From 9d27cb16103b63de2c75485c02c6132596ad3842 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 9 Nov 2024 01:54:54 +0000 Subject: [PATCH] Sync documentation of main branch --- .../main/config/quarkus-all-config.adoc | 1100 ++++++++++++++++- .../quarkus-container-image-docker.adoc | 14 + ...container-image-docker_quarkus.docker.adoc | 14 + .../quarkus-container-image-podman.adoc | 14 + ...container-image-podman_quarkus.podman.adoc | 14 + .../main/config/quarkus-core_quarkus.log.adoc | 356 +++++- .../config/quarkus-devservices-keycloak.adoc | 2 +- ...devservices-keycloak_quarkus.keycloak.adoc | 2 +- .../main/config/quarkus-logging-json.adoc | 262 ++++ .../quarkus-logging-json_quarkus.log.adoc | 262 ++++ .../main/config/quarkus-narayana-jta.adoc | 14 + ...ayana-jta_quarkus.transaction-manager.adoc | 14 + .../quarkus-oidc-client-registration.adoc | 66 + ...tion_quarkus.oidc-client-registration.adoc | 66 + .../main/config/quarkus-oidc-client.adoc | 186 ++- ...arkus-oidc-client_quarkus.oidc-client.adoc | 186 ++- _generated-doc/main/config/quarkus-oidc.adoc | 186 ++- .../config/quarkus-oidc_quarkus.oidc.adoc | 186 ++- .../main/infra/quarkus-all-build-items.adoc | 15 + .../guides/centralized-log-management.adoc | 72 ++ _versions/main/guides/logging.adoc | 18 + 21 files changed, 3030 insertions(+), 19 deletions(-) diff --git a/_generated-doc/main/config/quarkus-all-config.adoc b/_generated-doc/main/config/quarkus-all-config.adoc index 029ad0b64c8..ce07324ac00 100644 --- a/_generated-doc/main/config/quarkus-all-config.adoc +++ b/_generated-doc/main/config/quarkus-all-config.adoc @@ -2160,6 +2160,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-docker_quarkus- [.description] -- +Path to the JVM Dockerfile. If set to an absolute path then the absolute path will be used, otherwise the path will be considered relative to the project root. If not set src/main/docker/Dockerfile.jvm will be used. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_DOCKER_DOCKERFILE_JVM_PATH+++[] @@ -2175,6 +2177,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-docker_quarkus- [.description] -- +Path to the native Dockerfile. If set to an absolute path then the absolute path will be used, otherwise the path will be considered relative to the project root. If not set src/main/docker/Dockerfile.native will be used. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_DOCKER_DOCKERFILE_NATIVE_PATH+++[] @@ -2190,6 +2194,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-docker_quarkus- [.description] -- +Build args passed to docker via `--build-arg` + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_DOCKER_BUILD_ARGS__ARG_NAME_+++[] @@ -2205,6 +2211,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-docker_quarkus- [.description] -- +Images to consider as cache sources. Values are passed to `docker build`/`podman build` via the `cache-from` option + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_DOCKER_CACHE_FROM+++[] @@ -2220,6 +2228,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-docker_quarkus- [.description] -- +The networking mode for the RUN instructions during build + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_DOCKER_NETWORK+++[] @@ -2235,6 +2245,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-docker_quarkus- [.description] -- +Name of binary used to execute the docker/podman commands. This setting can override the global container runtime detection. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_DOCKER_EXECUTABLE_NAME+++[] @@ -2250,6 +2262,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-docker_quarkus- [.description] -- +Additional arbitrary arguments passed to the executable when building the container image. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_DOCKER_ADDITIONAL_ARGS+++[] @@ -3173,6 +3187,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-podman_quarkus- [.description] -- +Path to the JVM Dockerfile. If set to an absolute path then the absolute path will be used, otherwise the path will be considered relative to the project root. If not set src/main/docker/Dockerfile.jvm will be used. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_PODMAN_DOCKERFILE_JVM_PATH+++[] @@ -3188,6 +3204,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-podman_quarkus- [.description] -- +Path to the native Dockerfile. If set to an absolute path then the absolute path will be used, otherwise the path will be considered relative to the project root. If not set src/main/docker/Dockerfile.native will be used. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_PODMAN_DOCKERFILE_NATIVE_PATH+++[] @@ -3203,6 +3221,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-podman_quarkus- [.description] -- +Build args passed to docker via `--build-arg` + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_PODMAN_BUILD_ARGS__ARG_NAME_+++[] @@ -3218,6 +3238,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-podman_quarkus- [.description] -- +Images to consider as cache sources. Values are passed to `docker build`/`podman build` via the `cache-from` option + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_PODMAN_CACHE_FROM+++[] @@ -3233,6 +3255,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-podman_quarkus- [.description] -- +The networking mode for the RUN instructions during build + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_PODMAN_NETWORK+++[] @@ -3248,6 +3272,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-podman_quarkus- [.description] -- +Name of binary used to execute the docker/podman commands. This setting can override the global container runtime detection. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_PODMAN_EXECUTABLE_NAME+++[] @@ -3263,6 +3289,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-podman_quarkus- [.description] -- +Additional arbitrary arguments passed to the executable when building the container image. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_PODMAN_ADDITIONAL_ARGS+++[] @@ -5123,7 +5151,7 @@ a| [[quarkus-core_quarkus-log-file-rotation-max-file-size]] [.property-path]##li [.description] -- -The maximum log file size, after which a rotation is executed. +The maximum log file size, after which a rotation is executed. Note that the file is rotated _after_ the log record is written. Thus, this isn't a hard maximum on the file size; rather, it's a hard _minimum_ on the size of the file before it is rotated. ifdef::add-copy-button-to-env-var[] @@ -5493,6 +5521,182 @@ a|`block`, `discard` |`block` +h|[[quarkus-core_section_quarkus-log-socket]] [.section-name.section-level1]##link:#quarkus-core_section_quarkus-log-socket[Socket logging]## +h|Type +h|Default + +a| [[quarkus-core_quarkus-log-socket-enable]] [.property-path]##link:#quarkus-core_quarkus-log-socket-enable[`quarkus.log.socket.enable`]## + +[.description] +-- +If socket logging should be enabled + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_ENABLE+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_ENABLE+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`false` + +a| [[quarkus-core_quarkus-log-socket-endpoint]] [.property-path]##link:#quarkus-core_quarkus-log-socket-endpoint[`quarkus.log.socket.endpoint`]## + +[.description] +-- +The IP address and port of the server receiving the logs + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_ENDPOINT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_ENDPOINT+++` +endif::add-copy-button-to-env-var[] +-- +|host:port +|`localhost:4560` + +a| [[quarkus-core_quarkus-log-socket-protocol]] [.property-path]##link:#quarkus-core_quarkus-log-socket-protocol[`quarkus.log.socket.protocol`]## + +[.description] +-- +Sets the protocol used to connect to the syslog server + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_PROTOCOL+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_PROTOCOL+++` +endif::add-copy-button-to-env-var[] +-- +a|`tcp`, `udp`, `ssl-tcp` +|`tcp` + +a| [[quarkus-core_quarkus-log-socket-block-on-reconnect]] [.property-path]##link:#quarkus-core_quarkus-log-socket-block-on-reconnect[`quarkus.log.socket.block-on-reconnect`]## + +[.description] +-- +Enables or disables blocking when attempting to reconnect a `Protocol++#++TCP +TCP` or `Protocol++#++SSL_TCP SSL TCP` protocol + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_BLOCK_ON_RECONNECT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_BLOCK_ON_RECONNECT+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`false` + +a| [[quarkus-core_quarkus-log-socket-format]] [.property-path]##link:#quarkus-core_quarkus-log-socket-format[`quarkus.log.socket.format`]## + +[.description] +-- +The log message format + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_FORMAT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_FORMAT+++` +endif::add-copy-button-to-env-var[] +-- +|string +|`%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c{3.}] (%t) %s%e%n` + +a| [[quarkus-core_quarkus-log-socket-level]] [.property-path]##link:#quarkus-core_quarkus-log-socket-level[`quarkus.log.socket.level`]## + +[.description] +-- +The log level specifying, which message levels will be logged by socket logger + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_LEVEL+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_LEVEL+++` +endif::add-copy-button-to-env-var[] +-- +|link:https://javadoc.io/doc/org.jboss.logmanager/jboss-logmanager/latest/org/jboss/logmanager/Level.html[Level] +|`ALL` + +a| [[quarkus-core_quarkus-log-socket-filter]] [.property-path]##link:#quarkus-core_quarkus-log-socket-filter[`quarkus.log.socket.filter`]## + +[.description] +-- +The name of the filter to link to the file handler. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_FILTER+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_FILTER+++` +endif::add-copy-button-to-env-var[] +-- +|string +| + +a| [[quarkus-core_quarkus-log-socket-async]] [.property-path]##link:#quarkus-core_quarkus-log-socket-async[`quarkus.log.socket.async`]## + +[.description] +-- +Indicates whether to log asynchronously + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_ASYNC+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_ASYNC+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`false` + +a| [[quarkus-core_quarkus-log-socket-async-queue-length]] [.property-path]##link:#quarkus-core_quarkus-log-socket-async-queue-length[`quarkus.log.socket.async.queue-length`]## + +[.description] +-- +The queue length to use before flushing writing + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_ASYNC_QUEUE_LENGTH+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_ASYNC_QUEUE_LENGTH+++` +endif::add-copy-button-to-env-var[] +-- +|int +|`512` + +a| [[quarkus-core_quarkus-log-socket-async-overflow]] [.property-path]##link:#quarkus-core_quarkus-log-socket-async-overflow[`quarkus.log.socket.async.overflow`]## + +[.description] +-- +Determine whether to block the publisher (rather than drop the message) when the queue is full + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_ASYNC_OVERFLOW+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_ASYNC_OVERFLOW+++` +endif::add-copy-button-to-env-var[] +-- +a|`block`, `discard` +|`block` + + h|[[quarkus-core_section_quarkus-log-handler-console]] [.section-name.section-level1]##link:#quarkus-core_section_quarkus-log-handler-console[Console handlers]## h|Type h|Default @@ -5812,7 +6016,7 @@ a| [[quarkus-core_quarkus-log-handler-file-file-handlers-rotation-max-file-size] [.description] -- -The maximum log file size, after which a rotation is executed. +The maximum log file size, after which a rotation is executed. Note that the file is rotated _after_ the log record is written. Thus, this isn't a hard maximum on the file size; rather, it's a hard _minimum_ on the size of the file before it is rotated. ifdef::add-copy-button-to-env-var[] @@ -6182,6 +6386,182 @@ a|`block`, `discard` |`block` +h|[[quarkus-core_section_quarkus-log-handler-socket]] [.section-name.section-level1]##link:#quarkus-core_section_quarkus-log-handler-socket[Socket handlers]## +h|Type +h|Default + +a| [[quarkus-core_quarkus-log-handler-socket-socket-handlers-enable]] [.property-path]##link:#quarkus-core_quarkus-log-handler-socket-socket-handlers-enable[`quarkus.log.handler.socket."socket-handlers".enable`]## + +[.description] +-- +If socket logging should be enabled + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__ENABLE+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__ENABLE+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`false` + +a| [[quarkus-core_quarkus-log-handler-socket-socket-handlers-endpoint]] [.property-path]##link:#quarkus-core_quarkus-log-handler-socket-socket-handlers-endpoint[`quarkus.log.handler.socket."socket-handlers".endpoint`]## + +[.description] +-- +The IP address and port of the server receiving the logs + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__ENDPOINT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__ENDPOINT+++` +endif::add-copy-button-to-env-var[] +-- +|host:port +|`localhost:4560` + +a| [[quarkus-core_quarkus-log-handler-socket-socket-handlers-protocol]] [.property-path]##link:#quarkus-core_quarkus-log-handler-socket-socket-handlers-protocol[`quarkus.log.handler.socket."socket-handlers".protocol`]## + +[.description] +-- +Sets the protocol used to connect to the syslog server + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__PROTOCOL+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__PROTOCOL+++` +endif::add-copy-button-to-env-var[] +-- +a|`tcp`, `udp`, `ssl-tcp` +|`tcp` + +a| [[quarkus-core_quarkus-log-handler-socket-socket-handlers-block-on-reconnect]] [.property-path]##link:#quarkus-core_quarkus-log-handler-socket-socket-handlers-block-on-reconnect[`quarkus.log.handler.socket."socket-handlers".block-on-reconnect`]## + +[.description] +-- +Enables or disables blocking when attempting to reconnect a `Protocol++#++TCP +TCP` or `Protocol++#++SSL_TCP SSL TCP` protocol + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__BLOCK_ON_RECONNECT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__BLOCK_ON_RECONNECT+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`false` + +a| [[quarkus-core_quarkus-log-handler-socket-socket-handlers-format]] [.property-path]##link:#quarkus-core_quarkus-log-handler-socket-socket-handlers-format[`quarkus.log.handler.socket."socket-handlers".format`]## + +[.description] +-- +The log message format + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__FORMAT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__FORMAT+++` +endif::add-copy-button-to-env-var[] +-- +|string +|`%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c{3.}] (%t) %s%e%n` + +a| [[quarkus-core_quarkus-log-handler-socket-socket-handlers-level]] [.property-path]##link:#quarkus-core_quarkus-log-handler-socket-socket-handlers-level[`quarkus.log.handler.socket."socket-handlers".level`]## + +[.description] +-- +The log level specifying, which message levels will be logged by socket logger + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__LEVEL+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__LEVEL+++` +endif::add-copy-button-to-env-var[] +-- +|link:https://javadoc.io/doc/org.jboss.logmanager/jboss-logmanager/latest/org/jboss/logmanager/Level.html[Level] +|`ALL` + +a| [[quarkus-core_quarkus-log-handler-socket-socket-handlers-filter]] [.property-path]##link:#quarkus-core_quarkus-log-handler-socket-socket-handlers-filter[`quarkus.log.handler.socket."socket-handlers".filter`]## + +[.description] +-- +The name of the filter to link to the file handler. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__FILTER+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__FILTER+++` +endif::add-copy-button-to-env-var[] +-- +|string +| + +a| [[quarkus-core_quarkus-log-handler-socket-socket-handlers-async]] [.property-path]##link:#quarkus-core_quarkus-log-handler-socket-socket-handlers-async[`quarkus.log.handler.socket."socket-handlers".async`]## + +[.description] +-- +Indicates whether to log asynchronously + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__ASYNC+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__ASYNC+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`false` + +a| [[quarkus-core_quarkus-log-handler-socket-socket-handlers-async-queue-length]] [.property-path]##link:#quarkus-core_quarkus-log-handler-socket-socket-handlers-async-queue-length[`quarkus.log.handler.socket."socket-handlers".async.queue-length`]## + +[.description] +-- +The queue length to use before flushing writing + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__ASYNC_QUEUE_LENGTH+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__ASYNC_QUEUE_LENGTH+++` +endif::add-copy-button-to-env-var[] +-- +|int +|`512` + +a| [[quarkus-core_quarkus-log-handler-socket-socket-handlers-async-overflow]] [.property-path]##link:#quarkus-core_quarkus-log-handler-socket-socket-handlers-async-overflow[`quarkus.log.handler.socket."socket-handlers".async.overflow`]## + +[.description] +-- +Determine whether to block the publisher (rather than drop the message) when the queue is full + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__ASYNC_OVERFLOW+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__ASYNC_OVERFLOW+++` +endif::add-copy-button-to-env-var[] +-- +a|`block`, `discard` +|`block` + + h|[[quarkus-core_section_quarkus-log-filter]] [.section-name.section-level1]##link:#quarkus-core_section_quarkus-log-filter[Log cleanup filters - internal use]## h|Type h|Default @@ -9025,7 +9405,7 @@ a|icon:lock[title=Fixed at build time] [[quarkus-devservices-keycloak_quarkus-ke [.description] -- -Specifies whether to create the default client id `quarkus-app` with a secret `secret`and register them if the `create-realm` property is set to true. For OIDC extension configuration properties `quarkus.oidc.client.id` and `quarkus.oidc.credentials.secret` will be configured. For OIDC Client extension configuration properties `quarkus.oidc-client.client.id` and `quarkus.oidc-client.credentials.secret` will be configured. Set to `false` if clients have to be created using either the Keycloak Administration Console or the Keycloak Admin API provided by `io.quarkus.test.common.QuarkusTestResourceLifecycleManager` or registered dynamically. +Specifies whether to create the default client id `quarkus-app` with a secret `secret` and register them if the `create-realm` property is set to true. For OIDC extension configuration properties `quarkus.oidc.client.id` and `quarkus.oidc.credentials.secret` will be configured. For OIDC Client extension configuration properties `quarkus.oidc-client.client.id` and `quarkus.oidc-client.credentials.secret` will be configured. Set to `false` if clients have to be created using either the Keycloak Administration Console or the Keycloak Admin API provided by `io.quarkus.test.common.QuarkusTestResourceLifecycleManager` or registered dynamically. ifdef::add-copy-button-to-env-var[] @@ -46850,6 +47230,23 @@ endif::add-copy-button-to-env-var[] a|`string`, `int`, `long` |`string` +a| [[quarkus-logging-json_quarkus-log-console-json-log-format]] [.property-path]##link:#quarkus-logging-json_quarkus-log-console-json-log-format[`quarkus.log.console.json.log-format`]## + +[.description] +-- +Specify the format of the produced JSON + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_CONSOLE_JSON_LOG_FORMAT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_CONSOLE_JSON_LOG_FORMAT+++` +endif::add-copy-button-to-env-var[] +-- +a|`default`, `ecs` +|`default` + h|[[quarkus-logging-json_section_quarkus-log-file-json]] [.section-name.section-level0]##link:#quarkus-logging-json_section_quarkus-log-file-json[File logging]## h|Type @@ -47044,6 +47441,23 @@ endif::add-copy-button-to-env-var[] a|`string`, `int`, `long` |`string` +a| [[quarkus-logging-json_quarkus-log-file-json-log-format]] [.property-path]##link:#quarkus-logging-json_quarkus-log-file-json-log-format[`quarkus.log.file.json.log-format`]## + +[.description] +-- +Specify the format of the produced JSON + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_FILE_JSON_LOG_FORMAT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_FILE_JSON_LOG_FORMAT+++` +endif::add-copy-button-to-env-var[] +-- +a|`default`, `ecs` +|`default` + h|[[quarkus-logging-json_section_quarkus-log-syslog-json]] [.section-name.section-level0]##link:#quarkus-logging-json_section_quarkus-log-syslog-json[Syslog logging]## h|Type @@ -47238,6 +47652,234 @@ endif::add-copy-button-to-env-var[] a|`string`, `int`, `long` |`string` +a| [[quarkus-logging-json_quarkus-log-syslog-json-log-format]] [.property-path]##link:#quarkus-logging-json_quarkus-log-syslog-json-log-format[`quarkus.log.syslog.json.log-format`]## + +[.description] +-- +Specify the format of the produced JSON + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SYSLOG_JSON_LOG_FORMAT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SYSLOG_JSON_LOG_FORMAT+++` +endif::add-copy-button-to-env-var[] +-- +a|`default`, `ecs` +|`default` + + +h|[[quarkus-logging-json_section_quarkus-log-socket-json]] [.section-name.section-level0]##link:#quarkus-logging-json_section_quarkus-log-socket-json[Socket logging]## +h|Type +h|Default + +a| [[quarkus-logging-json_quarkus-log-socket-json]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json[`quarkus.log.socket.json`]## + +[.description] +-- +Determine whether to enable the JSON console formatting extension, which disables "normal" console formatting. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`true` + +a| [[quarkus-logging-json_quarkus-log-socket-json-pretty-print]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-pretty-print[`quarkus.log.socket.json.pretty-print`]## + +[.description] +-- +Enable "pretty printing" of the JSON record. Note that some JSON parsers will fail to read the pretty printed output. