Field | Description |
Issuer Value | This is the location where resources containing information about the authorization server are published. The issuer generally matches the “iss” value in the payload section of the bearer token. |
User ID Claim | Claims are key/value pairs that contain information about a user. This field represents the Claim name containing the User ID. By default it takes the value “upn”. |
Issuer Claim | Indicates the domain binding claim name. If this is not set, “iss” is the default value. This field is used to receive tokens that do not carry an “iss” claim. |
Group Claim | Indicates the key that is part of the token and holds the different groups defined in TDV. |
Group Format | The domain and principal given in a specific format. if left blank, the default format is domain/principal. A delimiter is required. |
Group Separator | Indicates the separator used in the list of TDV groups. The default is space. |
Validation | The method used for validating the token. It can be Secret, Public Key or JWKS. JWKS - JSON Web Key Set endpoint containing information about public keys. The public keys are used to verify the JSON Web Token (bearer token) issued by the authorization server. Secret - The Secret is part of the signature in the bearer token. The signature is a hash generated by a cryptographic algorithm looking at the header and payload. The hash will be used to verify that the token created by the authorization server has not been tampered. Public Key - This is the authorization server’s Public Key. Public keys are in JSON Web Key (JWK) format and is used to verify the bearer token issued by the authorization server. |
Claim Info Endpoint | The Claim Info Endpoint is an OAuth2 protected resource that returns Claims about the authenticated End-User. |
Claim Info JSON | The specific Claim as a name and value pair in JSON format, for which you can assign privileges and define rules and policies to access the published TDV resources. Multiple Claims can be given as comma-separated. The Claim values can also be in an array. |
Annotation | This is an optional description for the domain. |