##Spring Boot Application Properties
| Application property name (Configuration Source) | required | default | description |
|---|---|---|---|
| MitreID OpenID Connect (ConfigurationPropertiesBean) | |||
| openid.connect.server.issuer | X | should match public URI for the server | |
| openid.connect.server.regTokenLifeTime | |||
| openid.connect.server.rqpTokenLifeTime | |||
| openid.connect.server.forceHttps | false | ||
| openid.connect.server.dualClient | false | ||
| Spring Datasource (DataSourceProperties) | |||
| spring.datasource.initialize | X | ||
| spring.datasource.schema | X | E.g. Embedded DB: "classpath:/db/tables/hsql_database_tables.sql,classpath:/db/tables/security-schema.sql" | |
| Cryptography and JWT Signing (CryptoConfig) | |||
| openid.connect.crypto.keystore.path | X | ||
| openid.connect.crypto.signing.defaultSignerKeyId | X | ||
| openid.connect.crypto.signing.defaultSigningAlgorithmName | X | ||
| openid.connect.crypto.encrypt.defaultAlgorithm | X | ||
| openid.connect.crypto.encrypt.defaultDecryptionKeyId | X | ||
| openid.connect.crypto.encrypt.defaultEncryptionKeyId | X | ||
| Scheduled Tasks (ScheduledTaskConfig) | |||
| openid.connect.scheduling.enabled | true | ||
| openid.connect.scheduling.corePoolSize | 5 | ||
| openid.connect.scheduling.tasks.clearExpiredTokens.fixedDelay | 30000 | ||
| openid.connect.scheduling.tasks.clearExpiredTokens.initialDelay | 60000 | ||
| openid.connect.scheduling.tasks.clearExpiredSites.fixedDelay | 30000 | ||
| openid.connect.scheduling.tasks.clearExpiredSites.initialDelay | 60000 | ||
| openid.connect.scheduling.tasks.clearExpiredAuthorizationCodes.fixedDelay | 30000 | ||
| openid.connect.scheduling.tasks.clearExpiredAuthorizationCodes.initialDelay | 60000 | ||
| Endpoint Configuration | |||
| openid.connect.server.endpoints.api.whitelist.enabled | true | When set to false the Whitelist API endpoint is not exposed. | |
| openid.connect.server.endpoints.api.approvedsite.enabled | true | When set to false the ApprovedSite API endpoint is not exposed. | |
| openid.connect.server.endpoints.api.blacklist.enabled | true | When set to false the Blacklist API endpoint is not exposed. | |
| openid.connect.server.endpoints.api.client.enabled | true | When set to false the Client API endpoint is not exposed. | |
| openid.connect.server.endpoints.api.data.enabled | true | When set to false the Data API endpoint is not exposed. | |
| openid.connect.server.endpoints.api.token.enabled | true | When set to false the Token API endpoint is not exposed. | |
| openid.connect.server.endpoints.api.scope.enabled | true | When set to false the Scope API endpoint is not exposed. | |
| openid.connect.server.endpoints.api.stats.enabled | true | When set to false the StatsAPI endpoint is not exposed. | |
| openid.connect.server.endpoints.oidc.dynamicclientregistration.enabled | true | When set to false the DynamicClientRegistration endpoint is not exposed. | |
| openid.connect.server.endpoints.oidc.jwksetpublishing.enabled | true | When set to false the JWKSetPublishing endpoint is not exposed. | |
| openid.connect.server.endpoints.oidc.userinfo.enabled | true | When set to false the UserInfo endpoint is not exposed. | |
| openid.connect.server.endpoints.oidc.discovery.enabled | true | When set to false the Discovery endpoint is not exposed. | |
| openid.connect.server.endpoints.protectedresourceregistration.enabled | true | When set to false the ProtectedResourceRegistration endpoint is not exposed. | |
openid:
connect:
server:
issuer: http://localhost:8080/
crypto:
keystore:
path: classpath:keystore.jwks
signing:
defaultSignerKeyId: rsa1
defaultSigningAlgorithmName: RS256
encrypt:
defaultAlgorithm: RSA1_5
defaultDecryptionKeyId: rsa1
defaultEncryptionKeyId: rsa1
spring:
datasource:
initialize: true
schema: classpath:/db/tables/hsql_database_tables.sql,classpath:/db/tables/security-schema.sql