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_PRETTY_PRINT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_PRETTY_PRINT+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`false` + +a| [[quarkus-logging-json_quarkus-log-socket-json-date-format]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-date-format[`quarkus.log.socket.json.date-format`]## + +[.description] +-- +The date format to use. The special string "default" indicates that the default format should be used. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_DATE_FORMAT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_DATE_FORMAT+++` +endif::add-copy-button-to-env-var[] +-- +|string +|`default` + +a| [[quarkus-logging-json_quarkus-log-socket-json-record-delimiter]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-record-delimiter[`quarkus.log.socket.json.record-delimiter`]## + +[.description] +-- +The special end-of-record delimiter to be used. By default, newline is used. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_RECORD_DELIMITER+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_RECORD_DELIMITER+++` +endif::add-copy-button-to-env-var[] +-- +|string +| + +a| [[quarkus-logging-json_quarkus-log-socket-json-zone-id]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-zone-id[`quarkus.log.socket.json.zone-id`]## + +[.description] +-- +The zone ID to use. The special string "default" indicates that the default zone should be used. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_ZONE_ID+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_ZONE_ID+++` +endif::add-copy-button-to-env-var[] +-- +|string +|`default` + +a| [[quarkus-logging-json_quarkus-log-socket-json-exception-output-type]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-exception-output-type[`quarkus.log.socket.json.exception-output-type`]## + +[.description] +-- +The exception output type to specify. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_EXCEPTION_OUTPUT_TYPE+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_EXCEPTION_OUTPUT_TYPE+++` +endif::add-copy-button-to-env-var[] +-- +a|`detailed`, `formatted`, `detailed-and-formatted` +|`detailed` + +a| [[quarkus-logging-json_quarkus-log-socket-json-print-details]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-print-details[`quarkus.log.socket.json.print-details`]## + +[.description] +-- +Enable printing of more details in the log. + +Printing the details can be expensive as the values are retrieved from the caller. The details include the source class name, source file name, source method name, and source line number. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_PRINT_DETAILS+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_PRINT_DETAILS+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`false` + +a| [[quarkus-logging-json_quarkus-log-socket-json-key-overrides]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-key-overrides[`quarkus.log.socket.json.key-overrides`]## + +[.description] +-- +Override keys with custom values. Omitting this value indicates that no key overrides will be applied. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_KEY_OVERRIDES+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_KEY_OVERRIDES+++` +endif::add-copy-button-to-env-var[] +-- +|string +| + +a| [[quarkus-logging-json_quarkus-log-socket-json-excluded-keys]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-excluded-keys[`quarkus.log.socket.json.excluded-keys`]## + +[.description] +-- +Keys to be excluded from the JSON output. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_EXCLUDED_KEYS+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_EXCLUDED_KEYS+++` +endif::add-copy-button-to-env-var[] +-- +|list of string +| + +a| [[quarkus-logging-json_quarkus-log-socket-json-additional-field-field-name-value]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-additional-field-field-name-value[`quarkus.log.socket.json.additional-field."field-name".value`]## + +[.description] +-- +Additional field value. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_ADDITIONAL_FIELD__FIELD_NAME__VALUE+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_ADDITIONAL_FIELD__FIELD_NAME__VALUE+++` +endif::add-copy-button-to-env-var[] +-- +|string +|required icon:exclamation-circle[title=Configuration property is required] + +a| [[quarkus-logging-json_quarkus-log-socket-json-additional-field-field-name-type]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-additional-field-field-name-type[`quarkus.log.socket.json.additional-field."field-name".type`]## + +[.description] +-- +Additional field type specification. Supported types: `string`, `int`, and `long`. String is the default if not specified. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_ADDITIONAL_FIELD__FIELD_NAME__TYPE+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_ADDITIONAL_FIELD__FIELD_NAME__TYPE+++` +endif::add-copy-button-to-env-var[] +-- +a|`string`, `int`, `long` +|`string` + +a| [[quarkus-logging-json_quarkus-log-socket-json-log-format]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-log-format[`quarkus.log.socket.json.log-format`]## + +[.description] +-- +Specify the format of the produced JSON + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_LOG_FORMAT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_LOG_FORMAT+++` +endif::add-copy-button-to-env-var[] +-- +a|`default`, `ecs` +|`default` + h|[.extension-name]##Mailer## @@ -51953,6 +52595,8 @@ a| [[quarkus-narayana-jta_quarkus-transaction-manager-object-store-directory]] [ [.description] -- +The name of the directory where the transaction logs will be stored when using the `file-system` object store. If the value is not absolute then the directory is relative to the _user.dir_ system property. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_TRANSACTION_MANAGER_OBJECT_STORE_DIRECTORY+++[] @@ -51968,6 +52612,8 @@ a| [[quarkus-narayana-jta_quarkus-transaction-manager-object-store-type]] [.prop [.description] -- +The type of object store. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_TRANSACTION_MANAGER_OBJECT_STORE_TYPE+++[] @@ -51983,6 +52629,10 @@ a| [[quarkus-narayana-jta_quarkus-transaction-manager-object-store-datasource]] [.description] -- +The name of the datasource where the transaction logs will be stored when using the `jdbc` object store. + +If undefined, it will use the default datasource. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_TRANSACTION_MANAGER_OBJECT_STORE_DATASOURCE+++[] @@ -51998,6 +52648,8 @@ a| [[quarkus-narayana-jta_quarkus-transaction-manager-object-store-create-table] [.description] -- +Whether to create the table if it does not exist. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_TRANSACTION_MANAGER_OBJECT_STORE_CREATE_TABLE+++[] @@ -52013,6 +52665,8 @@ a| [[quarkus-narayana-jta_quarkus-transaction-manager-object-store-drop-table]] [.description] -- +Whether to drop the table on startup. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_TRANSACTION_MANAGER_OBJECT_STORE_DROP_TABLE+++[] @@ -52028,6 +52682,8 @@ a| [[quarkus-narayana-jta_quarkus-transaction-manager-object-store-table-prefix] [.description] -- +The prefix to apply to the table. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_TRANSACTION_MANAGER_OBJECT_STORE_TABLE_PREFIX+++[] @@ -52452,6 +53108,8 @@ a| [[quarkus-oidc_quarkus-oidc-auth-server-url]] [.property-path]##link:#quarkus [.description] -- +The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_AUTH_SERVER_URL+++[] @@ -52467,6 +53125,8 @@ a| [[quarkus-oidc_quarkus-oidc-discovery-enabled]] [.property-path]##link:#quark [.description] -- +Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_DISCOVERY_ENABLED+++[] @@ -52482,6 +53142,8 @@ a| [[quarkus-oidc_quarkus-oidc-registration-path]] [.property-path]##link:#quark [.description] -- +The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_REGISTRATION_PATH+++[] @@ -52497,6 +53159,8 @@ a| [[quarkus-oidc_quarkus-oidc-connection-delay]] [.property-path]##link:#quarku [.description] -- +The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CONNECTION_DELAY+++[] @@ -52512,6 +53176,8 @@ a| [[quarkus-oidc_quarkus-oidc-connection-retry-count]] [.property-path]##link:# [.description] -- +The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CONNECTION_RETRY_COUNT+++[] @@ -52527,6 +53193,8 @@ a| [[quarkus-oidc_quarkus-oidc-connection-timeout]] [.property-path]##link:#quar [.description] -- +The number of seconds after which the current OIDC connection request times out. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CONNECTION_TIMEOUT+++[] @@ -52542,6 +53210,8 @@ a| [[quarkus-oidc_quarkus-oidc-use-blocking-dns-lookup]] [.property-path]##link: [.description] -- +Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_USE_BLOCKING_DNS_LOOKUP+++[] @@ -52557,6 +53227,8 @@ a| [[quarkus-oidc_quarkus-oidc-max-pool-size]] [.property-path]##link:#quarkus-o [.description] -- +The maximum size of the connection pool used by the WebClient. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_MAX_POOL_SIZE+++[] @@ -52572,6 +53244,8 @@ a| [[quarkus-oidc_quarkus-oidc-follow-redirects]] [.property-path]##link:#quarku [.description] -- +Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_FOLLOW_REDIRECTS+++[] @@ -52587,6 +53261,9 @@ a| [[quarkus-oidc_quarkus-oidc-proxy-host]] [.property-path]##link:#quarkus-oidc [.description] -- +The host name or IP address of the Proxy. + +Note: If the OIDC adapter requires a Proxy to talk with the OIDC server (Provider), set this value to enable the usage of a Proxy. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_PROXY_HOST+++[] @@ -52602,6 +53279,8 @@ a| [[quarkus-oidc_quarkus-oidc-proxy-port]] [.property-path]##link:#quarkus-oidc [.description] -- +The port number of the Proxy. The default value is `80`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_PROXY_PORT+++[] @@ -52617,6 +53296,8 @@ a| [[quarkus-oidc_quarkus-oidc-proxy-username]] [.property-path]##link:#quarkus- [.description] -- +The username, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_PROXY_USERNAME+++[] @@ -52632,6 +53313,8 @@ a| [[quarkus-oidc_quarkus-oidc-proxy-password]] [.property-path]##link:#quarkus- [.description] -- +The password, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_PROXY_PASSWORD+++[] @@ -52647,6 +53330,12 @@ a| [[quarkus-oidc_quarkus-oidc-tls-tls-configuration-name]] [.property-path]##li [.description] -- +The name of the TLS configuration to use. + +If a name is configured, it uses the configuration from `quarkus.tls..++*++` If a name is configured, but no TLS configuration is found with that name then an error will be thrown. + +The default TLS configuration is *not* used by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_TLS_TLS_CONFIGURATION_NAME+++[] @@ -52662,6 +53351,8 @@ a| [[quarkus-oidc_quarkus-oidc-token-path]] [.property-path]##link:#quarkus-oidc [.description] -- +The OIDC token endpoint that issues access and refresh tokens; specified as a relative path or absolute URL. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_TOKEN_PATH+++[] @@ -52677,6 +53368,8 @@ a| [[quarkus-oidc_quarkus-oidc-revoke-path]] [.property-path]##link:#quarkus-oid [.description] -- +The relative path or absolute URL of the OIDC token revocation endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_REVOKE_PATH+++[] @@ -52692,6 +53385,8 @@ a| [[quarkus-oidc_quarkus-oidc-client-id]] [.property-path]##link:#quarkus-oidc_ [.description] -- +The client id of the application. Each application has a client id that is used to identify the application. Setting the client id is not required if `application-type` is `service` and no token introspection is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_ID+++[] @@ -52707,6 +53402,8 @@ a| [[quarkus-oidc_quarkus-oidc-client-name]] [.property-path]##link:#quarkus-oid [.description] -- +The client name of the application. It is meant to represent a human readable description of the application which you may provide when an application (client) is registered in an OpenId Connect provider's dashboard. For example, you can set this property to have more informative log messages which record an activity of the given client. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_NAME+++[] @@ -52722,6 +53419,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-secret]] [.property-path]##link:#quar [.description] -- +The client secret used by the `client_secret_basic` authentication method. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. You can use `client-secret.value` instead, but both properties are mutually exclusive. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_SECRET+++[] @@ -52737,6 +53436,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-client-secret-value]] [.property-path [.description] -- +The client secret value. This value is ignored if `credentials.secret` is set. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_CLIENT_SECRET_VALUE+++[] @@ -52752,6 +53453,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-client-secret-provider-name]] [.prope [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_CLIENT_SECRET_PROVIDER_NAME+++[] @@ -52767,6 +53470,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-client-secret-provider-keyring-name]] [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_CLIENT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -52782,6 +53487,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-client-secret-provider-key]] [.proper [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_CLIENT_SECRET_PROVIDER_KEY+++[] @@ -52797,6 +53504,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-client-secret-method]] [.property-pat [.description] -- +The authentication method. If the `clientSecret.value` secret is set, this method is `basic` by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_CLIENT_SECRET_METHOD+++[] @@ -52805,13 +53514,15 @@ ifndef::add-copy-button-to-env-var[] Environment variable: `+++QUARKUS_OIDC_CREDENTIALS_CLIENT_SECRET_METHOD+++` endif::add-copy-button-to-env-var[] -- -a|`basic`, `post`, `post-jwt`, `query` +a|tooltip:basic[`client_secret_basic` (default)\: The client id and secret are submitted with the HTTP Authorization Basic scheme.], tooltip:post[`client_secret_post`\: The client id and secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:post-jwt[`client_secret_jwt`\: The client id and generated JWT secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:query[client id and secret are submitted as HTTP query parameters. This option is only supported by the OIDC extension.] | a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-source]] [.property-path]##link:#quarkus-oidc_quarkus-oidc-credentials-jwt-source[`quarkus.oidc.credentials.jwt.source`]## [.description] -- +JWT token source: OIDC provider client or an existing JWT bearer token. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_SOURCE+++[] @@ -52827,6 +53538,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-secret]] [.property-path]##link:# [.description] -- +If provided, indicates that JWT is signed using a secret key. It is mutually exclusive with `key`, `key-file` and `key-store` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_SECRET+++[] @@ -52842,6 +53555,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-secret-provider-name]] [.property [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_SECRET_PROVIDER_NAME+++[] @@ -52857,6 +53572,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-secret-provider-keyring-name]] [. [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -52872,6 +53589,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-secret-provider-key]] [.property- [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_SECRET_PROVIDER_KEY+++[] @@ -52887,6 +53606,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-key]] [.property-path]##link:#qua [.description] -- +String representation of a private key. If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key-file` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_KEY+++[] @@ -52902,6 +53623,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-key-file]] [.property-path]##link [.description] -- +If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_KEY_FILE+++[] @@ -52917,6 +53640,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-key-store-file]] [.property-path] [.description] -- +If provided, indicates that JWT is signed using a private key from a keystore. It is mutually exclusive with `secret`, `key` and `key-file` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_KEY_STORE_FILE+++[] @@ -52932,6 +53657,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-key-store-password]] [.property-p [.description] -- +A parameter to specify the password of the keystore file. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_KEY_STORE_PASSWORD+++[] @@ -52947,6 +53674,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-key-id]] [.property-path]##link:# [.description] -- +The private key id or alias. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_KEY_ID+++[] @@ -52962,6 +53691,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-key-password]] [.property-path]## [.description] -- +The private key password. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_KEY_PASSWORD+++[] @@ -52977,6 +53708,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-audience]] [.property-path]##link [.description] -- +The JWT audience (`aud`) claim value. By default, the audience is set to the address of the OpenId Connect Provider's token endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_AUDIENCE+++[] @@ -52992,6 +53725,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-token-key-id]] [.property-path]## [.description] -- +The key identifier of the signing key added as a JWT `kid` header. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_TOKEN_KEY_ID+++[] @@ -53007,6 +53742,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-issuer]] [.property-path]##link:# [.description] -- +The issuer of the signing key added as a JWT `iss` claim. The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_ISSUER+++[] @@ -53022,6 +53759,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-subject]] [.property-path]##link: [.description] -- +Subject of the signing key added as a JWT `sub` claim The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_SUBJECT+++[] @@ -53037,6 +53776,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-claims-claim-name]] [.property-pa [.description] -- +Additional claims. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_CLAIMS__CLAIM_NAME_+++[] @@ -53052,6 +53793,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-signature-algorithm]] [.property- [.description] -- +The signature algorithm used for the `key-file` property. Supported values: `RS256` (default), `RS384`, `RS512`, `PS256`, `PS384`, `PS512`, `ES256`, `ES384`, `ES512`, `HS256`, `HS384`, `HS512`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_SIGNATURE_ALGORITHM+++[] @@ -53067,6 +53810,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-lifespan]] [.property-path]##link [.description] -- +The JWT lifespan in seconds. This value is added to the time at which the JWT was issued to calculate the expiration time. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_LIFESPAN+++[] @@ -53082,6 +53827,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-assertion]] [.property-path]##lin [.description] -- +If true then the client authentication token is a JWT bearer grant assertion. Instead of producing 'client_assertion' and 'client_assertion_type' form properties, only 'assertion' is produced. This option is only supported by the OIDC client extension. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_ASSERTION+++[] @@ -54875,6 +55622,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-auth-server-url]] [.property-path]##link:# [.description] -- +The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__AUTH_SERVER_URL+++[] @@ -54890,6 +55639,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-discovery-enabled]] [.property-path]##link [.description] -- +Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__DISCOVERY_ENABLED+++[] @@ -54905,6 +55656,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-registration-path]] [.property-path]##link [.description] -- +The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__REGISTRATION_PATH+++[] @@ -54920,6 +55673,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-connection-delay]] [.property-path]##link: [.description] -- +The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CONNECTION_DELAY+++[] @@ -54935,6 +55690,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-connection-retry-count]] [.property-path]# [.description] -- +The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CONNECTION_RETRY_COUNT+++[] @@ -54950,6 +55707,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-connection-timeout]] [.property-path]##lin [.description] -- +The number of seconds after which the current OIDC connection request times out. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CONNECTION_TIMEOUT+++[] @@ -54965,6 +55724,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-use-blocking-dns-lookup]] [.property-path] [.description] -- +Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__USE_BLOCKING_DNS_LOOKUP+++[] @@ -54980,6 +55741,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-max-pool-size]] [.property-path]##link:#qu [.description] -- +The maximum size of the connection pool used by the WebClient. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__MAX_POOL_SIZE+++[] @@ -54995,6 +55758,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-follow-redirects]] [.property-path]##link: [.description] -- +Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__FOLLOW_REDIRECTS+++[] @@ -55010,6 +55775,9 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-proxy-host]] [.property-path]##link:#quark [.description] -- +The host name or IP address of the Proxy. + +Note: If the OIDC adapter requires a Proxy to talk with the OIDC server (Provider), set this value to enable the usage of a Proxy. