JWS Algorithm |
The algorithm used to generate the JSON Web Token. The Discovery Document contains
an Select one of the following algorithm types:
Default value: RS256 |
| Required Scopes |
Required.
The list of scopes required to get information about a
user. The list of scopes becomes a list of roles and your Policy needs to authorize one with
the Authorize By Role Policy policy. If the open discovery document doesn't
define a role, APIM defaults to the |
| Access Token URL |
Required. The provider’s access token URL. |
| Client ID |
Required. The ID of the SnapLogic application registered with the OAuth2 provider. |
| Client Secret |
Required. The client secret for the SnapLogic application registered with the OAuth2 provider. |
| Redirect URI | The URI of the Snaplex load-balancer appended with
/api/1/rest/oauth2/callback Example: https://groundplex.example.com/api/1/rest/oauth2/callback |
| Session: Time-To-Live in Seconds |
Required. The number of seconds for which the session is active. Refer to OAuth session management for information on manually closing sessions. Default value: 86400 Example: 90000 |
| OAuth State: Time-To-Live in Seconds |
Required. The number of seconds for which the OAuth state is active. Default value: 300 Example: 1000 |
| Description | Use this policy to authenticate a client by delegating the authentication to an OAuth2
provider. Default value: Authorizes requests using specified OAuth service. |