Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
documentation:latest:idpopenidconnect [2019/04/29 17:39]
coudot [Presentation]
documentation:latest:idpopenidconnect [2019/04/30 20:21] (current)
Line 148: Line 148:
     * **Client secret**: Client secret for this RP (can be use for symmetric signature)     * **Client secret**: Client secret for this RP (can be use for symmetric signature)
     * **Public client** (since version ''​2.0.4''​):​ set this RP as public client, so authentication is not needed on token endpoint     * **Public client** (since version ''​2.0.4''​):​ set this RP as public client, so authentication is not needed on token endpoint
 +    * **Require PKCE** (since version ''​2.0.4''​):​ a code challenge is required at token endpoint (see [[https://​tools.ietf.org/​html/​rfc7636|RFC7636]])
   * **Display**:​   * **Display**:​
     * **Display name**: Name of the RP application     * **Display name**: Name of the RP application
     * **Logo**: Logo of the RP application     * **Logo**: Logo of the RP application
-  * **User attribute**:​ session field that with be used as main identifier (''​sub''​)+  * **User attribute**:​ session field that will be used as main identifier (''​sub''​)
   * **ID Token signature algorithm**:​ Select one of ''​none'',​ ''​HS256'',​ ''​HS384'',​ ''​HS512'',​ ''​RS256'',​ ''​RS384'',​ ''​RS512''​   * **ID Token signature algorithm**:​ Select one of ''​none'',​ ''​HS256'',​ ''​HS384'',​ ''​HS512'',​ ''​RS256'',​ ''​RS384'',​ ''​RS512''​
   * **ID Token expiration**:​ Expiration time of ID Tokens   * **ID Token expiration**:​ Expiration time of ID Tokens