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__PROXY_HOST+++[] @@ -55025,6 +55793,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-proxy-port]] [.property-path]##link:#quark [.description] -- +The port number of the Proxy. The default value is `80`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__PROXY_PORT+++[] @@ -55040,6 +55810,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-proxy-username]] [.property-path]##link:#q [.description] -- +The username, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__PROXY_USERNAME+++[] @@ -55055,6 +55827,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-proxy-password]] [.property-path]##link:#q [.description] -- +The password, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__PROXY_PASSWORD+++[] @@ -55070,6 +55844,12 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-tls-tls-configuration-name]] [.property-pa [.description] -- +The name of the TLS configuration to use. + +If a name is configured, it uses the configuration from `quarkus.tls..++*++` If a name is configured, but no TLS configuration is found with that name then an error will be thrown. + +The default TLS configuration is *not* used by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__TLS_TLS_CONFIGURATION_NAME+++[] @@ -55085,6 +55865,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-token-path]] [.property-path]##link:#quark [.description] -- +The OIDC token endpoint that issues access and refresh tokens; specified as a relative path or absolute URL. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__TOKEN_PATH+++[] @@ -55100,6 +55882,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-revoke-path]] [.property-path]##link:#quar [.description] -- +The relative path or absolute URL of the OIDC token revocation endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__REVOKE_PATH+++[] @@ -55115,6 +55899,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-client-id]] [.property-path]##link:#quarku [.description] -- +The client id of the application. Each application has a client id that is used to identify the application. Setting the client id is not required if `application-type` is `service` and no token introspection is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CLIENT_ID+++[] @@ -55130,6 +55916,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-client-name]] [.property-path]##link:#quar [.description] -- +The client name of the application. It is meant to represent a human readable description of the application which you may provide when an application (client) is registered in an OpenId Connect provider's dashboard. For example, you can set this property to have more informative log messages which record an activity of the given client. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CLIENT_NAME+++[] @@ -55145,6 +55933,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-secret]] [.property-path]##lin [.description] -- +The client secret used by the `client_secret_basic` authentication method. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. You can use `client-secret.value` instead, but both properties are mutually exclusive. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_SECRET+++[] @@ -55160,6 +55950,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-client-secret-value]] [.proper [.description] -- +The client secret value. This value is ignored if `credentials.secret` is set. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_CLIENT_SECRET_VALUE+++[] @@ -55175,6 +55967,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-client-secret-provider-name]] [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_CLIENT_SECRET_PROVIDER_NAME+++[] @@ -55190,6 +55984,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-client-secret-provider-keyring [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -55205,6 +56001,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-client-secret-provider-key]] [ [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEY+++[] @@ -55220,6 +56018,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-client-secret-method]] [.prope [.description] -- +The authentication method. If the `clientSecret.value` secret is set, this method is `basic` by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_CLIENT_SECRET_METHOD+++[] @@ -55228,13 +56028,15 @@ ifndef::add-copy-button-to-env-var[] Environment variable: `+++QUARKUS_OIDC__TENANT__CREDENTIALS_CLIENT_SECRET_METHOD+++` endif::add-copy-button-to-env-var[] -- -a|`basic`, `post`, `post-jwt`, `query` +a|tooltip:basic[`client_secret_basic` (default)\: The client id and secret are submitted with the HTTP Authorization Basic scheme.], tooltip:post[`client_secret_post`\: The client id and secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:post-jwt[`client_secret_jwt`\: The client id and generated JWT secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:query[client id and secret are submitted as HTTP query parameters. This option is only supported by the OIDC extension.] | a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-source]] [.property-path]##link:#quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-source[`quarkus.oidc."tenant".credentials.jwt.source`]## [.description] -- +JWT token source: OIDC provider client or an existing JWT bearer token. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_SOURCE+++[] @@ -55250,6 +56052,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-secret]] [.property-path]# [.description] -- +If provided, indicates that JWT is signed using a secret key. It is mutually exclusive with `key`, `key-file` and `key-store` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_SECRET+++[] @@ -55265,6 +56069,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-secret-provider-name]] [.p [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_SECRET_PROVIDER_NAME+++[] @@ -55280,6 +56086,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-secret-provider-keyring-na [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -55295,6 +56103,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-secret-provider-key]] [.pr [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_SECRET_PROVIDER_KEY+++[] @@ -55310,6 +56120,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-key]] [.property-path]##li [.description] -- +String representation of a private key. If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key-file` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_KEY+++[] @@ -55325,6 +56137,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-key-file]] [.property-path [.description] -- +If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_KEY_FILE+++[] @@ -55340,6 +56154,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-key-store-file]] [.propert [.description] -- +If provided, indicates that JWT is signed using a private key from a keystore. It is mutually exclusive with `secret`, `key` and `key-file` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_KEY_STORE_FILE+++[] @@ -55355,6 +56171,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-key-store-password]] [.pro [.description] -- +A parameter to specify the password of the keystore file. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_KEY_STORE_PASSWORD+++[] @@ -55370,6 +56188,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-key-id]] [.property-path]# [.description] -- +The private key id or alias. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_KEY_ID+++[] @@ -55385,6 +56205,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-key-password]] [.property- [.description] -- +The private key password. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_KEY_PASSWORD+++[] @@ -55400,6 +56222,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-audience]] [.property-path [.description] -- +The JWT audience (`aud`) claim value. By default, the audience is set to the address of the OpenId Connect Provider's token endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_AUDIENCE+++[] @@ -55415,6 +56239,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-token-key-id]] [.property- [.description] -- +The key identifier of the signing key added as a JWT `kid` header. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_TOKEN_KEY_ID+++[] @@ -55430,6 +56256,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-issuer]] [.property-path]# [.description] -- +The issuer of the signing key added as a JWT `iss` claim. The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_ISSUER+++[] @@ -55445,6 +56273,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-subject]] [.property-path] [.description] -- +Subject of the signing key added as a JWT `sub` claim The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_SUBJECT+++[] @@ -55460,6 +56290,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-claims-claim-name]] [.prop [.description] -- +Additional claims. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_CLAIMS__CLAIM_NAME_+++[] @@ -55475,6 +56307,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-signature-algorithm]] [.pr [.description] -- +The signature algorithm used for the `key-file` property. Supported values: `RS256` (default), `RS384`, `RS512`, `PS256`, `PS384`, `PS512`, `ES256`, `ES384`, `ES512`, `HS256`, `HS384`, `HS512`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_SIGNATURE_ALGORITHM+++[] @@ -55490,6 +56324,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-lifespan]] [.property-path [.description] -- +The JWT lifespan in seconds. This value is added to the time at which the JWT was issued to calculate the expiration time. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_LIFESPAN+++[] @@ -55505,6 +56341,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-assertion]] [.property-pat [.description] -- +If true then the client authentication token is a JWT bearer grant assertion. Instead of producing 'client_assertion' and 'client_assertion_type' form properties, only 'assertion' is produced. This option is only supported by the OIDC client extension. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_ASSERTION+++[] @@ -57249,6 +58087,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-auth-server-url]] [.property-path]# [.description] -- +The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_AUTH_SERVER_URL+++[] @@ -57264,6 +58104,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-discovery-enabled]] [.property-path [.description] -- +Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_DISCOVERY_ENABLED+++[] @@ -57279,6 +58121,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-registration-path]] [.property-path [.description] -- +The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_PATH+++[] @@ -57294,6 +58138,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-connection-delay]] [.property-path] [.description] -- +The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CONNECTION_DELAY+++[] @@ -57309,6 +58155,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-connection-retry-count]] [.property [.description] -- +The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CONNECTION_RETRY_COUNT+++[] @@ -57324,6 +58172,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-connection-timeout]] [.property-pat [.description] -- +The number of seconds after which the current OIDC connection request times out. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CONNECTION_TIMEOUT+++[] @@ -57339,6 +58189,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-use-blocking-dns-lookup]] [.propert [.description] -- +Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_USE_BLOCKING_DNS_LOOKUP+++[] @@ -57354,6 +58206,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-max-pool-size]] [.property-path]##l [.description] -- +The maximum size of the connection pool used by the WebClient. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_MAX_POOL_SIZE+++[] @@ -57369,6 +58223,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-follow-redirects]] [.property-path] [.description] -- +Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_FOLLOW_REDIRECTS+++[] @@ -57384,6 +58240,9 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-proxy-host]] [.property-path]##link [.description] -- +The host name or IP address of the Proxy. + +Note: If the OIDC adapter requires a Proxy to talk with the OIDC server (Provider), set this value to enable the usage of a Proxy. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_PROXY_HOST+++[] @@ -57399,6 +58258,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-proxy-port]] [.property-path]##link [.description] -- +The port number of the Proxy. The default value is `80`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_PROXY_PORT+++[] @@ -57414,6 +58275,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-proxy-username]] [.property-path]## [.description] -- +The username, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_PROXY_USERNAME+++[] @@ -57429,6 +58292,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-proxy-password]] [.property-path]## [.description] -- +The password, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_PROXY_PASSWORD+++[] @@ -57444,6 +58309,12 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-tls-tls-configuration-name]] [.prop [.description] -- +The name of the TLS configuration to use. + +If a name is configured, it uses the configuration from `quarkus.tls..++*++` If a name is configured, but no TLS configuration is found with that name then an error will be thrown. + +The default TLS configuration is *not* used by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_TLS_TLS_CONFIGURATION_NAME+++[] @@ -57459,6 +58330,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-token-path]] [.property-path]##link [.description] -- +The OIDC token endpoint that issues access and refresh tokens; specified as a relative path or absolute URL. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_TOKEN_PATH+++[] @@ -57474,6 +58347,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-revoke-path]] [.property-path]##lin [.description] -- +The relative path or absolute URL of the OIDC token revocation endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REVOKE_PATH+++[] @@ -57489,6 +58364,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-client-id]] [.property-path]##link: [.description] -- +The client id of the application. Each application has a client id that is used to identify the application. Setting the client id is not required if `application-type` is `service` and no token introspection is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CLIENT_ID+++[] @@ -57504,6 +58381,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-client-name]] [.property-path]##lin [.description] -- +The client name of the application. It is meant to represent a human readable description of the application which you may provide when an application (client) is registered in an OpenId Connect provider's dashboard. For example, you can set this property to have more informative log messages which record an activity of the given client. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CLIENT_NAME+++[] @@ -57519,6 +58398,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-secret]] [.property-pat [.description] -- +The client secret used by the `client_secret_basic` authentication method. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. You can use `client-secret.value` instead, but both properties are mutually exclusive. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_SECRET+++[] @@ -57534,6 +58415,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-client-secret-value]] [ [.description] -- +The client secret value. This value is ignored if `credentials.secret` is set. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_CLIENT_SECRET_VALUE+++[] @@ -57549,6 +58432,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-client-secret-provider- [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_CLIENT_SECRET_PROVIDER_NAME+++[] @@ -57564,6 +58449,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-client-secret-provider- [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_CLIENT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -57579,6 +58466,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-client-secret-provider- [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_CLIENT_SECRET_PROVIDER_KEY+++[] @@ -57594,6 +58483,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-client-secret-method]] [.description] -- +The authentication method. If the `clientSecret.value` secret is set, this method is `basic` by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_CLIENT_SECRET_METHOD+++[] @@ -57602,13 +58493,15 @@ ifndef::add-copy-button-to-env-var[] Environment variable: `+++QUARKUS_OIDC_CLIENT_CREDENTIALS_CLIENT_SECRET_METHOD+++` endif::add-copy-button-to-env-var[] -- -a|`basic`, `post`, `post-jwt`, `query` +a|tooltip:basic[`client_secret_basic` (default)\: The client id and secret are submitted with the HTTP Authorization Basic scheme.], tooltip:post[`client_secret_post`\: The client id and secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:post-jwt[`client_secret_jwt`\: The client id and generated JWT secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:query[client id and secret are submitted as HTTP query parameters. This option is only supported by the OIDC extension.] | a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-source]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-source[`quarkus.oidc-client.credentials.jwt.source`]## [.description] -- +JWT token source: OIDC provider client or an existing JWT bearer token. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_SOURCE+++[] @@ -57624,6 +58517,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-secret]] [.property [.description] -- +If provided, indicates that JWT is signed using a secret key. It is mutually exclusive with `key`, `key-file` and `key-store` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_SECRET+++[] @@ -57639,6 +58534,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-secret-provider-nam [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_SECRET_PROVIDER_NAME+++[] @@ -57654,6 +58551,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-secret-provider-key [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -57669,6 +58568,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-secret-provider-key [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_SECRET_PROVIDER_KEY+++[] @@ -57684,6 +58585,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-key]] [.property-pa [.description] -- +String representation of a private key. If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key-file` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_KEY+++[] @@ -57699,6 +58602,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-key-file]] [.proper [.description] -- +If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_KEY_FILE+++[] @@ -57714,6 +58619,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-key-store-file]] [. [.description] -- +If provided, indicates that JWT is signed using a private key from a keystore. It is mutually exclusive with `secret`, `key` and `key-file` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_KEY_STORE_FILE+++[] @@ -57729,6 +58636,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-key-store-password] [.description] -- +A parameter to specify the password of the keystore file. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_KEY_STORE_PASSWORD+++[] @@ -57744,6 +58653,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-key-id]] [.property [.description] -- +The private key id or alias. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_KEY_ID+++[] @@ -57759,6 +58670,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-key-password]] [.pr [.description] -- +The private key password. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_KEY_PASSWORD+++[] @@ -57774,6 +58687,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-audience]] [.proper [.description] -- +The JWT audience (`aud`) claim value. By default, the audience is set to the address of the OpenId Connect Provider's token endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_AUDIENCE+++[] @@ -57789,6 +58704,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-token-key-id]] [.pr [.description] -- +The key identifier of the signing key added as a JWT `kid` header. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_TOKEN_KEY_ID+++[] @@ -57804,6 +58721,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-issuer]] [.property [.description] -- +The issuer of the signing key added as a JWT `iss` claim. The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_ISSUER+++[] @@ -57819,6 +58738,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-subject]] [.propert [.description] -- +Subject of the signing key added as a JWT `sub` claim The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_SUBJECT+++[] @@ -57834,6 +58755,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-claims-claim-name]] [.description] -- +Additional claims. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_CLAIMS__CLAIM_NAME_+++[] @@ -57849,6 +58772,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-signature-algorithm [.description] -- +The signature algorithm used for the `key-file` property. Supported values: `RS256` (default), `RS384`, `RS512`, `PS256`, `PS384`, `PS512`, `ES256`, `ES384`, `ES512`, `HS256`, `HS384`, `HS512`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_SIGNATURE_ALGORITHM+++[] @@ -57864,6 +58789,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-lifespan]] [.proper [.description] -- +The JWT lifespan in seconds. This value is added to the time at which the JWT was issued to calculate the expiration time. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_LIFESPAN+++[] @@ -57879,6 +58806,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-assertion]] [.prope [.description] -- +If true then the client authentication token is a JWT bearer grant assertion. Instead of producing 'client_assertion' and 'client_assertion_type' form properties, only 'assertion' is produced. This option is only supported by the OIDC client extension. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_ASSERTION+++[] @@ -58136,6 +59065,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-auth-server-url]] [.property-pat [.description] -- +The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__AUTH_SERVER_URL+++[] @@ -58151,6 +59082,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-discovery-enabled]] [.property-p [.description] -- +Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__DISCOVERY_ENABLED+++[] @@ -58166,6 +59099,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-registration-path]] [.property-p [.description] -- +The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__REGISTRATION_PATH+++[] @@ -58181,6 +59116,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-connection-delay]] [.property-pa [.description] -- +The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_DELAY+++[] @@ -58196,6 +59133,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-connection-retry-count]] [.prope [.description] -- +The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_RETRY_COUNT+++[] @@ -58211,6 +59150,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-connection-timeout]] [.property- [.description] -- +The number of seconds after which the current OIDC connection request times out. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_TIMEOUT+++[] @@ -58226,6 +59167,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-use-blocking-dns-lookup]] [.prop [.description] -- +Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__USE_BLOCKING_DNS_LOOKUP+++[] @@ -58241,6 +59184,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-max-pool-size]] [.property-path] [.description] -- +The maximum size of the connection pool used by the WebClient. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__MAX_POOL_SIZE+++[] @@ -58256,6 +59201,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-follow-redirects]] [.property-pa [.description] -- +Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__FOLLOW_REDIRECTS+++[] @@ -58271,6 +59218,9 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-host]] [.property-path]##l [.description] -- +The host name or IP address of the Proxy. + +Note: If the OIDC adapter requires a Proxy to talk with the OIDC server (Provider), set this value to enable the usage of a Proxy. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_HOST+++[] @@ -58286,6 +59236,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-port]] [.property-path]##l [.description] -- +The port number of the Proxy. The default value is `80`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_PORT+++[] @@ -58301,6 +59253,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-username]] [.property-path [.description] -- +The username, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_USERNAME+++[] @@ -58316,6 +59270,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-password]] [.property-path [.description] -- +The password, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_PASSWORD+++[] @@ -58331,6 +59287,12 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-tls-tls-configuration-name]] [.p [.description] -- +The name of the TLS configuration to use. + +If a name is configured, it uses the configuration from `quarkus.tls..++*++` If a name is configured, but no TLS configuration is found with that name then an error will be thrown. + +The default TLS configuration is *not* used by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__TLS_TLS_CONFIGURATION_NAME+++[] @@ -58346,6 +59308,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-token-path]] [.property-path]##l [.description] -- +The OIDC token endpoint that issues access and refresh tokens; specified as a relative path or absolute URL. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__TOKEN_PATH+++[] @@ -58361,6 +59325,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-revoke-path]] [.property-path]## [.description] -- +The relative path or absolute URL of the OIDC token revocation endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__REVOKE_PATH+++[] @@ -58376,6 +59342,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-client-id]] [.property-path]##li [.description] -- +The client id of the application. Each application has a client id that is used to identify the application. Setting the client id is not required if `application-type` is `service` and no token introspection is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CLIENT_ID+++[] @@ -58391,6 +59359,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-client-name]] [.property-path]## [.description] -- +The client name of the application. It is meant to represent a human readable description of the application which you may provide when an application (client) is registered in an OpenId Connect provider's dashboard. For example, you can set this property to have more informative log messages which record an activity of the given client. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CLIENT_NAME+++[] @@ -58406,6 +59376,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-secret]] [.property- [.description] -- +The client secret used by the `client_secret_basic` authentication method. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. You can use `client-secret.value` instead, but both properties are mutually exclusive. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_SECRET+++[] @@ -58421,6 +59393,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-value] [.description] -- +The client secret value. This value is ignored if `credentials.secret` is set. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_VALUE+++[] @@ -58436,6 +59410,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provid [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_NAME+++[] @@ -58451,6 +59427,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provid [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -58466,6 +59444,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provid [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEY+++[] @@ -58481,6 +59461,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-method [.description] -- +The authentication method. If the `clientSecret.value` secret is set, this method is `basic` by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_METHOD+++[] @@ -58489,13 +59471,15 @@ ifndef::add-copy-button-to-env-var[] Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_METHOD+++` endif::add-copy-button-to-env-var[] -- -a|`basic`, `post`, `post-jwt`, `query` +a|tooltip:basic[`client_secret_basic` (default)\: The client id and secret are submitted with the HTTP Authorization Basic scheme.], tooltip:post[`client_secret_post`\: The client id and secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:post-jwt[`client_secret_jwt`\: The client id and generated JWT secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:query[client id and secret are submitted as HTTP query parameters. This option is only supported by the OIDC extension.] | a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-source]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-source[`quarkus.oidc-client."id".credentials.jwt.source`]## [.description] -- +JWT token source: OIDC provider client or an existing JWT bearer token. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SOURCE+++[] @@ -58511,6 +59495,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret]] [.prope [.description] -- +If provided, indicates that JWT is signed using a secret key. It is mutually exclusive with `key`, `key-file` and `key-store` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET+++[] @@ -58526,6 +59512,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider- [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_NAME+++[] @@ -58541,6 +59529,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider- [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -58556,6 +59546,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider- [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_KEY+++[] @@ -58571,6 +59563,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key]] [.property [.description] -- +String representation of a private key. If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key-file` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY+++[] @@ -58586,6 +59580,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-file]] [.pro [.description] -- +If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_FILE+++[] @@ -58601,6 +59597,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-store-file]] [.description] -- +If provided, indicates that JWT is signed using a private key from a keystore. It is mutually exclusive with `secret`, `key` and `key-file` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_STORE_FILE+++[] @@ -58616,6 +59614,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-store-passwo [.description] -- +A parameter to specify the password of the keystore file. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_STORE_PASSWORD+++[] @@ -58631,6 +59631,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-id]] [.prope [.description] -- +The private key id or alias. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_ID+++[] @@ -58646,6 +59648,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-password]] [ [.description] -- +The private key password. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_PASSWORD+++[] @@ -58661,6 +59665,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-audience]] [.pro [.description] -- +The JWT audience (`aud`) claim value. By default, the audience is set to the address of the OpenId Connect Provider's token endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_AUDIENCE+++[] @@ -58676,6 +59682,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-token-key-id]] [ [.description] -- +The key identifier of the signing key added as a JWT `kid` header. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_TOKEN_KEY_ID+++[] @@ -58691,6 +59699,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-issuer]] [.prope [.description] -- +The issuer of the signing key added as a JWT `iss` claim. The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_ISSUER+++[] @@ -58706,6 +59716,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-subject]] [.prop [.description] -- +Subject of the signing key added as a JWT `sub` claim The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SUBJECT+++[] @@ -58721,6 +59733,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-claims-claim-nam [.description] -- +Additional claims. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_CLAIMS__CLAIM_NAME_+++[] @@ -58736,6 +59750,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-signature-algori [.description] -- +The signature algorithm used for the `key-file` property. Supported values: `RS256` (default), `RS384`, `RS512`, `PS256`, `PS384`, `PS512`, `ES256`, `ES384`, `ES512`, `HS256`, `HS384`, `HS512`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SIGNATURE_ALGORITHM+++[] @@ -58751,6 +59767,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-lifespan]] [.pro [.description] -- +The JWT lifespan in seconds. This value is added to the time at which the JWT was issued to calculate the expiration time. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_LIFESPAN+++[] @@ -58766,6 +59784,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-assertion]] [.pr [.description] -- +If true then the client authentication token is a JWT bearer grant assertion. Instead of producing 'client_assertion' and 'client_assertion_type' form properties, only 'assertion' is produced. This option is only supported by the OIDC client extension. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_ASSERTION+++[] @@ -59120,6 +60140,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-auth-serv [.description] -- +The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_AUTH_SERVER_URL+++[] @@ -59135,6 +60157,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-discovery [.description] -- +Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_DISCOVERY_ENABLED+++[] @@ -59150,6 +60174,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-registrat [.description] -- +The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_REGISTRATION_PATH+++[] @@ -59165,6 +60191,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-connectio [.description] -- +The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_CONNECTION_DELAY+++[] @@ -59180,6 +60208,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-connectio [.description] -- +The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_CONNECTION_RETRY_COUNT+++[] @@ -59195,6 +60225,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-connectio [.description] -- +The number of seconds after which the current OIDC connection request times out. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_CONNECTION_TIMEOUT+++[] @@ -59210,6 +60242,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-use-block [.description] -- +Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_USE_BLOCKING_DNS_LOOKUP+++[] @@ -59225,6 +60259,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-max-pool- [.description] -- +The maximum size of the connection pool used by the WebClient. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_MAX_POOL_SIZE+++[] @@ -59240,6 +60276,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-follow-re [.description] -- +Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_FOLLOW_REDIRECTS+++[] @@ -59255,6 +60293,9 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-proxy-hos [.description] -- +The host name or IP address of the Proxy. + +Note: If the OIDC adapter requires a Proxy to talk with the OIDC server (Provider), set this value to enable the usage of a Proxy. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_PROXY_HOST+++[] @@ -59270,6 +60311,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-proxy-por [.description] -- +The port number of the Proxy. The default value is `80`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_PROXY_PORT+++[] @@ -59285,6 +60328,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-proxy-use [.description] -- +The username, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_PROXY_USERNAME+++[] @@ -59300,6 +60345,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-proxy-pas [.description] -- +The password, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_PROXY_PASSWORD+++[] @@ -59315,6 +60362,12 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-tls-tls-c [.description] -- +The name of the TLS configuration to use. + +If a name is configured, it uses the configuration from `quarkus.tls..++*++` If a name is configured, but no TLS configuration is found with that name then an error will be thrown. + +The default TLS configuration is *not* used by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_TLS_TLS_CONFIGURATION_NAME+++[] @@ -59470,6 +60523,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-auth-s [.description] -- +The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__AUTH_SERVER_URL+++[] @@ -59485,6 +60540,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-discov [.description] -- +Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__DISCOVERY_ENABLED+++[] @@ -59500,6 +60557,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-regist [.description] -- +The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__REGISTRATION_PATH+++[] @@ -59515,6 +60574,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-connec [.description] -- +The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__CONNECTION_DELAY+++[] @@ -59530,6 +60591,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-connec [.description] -- +The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__CONNECTION_RETRY_COUNT+++[] @@ -59545,6 +60608,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-connec [.description] -- +The number of seconds after which the current OIDC connection request times out. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__CONNECTION_TIMEOUT+++[] @@ -59560,6 +60625,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-use-bl [.description] -- +Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__USE_BLOCKING_DNS_LOOKUP+++[] @@ -59575,6 +60642,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-max-po [.description] -- +The maximum size of the connection pool used by the WebClient. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__MAX_POOL_SIZE+++[] @@ -59590,6 +60659,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-follow [.description] -- +Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__FOLLOW_REDIRECTS+++[] @@ -59605,6 +60676,9 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-proxy- [.description] -- +The host name or IP address of the Proxy. + +Note: If the OIDC adapter requires a Proxy to talk with the OIDC server (Provider), set this value to enable the usage of a Proxy. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__PROXY_HOST+++[] @@ -59620,6 +60694,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-proxy- [.description] -- +The port number of the Proxy. The default value is `80`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__PROXY_PORT+++[] @@ -59635,6 +60711,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-proxy- [.description] -- +The username, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__PROXY_USERNAME+++[] @@ -59650,6 +60728,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-proxy- [.description] -- +The password, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__PROXY_PASSWORD+++[] @@ -59665,6 +60745,12 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-tls-tl [.description] -- +The name of the TLS configuration to use. + +If a name is configured, it uses the configuration from `quarkus.tls..++*++` If a name is configured, but no TLS configuration is found with that name then an error will be thrown. + +The default TLS configuration is *not* used by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__TLS_TLS_CONFIGURATION_NAME+++[] diff --git a/_generated-doc/main/config/quarkus-container-image-docker.adoc b/_generated-doc/main/config/quarkus-container-image-docker.adoc index b42122a9453..b8f9cb13454 100644 --- a/_generated-doc/main/config/quarkus-container-image-docker.adoc +++ b/_generated-doc/main/config/quarkus-container-image-docker.adoc @@ -11,6 +11,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-docker_quarkus- [.description] -- +Path to the JVM Dockerfile. If set to an absolute path then the absolute path will be used, otherwise the path will be considered relative to the project root. If not set src/main/docker/Dockerfile.jvm will be used. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_DOCKER_DOCKERFILE_JVM_PATH+++[] @@ -26,6 +28,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-docker_quarkus- [.description] -- +Path to the native Dockerfile. If set to an absolute path then the absolute path will be used, otherwise the path will be considered relative to the project root. If not set src/main/docker/Dockerfile.native will be used. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_DOCKER_DOCKERFILE_NATIVE_PATH+++[] @@ -41,6 +45,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-docker_quarkus- [.description] -- +Build args passed to docker via `--build-arg` + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_DOCKER_BUILD_ARGS__ARG_NAME_+++[] @@ -56,6 +62,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-docker_quarkus- [.description] -- +Images to consider as cache sources. Values are passed to `docker build`/`podman build` via the `cache-from` option + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_DOCKER_CACHE_FROM+++[] @@ -71,6 +79,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-docker_quarkus- [.description] -- +The networking mode for the RUN instructions during build + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_DOCKER_NETWORK+++[] @@ -86,6 +96,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-docker_quarkus- [.description] -- +Name of binary used to execute the docker/podman commands. This setting can override the global container runtime detection. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_DOCKER_EXECUTABLE_NAME+++[] @@ -101,6 +113,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-docker_quarkus- [.description] -- +Additional arbitrary arguments passed to the executable when building the container image. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_DOCKER_ADDITIONAL_ARGS+++[] diff --git a/_generated-doc/main/config/quarkus-container-image-docker_quarkus.docker.adoc b/_generated-doc/main/config/quarkus-container-image-docker_quarkus.docker.adoc index b42122a9453..b8f9cb13454 100644 --- a/_generated-doc/main/config/quarkus-container-image-docker_quarkus.docker.adoc +++ b/_generated-doc/main/config/quarkus-container-image-docker_quarkus.docker.adoc @@ -11,6 +11,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-docker_quarkus- [.description] -- +Path to the JVM Dockerfile. If set to an absolute path then the absolute path will be used, otherwise the path will be considered relative to the project root. If not set src/main/docker/Dockerfile.jvm will be used. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_DOCKER_DOCKERFILE_JVM_PATH+++[] @@ -26,6 +28,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-docker_quarkus- [.description] -- +Path to the native Dockerfile. If set to an absolute path then the absolute path will be used, otherwise the path will be considered relative to the project root. If not set src/main/docker/Dockerfile.native will be used. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_DOCKER_DOCKERFILE_NATIVE_PATH+++[] @@ -41,6 +45,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-docker_quarkus- [.description] -- +Build args passed to docker via `--build-arg` + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_DOCKER_BUILD_ARGS__ARG_NAME_+++[] @@ -56,6 +62,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-docker_quarkus- [.description] -- +Images to consider as cache sources. Values are passed to `docker build`/`podman build` via the `cache-from` option + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_DOCKER_CACHE_FROM+++[] @@ -71,6 +79,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-docker_quarkus- [.description] -- +The networking mode for the RUN instructions during build + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_DOCKER_NETWORK+++[] @@ -86,6 +96,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-docker_quarkus- [.description] -- +Name of binary used to execute the docker/podman commands. This setting can override the global container runtime detection. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_DOCKER_EXECUTABLE_NAME+++[] @@ -101,6 +113,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-docker_quarkus- [.description] -- +Additional arbitrary arguments passed to the executable when building the container image. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_DOCKER_ADDITIONAL_ARGS+++[] diff --git a/_generated-doc/main/config/quarkus-container-image-podman.adoc b/_generated-doc/main/config/quarkus-container-image-podman.adoc index 824e46e8fec..c2b1b98382e 100644 --- a/_generated-doc/main/config/quarkus-container-image-podman.adoc +++ b/_generated-doc/main/config/quarkus-container-image-podman.adoc @@ -11,6 +11,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-podman_quarkus- [.description] -- +Path to the JVM Dockerfile. If set to an absolute path then the absolute path will be used, otherwise the path will be considered relative to the project root. If not set src/main/docker/Dockerfile.jvm will be used. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_PODMAN_DOCKERFILE_JVM_PATH+++[] @@ -26,6 +28,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-podman_quarkus- [.description] -- +Path to the native Dockerfile. If set to an absolute path then the absolute path will be used, otherwise the path will be considered relative to the project root. If not set src/main/docker/Dockerfile.native will be used. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_PODMAN_DOCKERFILE_NATIVE_PATH+++[] @@ -41,6 +45,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-podman_quarkus- [.description] -- +Build args passed to docker via `--build-arg` + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_PODMAN_BUILD_ARGS__ARG_NAME_+++[] @@ -56,6 +62,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-podman_quarkus- [.description] -- +Images to consider as cache sources. Values are passed to `docker build`/`podman build` via the `cache-from` option + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_PODMAN_CACHE_FROM+++[] @@ -71,6 +79,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-podman_quarkus- [.description] -- +The networking mode for the RUN instructions during build + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_PODMAN_NETWORK+++[] @@ -86,6 +96,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-podman_quarkus- [.description] -- +Name of binary used to execute the docker/podman commands. This setting can override the global container runtime detection. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_PODMAN_EXECUTABLE_NAME+++[] @@ -101,6 +113,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-podman_quarkus- [.description] -- +Additional arbitrary arguments passed to the executable when building the container image. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_PODMAN_ADDITIONAL_ARGS+++[] diff --git a/_generated-doc/main/config/quarkus-container-image-podman_quarkus.podman.adoc b/_generated-doc/main/config/quarkus-container-image-podman_quarkus.podman.adoc index 824e46e8fec..c2b1b98382e 100644 --- a/_generated-doc/main/config/quarkus-container-image-podman_quarkus.podman.adoc +++ b/_generated-doc/main/config/quarkus-container-image-podman_quarkus.podman.adoc @@ -11,6 +11,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-podman_quarkus- [.description] -- +Path to the JVM Dockerfile. If set to an absolute path then the absolute path will be used, otherwise the path will be considered relative to the project root. If not set src/main/docker/Dockerfile.jvm will be used. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_PODMAN_DOCKERFILE_JVM_PATH+++[] @@ -26,6 +28,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-podman_quarkus- [.description] -- +Path to the native Dockerfile. If set to an absolute path then the absolute path will be used, otherwise the path will be considered relative to the project root. If not set src/main/docker/Dockerfile.native will be used. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_PODMAN_DOCKERFILE_NATIVE_PATH+++[] @@ -41,6 +45,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-podman_quarkus- [.description] -- +Build args passed to docker via `--build-arg` + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_PODMAN_BUILD_ARGS__ARG_NAME_+++[] @@ -56,6 +62,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-podman_quarkus- [.description] -- +Images to consider as cache sources. Values are passed to `docker build`/`podman build` via the `cache-from` option + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_PODMAN_CACHE_FROM+++[] @@ -71,6 +79,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-podman_quarkus- [.description] -- +The networking mode for the RUN instructions during build + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_PODMAN_NETWORK+++[] @@ -86,6 +96,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-podman_quarkus- [.description] -- +Name of binary used to execute the docker/podman commands. This setting can override the global container runtime detection. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_PODMAN_EXECUTABLE_NAME+++[] @@ -101,6 +113,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-container-image-podman_quarkus- [.description] -- +Additional arbitrary arguments passed to the executable when building the container image. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_PODMAN_ADDITIONAL_ARGS+++[] diff --git a/_generated-doc/main/config/quarkus-core_quarkus.log.adoc b/_generated-doc/main/config/quarkus-core_quarkus.log.adoc index 00cf18df8da..abe159eaea0 100644 --- a/_generated-doc/main/config/quarkus-core_quarkus.log.adoc +++ b/_generated-doc/main/config/quarkus-core_quarkus.log.adoc @@ -501,7 +501,7 @@ a| [[quarkus-core_quarkus-log-file-rotation-max-file-size]] [.property-path]##li [.description] -- -The maximum log file size, after which a rotation is executed. +The maximum log file size, after which a rotation is executed. Note that the file is rotated _after_ the log record is written. Thus, this isn't a hard maximum on the file size; rather, it's a hard _minimum_ on the size of the file before it is rotated. ifdef::add-copy-button-to-env-var[] @@ -871,6 +871,182 @@ a|`block`, `discard` |`block` +h|[[quarkus-core_section_quarkus-log-socket]] [.section-name.section-level0]##link:#quarkus-core_section_quarkus-log-socket[Socket logging]## +h|Type +h|Default + +a| [[quarkus-core_quarkus-log-socket-enable]] [.property-path]##link:#quarkus-core_quarkus-log-socket-enable[`quarkus.log.socket.enable`]## + +[.description] +-- +If socket logging should be enabled + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_ENABLE+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_ENABLE+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`false` + +a| [[quarkus-core_quarkus-log-socket-endpoint]] [.property-path]##link:#quarkus-core_quarkus-log-socket-endpoint[`quarkus.log.socket.endpoint`]## + +[.description] +-- +The IP address and port of the server receiving the logs + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_ENDPOINT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_ENDPOINT+++` +endif::add-copy-button-to-env-var[] +-- +|host:port +|`localhost:4560` + +a| [[quarkus-core_quarkus-log-socket-protocol]] [.property-path]##link:#quarkus-core_quarkus-log-socket-protocol[`quarkus.log.socket.protocol`]## + +[.description] +-- +Sets the protocol used to connect to the syslog server + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_PROTOCOL+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_PROTOCOL+++` +endif::add-copy-button-to-env-var[] +-- +a|`tcp`, `udp`, `ssl-tcp` +|`tcp` + +a| [[quarkus-core_quarkus-log-socket-block-on-reconnect]] [.property-path]##link:#quarkus-core_quarkus-log-socket-block-on-reconnect[`quarkus.log.socket.block-on-reconnect`]## + +[.description] +-- +Enables or disables blocking when attempting to reconnect a `Protocol++#++TCP +TCP` or `Protocol++#++SSL_TCP SSL TCP` protocol + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_BLOCK_ON_RECONNECT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_BLOCK_ON_RECONNECT+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`false` + +a| [[quarkus-core_quarkus-log-socket-format]] [.property-path]##link:#quarkus-core_quarkus-log-socket-format[`quarkus.log.socket.format`]## + +[.description] +-- +The log message format + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_FORMAT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_FORMAT+++` +endif::add-copy-button-to-env-var[] +-- +|string +|`%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c{3.}] (%t) %s%e%n` + +a| [[quarkus-core_quarkus-log-socket-level]] [.property-path]##link:#quarkus-core_quarkus-log-socket-level[`quarkus.log.socket.level`]## + +[.description] +-- +The log level specifying, which message levels will be logged by socket logger + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_LEVEL+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_LEVEL+++` +endif::add-copy-button-to-env-var[] +-- +|link:https://javadoc.io/doc/org.jboss.logmanager/jboss-logmanager/latest/org/jboss/logmanager/Level.html[Level] +|`ALL` + +a| [[quarkus-core_quarkus-log-socket-filter]] [.property-path]##link:#quarkus-core_quarkus-log-socket-filter[`quarkus.log.socket.filter`]## + +[.description] +-- +The name of the filter to link to the file handler. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_FILTER+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_FILTER+++` +endif::add-copy-button-to-env-var[] +-- +|string +| + +a| [[quarkus-core_quarkus-log-socket-async]] [.property-path]##link:#quarkus-core_quarkus-log-socket-async[`quarkus.log.socket.async`]## + +[.description] +-- +Indicates whether to log asynchronously + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_ASYNC+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_ASYNC+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`false` + +a| [[quarkus-core_quarkus-log-socket-async-queue-length]] [.property-path]##link:#quarkus-core_quarkus-log-socket-async-queue-length[`quarkus.log.socket.async.queue-length`]## + +[.description] +-- +The queue length to use before flushing writing + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_ASYNC_QUEUE_LENGTH+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_ASYNC_QUEUE_LENGTH+++` +endif::add-copy-button-to-env-var[] +-- +|int +|`512` + +a| [[quarkus-core_quarkus-log-socket-async-overflow]] [.property-path]##link:#quarkus-core_quarkus-log-socket-async-overflow[`quarkus.log.socket.async.overflow`]## + +[.description] +-- +Determine whether to block the publisher (rather than drop the message) when the queue is full + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_ASYNC_OVERFLOW+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_ASYNC_OVERFLOW+++` +endif::add-copy-button-to-env-var[] +-- +a|`block`, `discard` +|`block` + + h|[[quarkus-core_section_quarkus-log-handler-console]] [.section-name.section-level0]##link:#quarkus-core_section_quarkus-log-handler-console[Console handlers]## h|Type h|Default @@ -1190,7 +1366,7 @@ a| [[quarkus-core_quarkus-log-handler-file-file-handlers-rotation-max-file-size] [.description] -- -The maximum log file size, after which a rotation is executed. +The maximum log file size, after which a rotation is executed. Note that the file is rotated _after_ the log record is written. Thus, this isn't a hard maximum on the file size; rather, it's a hard _minimum_ on the size of the file before it is rotated. ifdef::add-copy-button-to-env-var[] @@ -1560,6 +1736,182 @@ a|`block`, `discard` |`block` +h|[[quarkus-core_section_quarkus-log-handler-socket]] [.section-name.section-level0]##link:#quarkus-core_section_quarkus-log-handler-socket[Socket handlers]## +h|Type +h|Default + +a| [[quarkus-core_quarkus-log-handler-socket-socket-handlers-enable]] [.property-path]##link:#quarkus-core_quarkus-log-handler-socket-socket-handlers-enable[`quarkus.log.handler.socket."socket-handlers".enable`]## + +[.description] +-- +If socket logging should be enabled + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__ENABLE+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__ENABLE+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`false` + +a| [[quarkus-core_quarkus-log-handler-socket-socket-handlers-endpoint]] [.property-path]##link:#quarkus-core_quarkus-log-handler-socket-socket-handlers-endpoint[`quarkus.log.handler.socket."socket-handlers".endpoint`]## + +[.description] +-- +The IP address and port of the server receiving the logs + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__ENDPOINT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__ENDPOINT+++` +endif::add-copy-button-to-env-var[] +-- +|host:port +|`localhost:4560` + +a| [[quarkus-core_quarkus-log-handler-socket-socket-handlers-protocol]] [.property-path]##link:#quarkus-core_quarkus-log-handler-socket-socket-handlers-protocol[`quarkus.log.handler.socket."socket-handlers".protocol`]## + +[.description] +-- +Sets the protocol used to connect to the syslog server + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__PROTOCOL+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__PROTOCOL+++` +endif::add-copy-button-to-env-var[] +-- +a|`tcp`, `udp`, `ssl-tcp` +|`tcp` + +a| [[quarkus-core_quarkus-log-handler-socket-socket-handlers-block-on-reconnect]] [.property-path]##link:#quarkus-core_quarkus-log-handler-socket-socket-handlers-block-on-reconnect[`quarkus.log.handler.socket."socket-handlers".block-on-reconnect`]## + +[.description] +-- +Enables or disables blocking when attempting to reconnect a `Protocol++#++TCP +TCP` or `Protocol++#++SSL_TCP SSL TCP` protocol + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__BLOCK_ON_RECONNECT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__BLOCK_ON_RECONNECT+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`false` + +a| [[quarkus-core_quarkus-log-handler-socket-socket-handlers-format]] [.property-path]##link:#quarkus-core_quarkus-log-handler-socket-socket-handlers-format[`quarkus.log.handler.socket."socket-handlers".format`]## + +[.description] +-- +The log message format + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__FORMAT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__FORMAT+++` +endif::add-copy-button-to-env-var[] +-- +|string +|`%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c{3.}] (%t) %s%e%n` + +a| [[quarkus-core_quarkus-log-handler-socket-socket-handlers-level]] [.property-path]##link:#quarkus-core_quarkus-log-handler-socket-socket-handlers-level[`quarkus.log.handler.socket."socket-handlers".level`]## + +[.description] +-- +The log level specifying, which message levels will be logged by socket logger + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__LEVEL+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__LEVEL+++` +endif::add-copy-button-to-env-var[] +-- +|link:https://javadoc.io/doc/org.jboss.logmanager/jboss-logmanager/latest/org/jboss/logmanager/Level.html[Level] +|`ALL` + +a| [[quarkus-core_quarkus-log-handler-socket-socket-handlers-filter]] [.property-path]##link:#quarkus-core_quarkus-log-handler-socket-socket-handlers-filter[`quarkus.log.handler.socket."socket-handlers".filter`]## + +[.description] +-- +The name of the filter to link to the file handler. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__FILTER+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__FILTER+++` +endif::add-copy-button-to-env-var[] +-- +|string +| + +a| [[quarkus-core_quarkus-log-handler-socket-socket-handlers-async]] [.property-path]##link:#quarkus-core_quarkus-log-handler-socket-socket-handlers-async[`quarkus.log.handler.socket."socket-handlers".async`]## + +[.description] +-- +Indicates whether to log asynchronously + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__ASYNC+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__ASYNC+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`false` + +a| [[quarkus-core_quarkus-log-handler-socket-socket-handlers-async-queue-length]] [.property-path]##link:#quarkus-core_quarkus-log-handler-socket-socket-handlers-async-queue-length[`quarkus.log.handler.socket."socket-handlers".async.queue-length`]## + +[.description] +-- +The queue length to use before flushing writing + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__ASYNC_QUEUE_LENGTH+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__ASYNC_QUEUE_LENGTH+++` +endif::add-copy-button-to-env-var[] +-- +|int +|`512` + +a| [[quarkus-core_quarkus-log-handler-socket-socket-handlers-async-overflow]] [.property-path]##link:#quarkus-core_quarkus-log-handler-socket-socket-handlers-async-overflow[`quarkus.log.handler.socket."socket-handlers".async.overflow`]## + +[.description] +-- +Determine whether to block the publisher (rather than drop the message) when the queue is full + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__ASYNC_OVERFLOW+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_HANDLER_SOCKET__SOCKET_HANDLERS__ASYNC_OVERFLOW+++` +endif::add-copy-button-to-env-var[] +-- +a|`block`, `discard` +|`block` + + h|[[quarkus-core_section_quarkus-log-filter]] [.section-name.section-level0]##link:#quarkus-core_section_quarkus-log-filter[Log cleanup filters - internal use]## h|Type h|Default diff --git a/_generated-doc/main/config/quarkus-devservices-keycloak.adoc b/_generated-doc/main/config/quarkus-devservices-keycloak.adoc index 1cdac68228f..e47b4d4cf25 100644 --- a/_generated-doc/main/config/quarkus-devservices-keycloak.adoc +++ b/_generated-doc/main/config/quarkus-devservices-keycloak.adoc @@ -234,7 +234,7 @@ a|icon:lock[title=Fixed at build time] [[quarkus-devservices-keycloak_quarkus-ke [.description] -- -Specifies whether to create the default client id `quarkus-app` with a secret `secret`and register them if the `create-realm` property is set to true. For OIDC extension configuration properties `quarkus.oidc.client.id` and `quarkus.oidc.credentials.secret` will be configured. For OIDC Client extension configuration properties `quarkus.oidc-client.client.id` and `quarkus.oidc-client.credentials.secret` will be configured. Set to `false` if clients have to be created using either the Keycloak Administration Console or the Keycloak Admin API provided by `io.quarkus.test.common.QuarkusTestResourceLifecycleManager` or registered dynamically. +Specifies whether to create the default client id `quarkus-app` with a secret `secret` and register them if the `create-realm` property is set to true. For OIDC extension configuration properties `quarkus.oidc.client.id` and `quarkus.oidc.credentials.secret` will be configured. For OIDC Client extension configuration properties `quarkus.oidc-client.client.id` and `quarkus.oidc-client.credentials.secret` will be configured. Set to `false` if clients have to be created using either the Keycloak Administration Console or the Keycloak Admin API provided by `io.quarkus.test.common.QuarkusTestResourceLifecycleManager` or registered dynamically. ifdef::add-copy-button-to-env-var[] diff --git a/_generated-doc/main/config/quarkus-devservices-keycloak_quarkus.keycloak.adoc b/_generated-doc/main/config/quarkus-devservices-keycloak_quarkus.keycloak.adoc index 1cdac68228f..e47b4d4cf25 100644 --- a/_generated-doc/main/config/quarkus-devservices-keycloak_quarkus.keycloak.adoc +++ b/_generated-doc/main/config/quarkus-devservices-keycloak_quarkus.keycloak.adoc @@ -234,7 +234,7 @@ a|icon:lock[title=Fixed at build time] [[quarkus-devservices-keycloak_quarkus-ke [.description] -- -Specifies whether to create the default client id `quarkus-app` with a secret `secret`and register them if the `create-realm` property is set to true. For OIDC extension configuration properties `quarkus.oidc.client.id` and `quarkus.oidc.credentials.secret` will be configured. For OIDC Client extension configuration properties `quarkus.oidc-client.client.id` and `quarkus.oidc-client.credentials.secret` will be configured. Set to `false` if clients have to be created using either the Keycloak Administration Console or the Keycloak Admin API provided by `io.quarkus.test.common.QuarkusTestResourceLifecycleManager` or registered dynamically. +Specifies whether to create the default client id `quarkus-app` with a secret `secret` and register them if the `create-realm` property is set to true. For OIDC extension configuration properties `quarkus.oidc.client.id` and `quarkus.oidc.credentials.secret` will be configured. For OIDC Client extension configuration properties `quarkus.oidc-client.client.id` and `quarkus.oidc-client.credentials.secret` will be configured. Set to `false` if clients have to be created using either the Keycloak Administration Console or the Keycloak Admin API provided by `io.quarkus.test.common.QuarkusTestResourceLifecycleManager` or registered dynamically. ifdef::add-copy-button-to-env-var[] diff --git a/_generated-doc/main/config/quarkus-logging-json.adoc b/_generated-doc/main/config/quarkus-logging-json.adoc index 9fb5e476408..3003097ad2e 100644 --- a/_generated-doc/main/config/quarkus-logging-json.adoc +++ b/_generated-doc/main/config/quarkus-logging-json.adoc @@ -200,6 +200,23 @@ endif::add-copy-button-to-env-var[] a|`string`, `int`, `long` |`string` +a| [[quarkus-logging-json_quarkus-log-console-json-log-format]] [.property-path]##link:#quarkus-logging-json_quarkus-log-console-json-log-format[`quarkus.log.console.json.log-format`]## + +[.description] +-- +Specify the format of the produced JSON + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_CONSOLE_JSON_LOG_FORMAT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_CONSOLE_JSON_LOG_FORMAT+++` +endif::add-copy-button-to-env-var[] +-- +a|`default`, `ecs` +|`default` + h|[[quarkus-logging-json_section_quarkus-log-file-json]] [.section-name.section-level0]##link:#quarkus-logging-json_section_quarkus-log-file-json[File logging]## h|Type @@ -394,6 +411,23 @@ endif::add-copy-button-to-env-var[] a|`string`, `int`, `long` |`string` +a| [[quarkus-logging-json_quarkus-log-file-json-log-format]] [.property-path]##link:#quarkus-logging-json_quarkus-log-file-json-log-format[`quarkus.log.file.json.log-format`]## + +[.description] +-- +Specify the format of the produced JSON + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_FILE_JSON_LOG_FORMAT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_FILE_JSON_LOG_FORMAT+++` +endif::add-copy-button-to-env-var[] +-- +a|`default`, `ecs` +|`default` + h|[[quarkus-logging-json_section_quarkus-log-syslog-json]] [.section-name.section-level0]##link:#quarkus-logging-json_section_quarkus-log-syslog-json[Syslog logging]## h|Type @@ -588,6 +622,234 @@ endif::add-copy-button-to-env-var[] a|`string`, `int`, `long` |`string` +a| [[quarkus-logging-json_quarkus-log-syslog-json-log-format]] [.property-path]##link:#quarkus-logging-json_quarkus-log-syslog-json-log-format[`quarkus.log.syslog.json.log-format`]## + +[.description] +-- +Specify the format of the produced JSON + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SYSLOG_JSON_LOG_FORMAT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SYSLOG_JSON_LOG_FORMAT+++` +endif::add-copy-button-to-env-var[] +-- +a|`default`, `ecs` +|`default` + + +h|[[quarkus-logging-json_section_quarkus-log-socket-json]] [.section-name.section-level0]##link:#quarkus-logging-json_section_quarkus-log-socket-json[Socket logging]## +h|Type +h|Default + +a| [[quarkus-logging-json_quarkus-log-socket-json]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json[`quarkus.log.socket.json`]## + +[.description] +-- +Determine whether to enable the JSON console formatting extension, which disables "normal" console formatting. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`true` + +a| [[quarkus-logging-json_quarkus-log-socket-json-pretty-print]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-pretty-print[`quarkus.log.socket.json.pretty-print`]## + +[.description] +-- +Enable "pretty printing" of the JSON record. Note that some JSON parsers will fail to read the pretty printed output. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_PRETTY_PRINT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_PRETTY_PRINT+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`false` + +a| [[quarkus-logging-json_quarkus-log-socket-json-date-format]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-date-format[`quarkus.log.socket.json.date-format`]## + +[.description] +-- +The date format to use. The special string "default" indicates that the default format should be used. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_DATE_FORMAT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_DATE_FORMAT+++` +endif::add-copy-button-to-env-var[] +-- +|string +|`default` + +a| [[quarkus-logging-json_quarkus-log-socket-json-record-delimiter]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-record-delimiter[`quarkus.log.socket.json.record-delimiter`]## + +[.description] +-- +The special end-of-record delimiter to be used. By default, newline is used. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_RECORD_DELIMITER+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_RECORD_DELIMITER+++` +endif::add-copy-button-to-env-var[] +-- +|string +| + +a| [[quarkus-logging-json_quarkus-log-socket-json-zone-id]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-zone-id[`quarkus.log.socket.json.zone-id`]## + +[.description] +-- +The zone ID to use. The special string "default" indicates that the default zone should be used. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_ZONE_ID+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_ZONE_ID+++` +endif::add-copy-button-to-env-var[] +-- +|string +|`default` + +a| [[quarkus-logging-json_quarkus-log-socket-json-exception-output-type]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-exception-output-type[`quarkus.log.socket.json.exception-output-type`]## + +[.description] +-- +The exception output type to specify. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_EXCEPTION_OUTPUT_TYPE+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_EXCEPTION_OUTPUT_TYPE+++` +endif::add-copy-button-to-env-var[] +-- +a|`detailed`, `formatted`, `detailed-and-formatted` +|`detailed` + +a| [[quarkus-logging-json_quarkus-log-socket-json-print-details]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-print-details[`quarkus.log.socket.json.print-details`]## + +[.description] +-- +Enable printing of more details in the log. + +Printing the details can be expensive as the values are retrieved from the caller. The details include the source class name, source file name, source method name, and source line number. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_PRINT_DETAILS+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_PRINT_DETAILS+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`false` + +a| [[quarkus-logging-json_quarkus-log-socket-json-key-overrides]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-key-overrides[`quarkus.log.socket.json.key-overrides`]## + +[.description] +-- +Override keys with custom values. Omitting this value indicates that no key overrides will be applied. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_KEY_OVERRIDES+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_KEY_OVERRIDES+++` +endif::add-copy-button-to-env-var[] +-- +|string +| + +a| [[quarkus-logging-json_quarkus-log-socket-json-excluded-keys]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-excluded-keys[`quarkus.log.socket.json.excluded-keys`]## + +[.description] +-- +Keys to be excluded from the JSON output. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_EXCLUDED_KEYS+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_EXCLUDED_KEYS+++` +endif::add-copy-button-to-env-var[] +-- +|list of string +| + +a| [[quarkus-logging-json_quarkus-log-socket-json-additional-field-field-name-value]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-additional-field-field-name-value[`quarkus.log.socket.json.additional-field."field-name".value`]## + +[.description] +-- +Additional field value. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_ADDITIONAL_FIELD__FIELD_NAME__VALUE+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_ADDITIONAL_FIELD__FIELD_NAME__VALUE+++` +endif::add-copy-button-to-env-var[] +-- +|string +|required icon:exclamation-circle[title=Configuration property is required] + +a| [[quarkus-logging-json_quarkus-log-socket-json-additional-field-field-name-type]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-additional-field-field-name-type[`quarkus.log.socket.json.additional-field."field-name".type`]## + +[.description] +-- +Additional field type specification. Supported types: `string`, `int`, and `long`. String is the default if not specified. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_ADDITIONAL_FIELD__FIELD_NAME__TYPE+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_ADDITIONAL_FIELD__FIELD_NAME__TYPE+++` +endif::add-copy-button-to-env-var[] +-- +a|`string`, `int`, `long` +|`string` + +a| [[quarkus-logging-json_quarkus-log-socket-json-log-format]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-log-format[`quarkus.log.socket.json.log-format`]## + +[.description] +-- +Specify the format of the produced JSON + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_LOG_FORMAT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_LOG_FORMAT+++` +endif::add-copy-button-to-env-var[] +-- +a|`default`, `ecs` +|`default` + |=== diff --git a/_generated-doc/main/config/quarkus-logging-json_quarkus.log.adoc b/_generated-doc/main/config/quarkus-logging-json_quarkus.log.adoc index 9fb5e476408..3003097ad2e 100644 --- a/_generated-doc/main/config/quarkus-logging-json_quarkus.log.adoc +++ b/_generated-doc/main/config/quarkus-logging-json_quarkus.log.adoc @@ -200,6 +200,23 @@ endif::add-copy-button-to-env-var[] a|`string`, `int`, `long` |`string` +a| [[quarkus-logging-json_quarkus-log-console-json-log-format]] [.property-path]##link:#quarkus-logging-json_quarkus-log-console-json-log-format[`quarkus.log.console.json.log-format`]## + +[.description] +-- +Specify the format of the produced JSON + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_CONSOLE_JSON_LOG_FORMAT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_CONSOLE_JSON_LOG_FORMAT+++` +endif::add-copy-button-to-env-var[] +-- +a|`default`, `ecs` +|`default` + h|[[quarkus-logging-json_section_quarkus-log-file-json]] [.section-name.section-level0]##link:#quarkus-logging-json_section_quarkus-log-file-json[File logging]## h|Type @@ -394,6 +411,23 @@ endif::add-copy-button-to-env-var[] a|`string`, `int`, `long` |`string` +a| [[quarkus-logging-json_quarkus-log-file-json-log-format]] [.property-path]##link:#quarkus-logging-json_quarkus-log-file-json-log-format[`quarkus.log.file.json.log-format`]## + +[.description] +-- +Specify the format of the produced JSON + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_FILE_JSON_LOG_FORMAT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_FILE_JSON_LOG_FORMAT+++` +endif::add-copy-button-to-env-var[] +-- +a|`default`, `ecs` +|`default` + h|[[quarkus-logging-json_section_quarkus-log-syslog-json]] [.section-name.section-level0]##link:#quarkus-logging-json_section_quarkus-log-syslog-json[Syslog logging]## h|Type @@ -588,6 +622,234 @@ endif::add-copy-button-to-env-var[] a|`string`, `int`, `long` |`string` +a| [[quarkus-logging-json_quarkus-log-syslog-json-log-format]] [.property-path]##link:#quarkus-logging-json_quarkus-log-syslog-json-log-format[`quarkus.log.syslog.json.log-format`]## + +[.description] +-- +Specify the format of the produced JSON + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SYSLOG_JSON_LOG_FORMAT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SYSLOG_JSON_LOG_FORMAT+++` +endif::add-copy-button-to-env-var[] +-- +a|`default`, `ecs` +|`default` + + +h|[[quarkus-logging-json_section_quarkus-log-socket-json]] [.section-name.section-level0]##link:#quarkus-logging-json_section_quarkus-log-socket-json[Socket logging]## +h|Type +h|Default + +a| [[quarkus-logging-json_quarkus-log-socket-json]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json[`quarkus.log.socket.json`]## + +[.description] +-- +Determine whether to enable the JSON console formatting extension, which disables "normal" console formatting. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`true` + +a| [[quarkus-logging-json_quarkus-log-socket-json-pretty-print]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-pretty-print[`quarkus.log.socket.json.pretty-print`]## + +[.description] +-- +Enable "pretty printing" of the JSON record. Note that some JSON parsers will fail to read the pretty printed output. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_PRETTY_PRINT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_PRETTY_PRINT+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`false` + +a| [[quarkus-logging-json_quarkus-log-socket-json-date-format]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-date-format[`quarkus.log.socket.json.date-format`]## + +[.description] +-- +The date format to use. The special string "default" indicates that the default format should be used. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_DATE_FORMAT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_DATE_FORMAT+++` +endif::add-copy-button-to-env-var[] +-- +|string +|`default` + +a| [[quarkus-logging-json_quarkus-log-socket-json-record-delimiter]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-record-delimiter[`quarkus.log.socket.json.record-delimiter`]## + +[.description] +-- +The special end-of-record delimiter to be used. By default, newline is used. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_RECORD_DELIMITER+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_RECORD_DELIMITER+++` +endif::add-copy-button-to-env-var[] +-- +|string +| + +a| [[quarkus-logging-json_quarkus-log-socket-json-zone-id]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-zone-id[`quarkus.log.socket.json.zone-id`]## + +[.description] +-- +The zone ID to use. The special string "default" indicates that the default zone should be used. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_ZONE_ID+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_ZONE_ID+++` +endif::add-copy-button-to-env-var[] +-- +|string +|`default` + +a| [[quarkus-logging-json_quarkus-log-socket-json-exception-output-type]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-exception-output-type[`quarkus.log.socket.json.exception-output-type`]## + +[.description] +-- +The exception output type to specify. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_EXCEPTION_OUTPUT_TYPE+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_EXCEPTION_OUTPUT_TYPE+++` +endif::add-copy-button-to-env-var[] +-- +a|`detailed`, `formatted`, `detailed-and-formatted` +|`detailed` + +a| [[quarkus-logging-json_quarkus-log-socket-json-print-details]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-print-details[`quarkus.log.socket.json.print-details`]## + +[.description] +-- +Enable printing of more details in the log. + +Printing the details can be expensive as the values are retrieved from the caller. The details include the source class name, source file name, source method name, and source line number. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_PRINT_DETAILS+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_PRINT_DETAILS+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +|`false` + +a| [[quarkus-logging-json_quarkus-log-socket-json-key-overrides]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-key-overrides[`quarkus.log.socket.json.key-overrides`]## + +[.description] +-- +Override keys with custom values. Omitting this value indicates that no key overrides will be applied. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_KEY_OVERRIDES+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_KEY_OVERRIDES+++` +endif::add-copy-button-to-env-var[] +-- +|string +| + +a| [[quarkus-logging-json_quarkus-log-socket-json-excluded-keys]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-excluded-keys[`quarkus.log.socket.json.excluded-keys`]## + +[.description] +-- +Keys to be excluded from the JSON output. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_EXCLUDED_KEYS+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_EXCLUDED_KEYS+++` +endif::add-copy-button-to-env-var[] +-- +|list of string +| + +a| [[quarkus-logging-json_quarkus-log-socket-json-additional-field-field-name-value]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-additional-field-field-name-value[`quarkus.log.socket.json.additional-field."field-name".value`]## + +[.description] +-- +Additional field value. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_ADDITIONAL_FIELD__FIELD_NAME__VALUE+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_ADDITIONAL_FIELD__FIELD_NAME__VALUE+++` +endif::add-copy-button-to-env-var[] +-- +|string +|required icon:exclamation-circle[title=Configuration property is required] + +a| [[quarkus-logging-json_quarkus-log-socket-json-additional-field-field-name-type]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-additional-field-field-name-type[`quarkus.log.socket.json.additional-field."field-name".type`]## + +[.description] +-- +Additional field type specification. Supported types: `string`, `int`, and `long`. String is the default if not specified. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_ADDITIONAL_FIELD__FIELD_NAME__TYPE+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_ADDITIONAL_FIELD__FIELD_NAME__TYPE+++` +endif::add-copy-button-to-env-var[] +-- +a|`string`, `int`, `long` +|`string` + +a| [[quarkus-logging-json_quarkus-log-socket-json-log-format]] [.property-path]##link:#quarkus-logging-json_quarkus-log-socket-json-log-format[`quarkus.log.socket.json.log-format`]## + +[.description] +-- +Specify the format of the produced JSON + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_LOG_SOCKET_JSON_LOG_FORMAT+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_LOG_SOCKET_JSON_LOG_FORMAT+++` +endif::add-copy-button-to-env-var[] +-- +a|`default`, `ecs` +|`default` + |=== diff --git a/_generated-doc/main/config/quarkus-narayana-jta.adoc b/_generated-doc/main/config/quarkus-narayana-jta.adoc index bd9e0e84d35..ff8224a2b40 100644 --- a/_generated-doc/main/config/quarkus-narayana-jta.adoc +++ b/_generated-doc/main/config/quarkus-narayana-jta.adoc @@ -130,6 +130,8 @@ a| [[quarkus-narayana-jta_quarkus-transaction-manager-object-store-directory]] [ [.description] -- +The name of the directory where the transaction logs will be stored when using the `file-system` object store. If the value is not absolute then the directory is relative to the _user.dir_ system property. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_TRANSACTION_MANAGER_OBJECT_STORE_DIRECTORY+++[] @@ -145,6 +147,8 @@ a| [[quarkus-narayana-jta_quarkus-transaction-manager-object-store-type]] [.prop [.description] -- +The type of object store. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_TRANSACTION_MANAGER_OBJECT_STORE_TYPE+++[] @@ -160,6 +164,10 @@ a| [[quarkus-narayana-jta_quarkus-transaction-manager-object-store-datasource]] [.description] -- +The name of the datasource where the transaction logs will be stored when using the `jdbc` object store. + +If undefined, it will use the default datasource. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_TRANSACTION_MANAGER_OBJECT_STORE_DATASOURCE+++[] @@ -175,6 +183,8 @@ a| [[quarkus-narayana-jta_quarkus-transaction-manager-object-store-create-table] [.description] -- +Whether to create the table if it does not exist. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_TRANSACTION_MANAGER_OBJECT_STORE_CREATE_TABLE+++[] @@ -190,6 +200,8 @@ a| [[quarkus-narayana-jta_quarkus-transaction-manager-object-store-drop-table]] [.description] -- +Whether to drop the table on startup. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_TRANSACTION_MANAGER_OBJECT_STORE_DROP_TABLE+++[] @@ -205,6 +217,8 @@ a| [[quarkus-narayana-jta_quarkus-transaction-manager-object-store-table-prefix] [.description] -- +The prefix to apply to the table. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_TRANSACTION_MANAGER_OBJECT_STORE_TABLE_PREFIX+++[] diff --git a/_generated-doc/main/config/quarkus-narayana-jta_quarkus.transaction-manager.adoc b/_generated-doc/main/config/quarkus-narayana-jta_quarkus.transaction-manager.adoc index bd9e0e84d35..ff8224a2b40 100644 --- a/_generated-doc/main/config/quarkus-narayana-jta_quarkus.transaction-manager.adoc +++ b/_generated-doc/main/config/quarkus-narayana-jta_quarkus.transaction-manager.adoc @@ -130,6 +130,8 @@ a| [[quarkus-narayana-jta_quarkus-transaction-manager-object-store-directory]] [ [.description] -- +The name of the directory where the transaction logs will be stored when using the `file-system` object store. If the value is not absolute then the directory is relative to the _user.dir_ system property. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_TRANSACTION_MANAGER_OBJECT_STORE_DIRECTORY+++[] @@ -145,6 +147,8 @@ a| [[quarkus-narayana-jta_quarkus-transaction-manager-object-store-type]] [.prop [.description] -- +The type of object store. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_TRANSACTION_MANAGER_OBJECT_STORE_TYPE+++[] @@ -160,6 +164,10 @@ a| [[quarkus-narayana-jta_quarkus-transaction-manager-object-store-datasource]] [.description] -- +The name of the datasource where the transaction logs will be stored when using the `jdbc` object store. + +If undefined, it will use the default datasource. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_TRANSACTION_MANAGER_OBJECT_STORE_DATASOURCE+++[] @@ -175,6 +183,8 @@ a| [[quarkus-narayana-jta_quarkus-transaction-manager-object-store-create-table] [.description] -- +Whether to create the table if it does not exist. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_TRANSACTION_MANAGER_OBJECT_STORE_CREATE_TABLE+++[] @@ -190,6 +200,8 @@ a| [[quarkus-narayana-jta_quarkus-transaction-manager-object-store-drop-table]] [.description] -- +Whether to drop the table on startup. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_TRANSACTION_MANAGER_OBJECT_STORE_DROP_TABLE+++[] @@ -205,6 +217,8 @@ a| [[quarkus-narayana-jta_quarkus-transaction-manager-object-store-table-prefix] [.description] -- +The prefix to apply to the table. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_TRANSACTION_MANAGER_OBJECT_STORE_TABLE_PREFIX+++[] diff --git a/_generated-doc/main/config/quarkus-oidc-client-registration.adoc b/_generated-doc/main/config/quarkus-oidc-client-registration.adoc index c580613ddfe..fa03b5b63ed 100644 --- a/_generated-doc/main/config/quarkus-oidc-client-registration.adoc +++ b/_generated-doc/main/config/quarkus-oidc-client-registration.adoc @@ -28,6 +28,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-auth-serv [.description] -- +The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_AUTH_SERVER_URL+++[] @@ -43,6 +45,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-discovery [.description] -- +Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_DISCOVERY_ENABLED+++[] @@ -58,6 +62,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-registrat [.description] -- +The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_REGISTRATION_PATH+++[] @@ -73,6 +79,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-connectio [.description] -- +The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_CONNECTION_DELAY+++[] @@ -88,6 +96,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-connectio [.description] -- +The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_CONNECTION_RETRY_COUNT+++[] @@ -103,6 +113,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-connectio [.description] -- +The number of seconds after which the current OIDC connection request times out. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_CONNECTION_TIMEOUT+++[] @@ -118,6 +130,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-use-block [.description] -- +Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_USE_BLOCKING_DNS_LOOKUP+++[] @@ -133,6 +147,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-max-pool- [.description] -- +The maximum size of the connection pool used by the WebClient. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_MAX_POOL_SIZE+++[] @@ -148,6 +164,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-follow-re [.description] -- +Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_FOLLOW_REDIRECTS+++[] @@ -163,6 +181,9 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-proxy-hos [.description] -- +The host name or IP address of the Proxy. + +Note: If the OIDC adapter requires a Proxy to talk with the OIDC server (Provider), set this value to enable the usage of a Proxy. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_PROXY_HOST+++[] @@ -178,6 +199,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-proxy-por [.description] -- +The port number of the Proxy. The default value is `80`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_PROXY_PORT+++[] @@ -193,6 +216,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-proxy-use [.description] -- +The username, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_PROXY_USERNAME+++[] @@ -208,6 +233,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-proxy-pas [.description] -- +The password, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_PROXY_PASSWORD+++[] @@ -223,6 +250,12 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-tls-tls-c [.description] -- +The name of the TLS configuration to use. + +If a name is configured, it uses the configuration from `quarkus.tls..++*++` If a name is configured, but no TLS configuration is found with that name then an error will be thrown. + +The default TLS configuration is *not* used by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_TLS_TLS_CONFIGURATION_NAME+++[] @@ -378,6 +411,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-auth-s [.description] -- +The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__AUTH_SERVER_URL+++[] @@ -393,6 +428,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-discov [.description] -- +Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__DISCOVERY_ENABLED+++[] @@ -408,6 +445,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-regist [.description] -- +The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__REGISTRATION_PATH+++[] @@ -423,6 +462,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-connec [.description] -- +The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__CONNECTION_DELAY+++[] @@ -438,6 +479,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-connec [.description] -- +The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__CONNECTION_RETRY_COUNT+++[] @@ -453,6 +496,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-connec [.description] -- +The number of seconds after which the current OIDC connection request times out. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__CONNECTION_TIMEOUT+++[] @@ -468,6 +513,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-use-bl [.description] -- +Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__USE_BLOCKING_DNS_LOOKUP+++[] @@ -483,6 +530,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-max-po [.description] -- +The maximum size of the connection pool used by the WebClient. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__MAX_POOL_SIZE+++[] @@ -498,6 +547,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-follow [.description] -- +Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__FOLLOW_REDIRECTS+++[] @@ -513,6 +564,9 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-proxy- [.description] -- +The host name or IP address of the Proxy. + +Note: If the OIDC adapter requires a Proxy to talk with the OIDC server (Provider), set this value to enable the usage of a Proxy. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__PROXY_HOST+++[] @@ -528,6 +582,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-proxy- [.description] -- +The port number of the Proxy. The default value is `80`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__PROXY_PORT+++[] @@ -543,6 +599,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-proxy- [.description] -- +The username, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__PROXY_USERNAME+++[] @@ -558,6 +616,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-proxy- [.description] -- +The password, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__PROXY_PASSWORD+++[] @@ -573,6 +633,12 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-tls-tl [.description] -- +The name of the TLS configuration to use. + +If a name is configured, it uses the configuration from `quarkus.tls..++*++` If a name is configured, but no TLS configuration is found with that name then an error will be thrown. + +The default TLS configuration is *not* used by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__TLS_TLS_CONFIGURATION_NAME+++[] diff --git a/_generated-doc/main/config/quarkus-oidc-client-registration_quarkus.oidc-client-registration.adoc b/_generated-doc/main/config/quarkus-oidc-client-registration_quarkus.oidc-client-registration.adoc index c580613ddfe..fa03b5b63ed 100644 --- a/_generated-doc/main/config/quarkus-oidc-client-registration_quarkus.oidc-client-registration.adoc +++ b/_generated-doc/main/config/quarkus-oidc-client-registration_quarkus.oidc-client-registration.adoc @@ -28,6 +28,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-auth-serv [.description] -- +The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_AUTH_SERVER_URL+++[] @@ -43,6 +45,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-discovery [.description] -- +Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_DISCOVERY_ENABLED+++[] @@ -58,6 +62,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-registrat [.description] -- +The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_REGISTRATION_PATH+++[] @@ -73,6 +79,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-connectio [.description] -- +The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_CONNECTION_DELAY+++[] @@ -88,6 +96,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-connectio [.description] -- +The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_CONNECTION_RETRY_COUNT+++[] @@ -103,6 +113,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-connectio [.description] -- +The number of seconds after which the current OIDC connection request times out. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_CONNECTION_TIMEOUT+++[] @@ -118,6 +130,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-use-block [.description] -- +Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_USE_BLOCKING_DNS_LOOKUP+++[] @@ -133,6 +147,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-max-pool- [.description] -- +The maximum size of the connection pool used by the WebClient. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_MAX_POOL_SIZE+++[] @@ -148,6 +164,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-follow-re [.description] -- +Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_FOLLOW_REDIRECTS+++[] @@ -163,6 +181,9 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-proxy-hos [.description] -- +The host name or IP address of the Proxy. + +Note: If the OIDC adapter requires a Proxy to talk with the OIDC server (Provider), set this value to enable the usage of a Proxy. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_PROXY_HOST+++[] @@ -178,6 +199,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-proxy-por [.description] -- +The port number of the Proxy. The default value is `80`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_PROXY_PORT+++[] @@ -193,6 +216,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-proxy-use [.description] -- +The username, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_PROXY_USERNAME+++[] @@ -208,6 +233,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-proxy-pas [.description] -- +The password, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_PROXY_PASSWORD+++[] @@ -223,6 +250,12 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-tls-tls-c [.description] -- +The name of the TLS configuration to use. + +If a name is configured, it uses the configuration from `quarkus.tls..++*++` If a name is configured, but no TLS configuration is found with that name then an error will be thrown. + +The default TLS configuration is *not* used by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_TLS_TLS_CONFIGURATION_NAME+++[] @@ -378,6 +411,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-auth-s [.description] -- +The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__AUTH_SERVER_URL+++[] @@ -393,6 +428,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-discov [.description] -- +Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__DISCOVERY_ENABLED+++[] @@ -408,6 +445,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-regist [.description] -- +The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__REGISTRATION_PATH+++[] @@ -423,6 +462,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-connec [.description] -- +The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__CONNECTION_DELAY+++[] @@ -438,6 +479,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-connec [.description] -- +The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__CONNECTION_RETRY_COUNT+++[] @@ -453,6 +496,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-connec [.description] -- +The number of seconds after which the current OIDC connection request times out. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__CONNECTION_TIMEOUT+++[] @@ -468,6 +513,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-use-bl [.description] -- +Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__USE_BLOCKING_DNS_LOOKUP+++[] @@ -483,6 +530,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-max-po [.description] -- +The maximum size of the connection pool used by the WebClient. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__MAX_POOL_SIZE+++[] @@ -498,6 +547,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-follow [.description] -- +Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__FOLLOW_REDIRECTS+++[] @@ -513,6 +564,9 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-proxy- [.description] -- +The host name or IP address of the Proxy. + +Note: If the OIDC adapter requires a Proxy to talk with the OIDC server (Provider), set this value to enable the usage of a Proxy. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__PROXY_HOST+++[] @@ -528,6 +582,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-proxy- [.description] -- +The port number of the Proxy. The default value is `80`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__PROXY_PORT+++[] @@ -543,6 +599,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-proxy- [.description] -- +The username, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__PROXY_USERNAME+++[] @@ -558,6 +616,8 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-proxy- [.description] -- +The password, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__PROXY_PASSWORD+++[] @@ -573,6 +633,12 @@ a| [[quarkus-oidc-client-registration_quarkus-oidc-client-registration-id-tls-tl [.description] -- +The name of the TLS configuration to use. + +If a name is configured, it uses the configuration from `quarkus.tls..++*++` If a name is configured, but no TLS configuration is found with that name then an error will be thrown. + +The default TLS configuration is *not* used by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION__ID__TLS_TLS_CONFIGURATION_NAME+++[] diff --git a/_generated-doc/main/config/quarkus-oidc-client.adoc b/_generated-doc/main/config/quarkus-oidc-client.adoc index 1126aece1f9..4b16e500989 100644 --- a/_generated-doc/main/config/quarkus-oidc-client.adoc +++ b/_generated-doc/main/config/quarkus-oidc-client.adoc @@ -28,6 +28,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-auth-server-url]] [.property-path]# [.description] -- +The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_AUTH_SERVER_URL+++[] @@ -43,6 +45,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-discovery-enabled]] [.property-path [.description] -- +Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_DISCOVERY_ENABLED+++[] @@ -58,6 +62,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-registration-path]] [.property-path [.description] -- +The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_PATH+++[] @@ -73,6 +79,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-connection-delay]] [.property-path] [.description] -- +The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CONNECTION_DELAY+++[] @@ -88,6 +96,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-connection-retry-count]] [.property [.description] -- +The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CONNECTION_RETRY_COUNT+++[] @@ -103,6 +113,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-connection-timeout]] [.property-pat [.description] -- +The number of seconds after which the current OIDC connection request times out. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CONNECTION_TIMEOUT+++[] @@ -118,6 +130,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-use-blocking-dns-lookup]] [.propert [.description] -- +Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_USE_BLOCKING_DNS_LOOKUP+++[] @@ -133,6 +147,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-max-pool-size]] [.property-path]##l [.description] -- +The maximum size of the connection pool used by the WebClient. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_MAX_POOL_SIZE+++[] @@ -148,6 +164,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-follow-redirects]] [.property-path] [.description] -- +Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_FOLLOW_REDIRECTS+++[] @@ -163,6 +181,9 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-proxy-host]] [.property-path]##link [.description] -- +The host name or IP address of the Proxy. + +Note: If the OIDC adapter requires a Proxy to talk with the OIDC server (Provider), set this value to enable the usage of a Proxy. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_PROXY_HOST+++[] @@ -178,6 +199,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-proxy-port]] [.property-path]##link [.description] -- +The port number of the Proxy. The default value is `80`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_PROXY_PORT+++[] @@ -193,6 +216,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-proxy-username]] [.property-path]## [.description] -- +The username, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_PROXY_USERNAME+++[] @@ -208,6 +233,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-proxy-password]] [.property-path]## [.description] -- +The password, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_PROXY_PASSWORD+++[] @@ -223,6 +250,12 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-tls-tls-configuration-name]] [.prop [.description] -- +The name of the TLS configuration to use. + +If a name is configured, it uses the configuration from `quarkus.tls..++*++` If a name is configured, but no TLS configuration is found with that name then an error will be thrown. + +The default TLS configuration is *not* used by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_TLS_TLS_CONFIGURATION_NAME+++[] @@ -238,6 +271,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-token-path]] [.property-path]##link [.description] -- +The OIDC token endpoint that issues access and refresh tokens; specified as a relative path or absolute URL. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_TOKEN_PATH+++[] @@ -253,6 +288,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-revoke-path]] [.property-path]##lin [.description] -- +The relative path or absolute URL of the OIDC token revocation endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REVOKE_PATH+++[] @@ -268,6 +305,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-client-id]] [.property-path]##link: [.description] -- +The client id of the application. Each application has a client id that is used to identify the application. Setting the client id is not required if `application-type` is `service` and no token introspection is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CLIENT_ID+++[] @@ -283,6 +322,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-client-name]] [.property-path]##lin [.description] -- +The client name of the application. It is meant to represent a human readable description of the application which you may provide when an application (client) is registered in an OpenId Connect provider's dashboard. For example, you can set this property to have more informative log messages which record an activity of the given client. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CLIENT_NAME+++[] @@ -298,6 +339,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-secret]] [.property-pat [.description] -- +The client secret used by the `client_secret_basic` authentication method. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. You can use `client-secret.value` instead, but both properties are mutually exclusive. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_SECRET+++[] @@ -313,6 +356,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-client-secret-value]] [ [.description] -- +The client secret value. This value is ignored if `credentials.secret` is set. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_CLIENT_SECRET_VALUE+++[] @@ -328,6 +373,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-client-secret-provider- [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_CLIENT_SECRET_PROVIDER_NAME+++[] @@ -343,6 +390,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-client-secret-provider- [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_CLIENT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -358,6 +407,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-client-secret-provider- [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_CLIENT_SECRET_PROVIDER_KEY+++[] @@ -373,6 +424,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-client-secret-method]] [.description] -- +The authentication method. If the `clientSecret.value` secret is set, this method is `basic` by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_CLIENT_SECRET_METHOD+++[] @@ -381,13 +434,15 @@ ifndef::add-copy-button-to-env-var[] Environment variable: `+++QUARKUS_OIDC_CLIENT_CREDENTIALS_CLIENT_SECRET_METHOD+++` endif::add-copy-button-to-env-var[] -- -a|`basic`, `post`, `post-jwt`, `query` +a|tooltip:basic[`client_secret_basic` (default)\: The client id and secret are submitted with the HTTP Authorization Basic scheme.], tooltip:post[`client_secret_post`\: The client id and secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:post-jwt[`client_secret_jwt`\: The client id and generated JWT secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:query[client id and secret are submitted as HTTP query parameters. This option is only supported by the OIDC extension.] | a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-source]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-source[`quarkus.oidc-client.credentials.jwt.source`]## [.description] -- +JWT token source: OIDC provider client or an existing JWT bearer token. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_SOURCE+++[] @@ -403,6 +458,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-secret]] [.property [.description] -- +If provided, indicates that JWT is signed using a secret key. It is mutually exclusive with `key`, `key-file` and `key-store` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_SECRET+++[] @@ -418,6 +475,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-secret-provider-nam [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_SECRET_PROVIDER_NAME+++[] @@ -433,6 +492,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-secret-provider-key [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -448,6 +509,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-secret-provider-key [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_SECRET_PROVIDER_KEY+++[] @@ -463,6 +526,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-key]] [.property-pa [.description] -- +String representation of a private key. If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key-file` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_KEY+++[] @@ -478,6 +543,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-key-file]] [.proper [.description] -- +If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_KEY_FILE+++[] @@ -493,6 +560,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-key-store-file]] [. [.description] -- +If provided, indicates that JWT is signed using a private key from a keystore. It is mutually exclusive with `secret`, `key` and `key-file` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_KEY_STORE_FILE+++[] @@ -508,6 +577,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-key-store-password] [.description] -- +A parameter to specify the password of the keystore file. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_KEY_STORE_PASSWORD+++[] @@ -523,6 +594,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-key-id]] [.property [.description] -- +The private key id or alias. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_KEY_ID+++[] @@ -538,6 +611,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-key-password]] [.pr [.description] -- +The private key password. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_KEY_PASSWORD+++[] @@ -553,6 +628,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-audience]] [.proper [.description] -- +The JWT audience (`aud`) claim value. By default, the audience is set to the address of the OpenId Connect Provider's token endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_AUDIENCE+++[] @@ -568,6 +645,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-token-key-id]] [.pr [.description] -- +The key identifier of the signing key added as a JWT `kid` header. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_TOKEN_KEY_ID+++[] @@ -583,6 +662,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-issuer]] [.property [.description] -- +The issuer of the signing key added as a JWT `iss` claim. The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_ISSUER+++[] @@ -598,6 +679,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-subject]] [.propert [.description] -- +Subject of the signing key added as a JWT `sub` claim The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_SUBJECT+++[] @@ -613,6 +696,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-claims-claim-name]] [.description] -- +Additional claims. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_CLAIMS__CLAIM_NAME_+++[] @@ -628,6 +713,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-signature-algorithm [.description] -- +The signature algorithm used for the `key-file` property. Supported values: `RS256` (default), `RS384`, `RS512`, `PS256`, `PS384`, `PS512`, `ES256`, `ES384`, `ES512`, `HS256`, `HS384`, `HS512`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_SIGNATURE_ALGORITHM+++[] @@ -643,6 +730,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-lifespan]] [.proper [.description] -- +The JWT lifespan in seconds. This value is added to the time at which the JWT was issued to calculate the expiration time. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_LIFESPAN+++[] @@ -658,6 +747,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-assertion]] [.prope [.description] -- +If true then the client authentication token is a JWT bearer grant assertion. Instead of producing 'client_assertion' and 'client_assertion_type' form properties, only 'assertion' is produced. This option is only supported by the OIDC client extension. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_ASSERTION+++[] @@ -915,6 +1006,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-auth-server-url]] [.property-pat [.description] -- +The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__AUTH_SERVER_URL+++[] @@ -930,6 +1023,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-discovery-enabled]] [.property-p [.description] -- +Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__DISCOVERY_ENABLED+++[] @@ -945,6 +1040,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-registration-path]] [.property-p [.description] -- +The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__REGISTRATION_PATH+++[] @@ -960,6 +1057,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-connection-delay]] [.property-pa [.description] -- +The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_DELAY+++[] @@ -975,6 +1074,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-connection-retry-count]] [.prope [.description] -- +The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_RETRY_COUNT+++[] @@ -990,6 +1091,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-connection-timeout]] [.property- [.description] -- +The number of seconds after which the current OIDC connection request times out. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_TIMEOUT+++[] @@ -1005,6 +1108,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-use-blocking-dns-lookup]] [.prop [.description] -- +Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__USE_BLOCKING_DNS_LOOKUP+++[] @@ -1020,6 +1125,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-max-pool-size]] [.property-path] [.description] -- +The maximum size of the connection pool used by the WebClient. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__MAX_POOL_SIZE+++[] @@ -1035,6 +1142,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-follow-redirects]] [.property-pa [.description] -- +Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__FOLLOW_REDIRECTS+++[] @@ -1050,6 +1159,9 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-host]] [.property-path]##l [.description] -- +The host name or IP address of the Proxy. + +Note: If the OIDC adapter requires a Proxy to talk with the OIDC server (Provider), set this value to enable the usage of a Proxy. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_HOST+++[] @@ -1065,6 +1177,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-port]] [.property-path]##l [.description] -- +The port number of the Proxy. The default value is `80`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_PORT+++[] @@ -1080,6 +1194,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-username]] [.property-path [.description] -- +The username, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_USERNAME+++[] @@ -1095,6 +1211,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-password]] [.property-path [.description] -- +The password, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_PASSWORD+++[] @@ -1110,6 +1228,12 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-tls-tls-configuration-name]] [.p [.description] -- +The name of the TLS configuration to use. + +If a name is configured, it uses the configuration from `quarkus.tls..++*++` If a name is configured, but no TLS configuration is found with that name then an error will be thrown. + +The default TLS configuration is *not* used by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__TLS_TLS_CONFIGURATION_NAME+++[] @@ -1125,6 +1249,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-token-path]] [.property-path]##l [.description] -- +The OIDC token endpoint that issues access and refresh tokens; specified as a relative path or absolute URL. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__TOKEN_PATH+++[] @@ -1140,6 +1266,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-revoke-path]] [.property-path]## [.description] -- +The relative path or absolute URL of the OIDC token revocation endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__REVOKE_PATH+++[] @@ -1155,6 +1283,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-client-id]] [.property-path]##li [.description] -- +The client id of the application. Each application has a client id that is used to identify the application. Setting the client id is not required if `application-type` is `service` and no token introspection is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CLIENT_ID+++[] @@ -1170,6 +1300,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-client-name]] [.property-path]## [.description] -- +The client name of the application. It is meant to represent a human readable description of the application which you may provide when an application (client) is registered in an OpenId Connect provider's dashboard. For example, you can set this property to have more informative log messages which record an activity of the given client. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CLIENT_NAME+++[] @@ -1185,6 +1317,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-secret]] [.property- [.description] -- +The client secret used by the `client_secret_basic` authentication method. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. You can use `client-secret.value` instead, but both properties are mutually exclusive. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_SECRET+++[] @@ -1200,6 +1334,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-value] [.description] -- +The client secret value. This value is ignored if `credentials.secret` is set. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_VALUE+++[] @@ -1215,6 +1351,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provid [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_NAME+++[] @@ -1230,6 +1368,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provid [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -1245,6 +1385,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provid [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEY+++[] @@ -1260,6 +1402,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-method [.description] -- +The authentication method. If the `clientSecret.value` secret is set, this method is `basic` by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_METHOD+++[] @@ -1268,13 +1412,15 @@ ifndef::add-copy-button-to-env-var[] Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_METHOD+++` endif::add-copy-button-to-env-var[] -- -a|`basic`, `post`, `post-jwt`, `query` +a|tooltip:basic[`client_secret_basic` (default)\: The client id and secret are submitted with the HTTP Authorization Basic scheme.], tooltip:post[`client_secret_post`\: The client id and secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:post-jwt[`client_secret_jwt`\: The client id and generated JWT secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:query[client id and secret are submitted as HTTP query parameters. This option is only supported by the OIDC extension.] | a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-source]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-source[`quarkus.oidc-client."id".credentials.jwt.source`]## [.description] -- +JWT token source: OIDC provider client or an existing JWT bearer token. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SOURCE+++[] @@ -1290,6 +1436,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret]] [.prope [.description] -- +If provided, indicates that JWT is signed using a secret key. It is mutually exclusive with `key`, `key-file` and `key-store` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET+++[] @@ -1305,6 +1453,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider- [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_NAME+++[] @@ -1320,6 +1470,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider- [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -1335,6 +1487,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider- [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_KEY+++[] @@ -1350,6 +1504,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key]] [.property [.description] -- +String representation of a private key. If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key-file` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY+++[] @@ -1365,6 +1521,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-file]] [.pro [.description] -- +If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_FILE+++[] @@ -1380,6 +1538,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-store-file]] [.description] -- +If provided, indicates that JWT is signed using a private key from a keystore. It is mutually exclusive with `secret`, `key` and `key-file` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_STORE_FILE+++[] @@ -1395,6 +1555,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-store-passwo [.description] -- +A parameter to specify the password of the keystore file. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_STORE_PASSWORD+++[] @@ -1410,6 +1572,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-id]] [.prope [.description] -- +The private key id or alias. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_ID+++[] @@ -1425,6 +1589,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-password]] [ [.description] -- +The private key password. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_PASSWORD+++[] @@ -1440,6 +1606,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-audience]] [.pro [.description] -- +The JWT audience (`aud`) claim value. By default, the audience is set to the address of the OpenId Connect Provider's token endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_AUDIENCE+++[] @@ -1455,6 +1623,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-token-key-id]] [ [.description] -- +The key identifier of the signing key added as a JWT `kid` header. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_TOKEN_KEY_ID+++[] @@ -1470,6 +1640,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-issuer]] [.prope [.description] -- +The issuer of the signing key added as a JWT `iss` claim. The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_ISSUER+++[] @@ -1485,6 +1657,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-subject]] [.prop [.description] -- +Subject of the signing key added as a JWT `sub` claim The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SUBJECT+++[] @@ -1500,6 +1674,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-claims-claim-nam [.description] -- +Additional claims. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_CLAIMS__CLAIM_NAME_+++[] @@ -1515,6 +1691,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-signature-algori [.description] -- +The signature algorithm used for the `key-file` property. Supported values: `RS256` (default), `RS384`, `RS512`, `PS256`, `PS384`, `PS512`, `ES256`, `ES384`, `ES512`, `HS256`, `HS384`, `HS512`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SIGNATURE_ALGORITHM+++[] @@ -1530,6 +1708,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-lifespan]] [.pro [.description] -- +The JWT lifespan in seconds. This value is added to the time at which the JWT was issued to calculate the expiration time. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_LIFESPAN+++[] @@ -1545,6 +1725,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-assertion]] [.pr [.description] -- +If true then the client authentication token is a JWT bearer grant assertion. Instead of producing 'client_assertion' and 'client_assertion_type' form properties, only 'assertion' is produced. This option is only supported by the OIDC client extension. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_ASSERTION+++[] diff --git a/_generated-doc/main/config/quarkus-oidc-client_quarkus.oidc-client.adoc b/_generated-doc/main/config/quarkus-oidc-client_quarkus.oidc-client.adoc index 1126aece1f9..4b16e500989 100644 --- a/_generated-doc/main/config/quarkus-oidc-client_quarkus.oidc-client.adoc +++ b/_generated-doc/main/config/quarkus-oidc-client_quarkus.oidc-client.adoc @@ -28,6 +28,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-auth-server-url]] [.property-path]# [.description] -- +The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_AUTH_SERVER_URL+++[] @@ -43,6 +45,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-discovery-enabled]] [.property-path [.description] -- +Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_DISCOVERY_ENABLED+++[] @@ -58,6 +62,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-registration-path]] [.property-path [.description] -- +The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REGISTRATION_PATH+++[] @@ -73,6 +79,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-connection-delay]] [.property-path] [.description] -- +The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CONNECTION_DELAY+++[] @@ -88,6 +96,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-connection-retry-count]] [.property [.description] -- +The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CONNECTION_RETRY_COUNT+++[] @@ -103,6 +113,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-connection-timeout]] [.property-pat [.description] -- +The number of seconds after which the current OIDC connection request times out. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CONNECTION_TIMEOUT+++[] @@ -118,6 +130,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-use-blocking-dns-lookup]] [.propert [.description] -- +Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_USE_BLOCKING_DNS_LOOKUP+++[] @@ -133,6 +147,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-max-pool-size]] [.property-path]##l [.description] -- +The maximum size of the connection pool used by the WebClient. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_MAX_POOL_SIZE+++[] @@ -148,6 +164,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-follow-redirects]] [.property-path] [.description] -- +Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_FOLLOW_REDIRECTS+++[] @@ -163,6 +181,9 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-proxy-host]] [.property-path]##link [.description] -- +The host name or IP address of the Proxy. + +Note: If the OIDC adapter requires a Proxy to talk with the OIDC server (Provider), set this value to enable the usage of a Proxy. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_PROXY_HOST+++[] @@ -178,6 +199,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-proxy-port]] [.property-path]##link [.description] -- +The port number of the Proxy. The default value is `80`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_PROXY_PORT+++[] @@ -193,6 +216,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-proxy-username]] [.property-path]## [.description] -- +The username, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_PROXY_USERNAME+++[] @@ -208,6 +233,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-proxy-password]] [.property-path]## [.description] -- +The password, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_PROXY_PASSWORD+++[] @@ -223,6 +250,12 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-tls-tls-configuration-name]] [.prop [.description] -- +The name of the TLS configuration to use. + +If a name is configured, it uses the configuration from `quarkus.tls..++*++` If a name is configured, but no TLS configuration is found with that name then an error will be thrown. + +The default TLS configuration is *not* used by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_TLS_TLS_CONFIGURATION_NAME+++[] @@ -238,6 +271,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-token-path]] [.property-path]##link [.description] -- +The OIDC token endpoint that issues access and refresh tokens; specified as a relative path or absolute URL. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_TOKEN_PATH+++[] @@ -253,6 +288,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-revoke-path]] [.property-path]##lin [.description] -- +The relative path or absolute URL of the OIDC token revocation endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_REVOKE_PATH+++[] @@ -268,6 +305,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-client-id]] [.property-path]##link: [.description] -- +The client id of the application. Each application has a client id that is used to identify the application. Setting the client id is not required if `application-type` is `service` and no token introspection is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CLIENT_ID+++[] @@ -283,6 +322,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-client-name]] [.property-path]##lin [.description] -- +The client name of the application. It is meant to represent a human readable description of the application which you may provide when an application (client) is registered in an OpenId Connect provider's dashboard. For example, you can set this property to have more informative log messages which record an activity of the given client. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CLIENT_NAME+++[] @@ -298,6 +339,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-secret]] [.property-pat [.description] -- +The client secret used by the `client_secret_basic` authentication method. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. You can use `client-secret.value` instead, but both properties are mutually exclusive. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_SECRET+++[] @@ -313,6 +356,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-client-secret-value]] [ [.description] -- +The client secret value. This value is ignored if `credentials.secret` is set. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_CLIENT_SECRET_VALUE+++[] @@ -328,6 +373,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-client-secret-provider- [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_CLIENT_SECRET_PROVIDER_NAME+++[] @@ -343,6 +390,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-client-secret-provider- [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_CLIENT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -358,6 +407,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-client-secret-provider- [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_CLIENT_SECRET_PROVIDER_KEY+++[] @@ -373,6 +424,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-client-secret-method]] [.description] -- +The authentication method. If the `clientSecret.value` secret is set, this method is `basic` by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_CLIENT_SECRET_METHOD+++[] @@ -381,13 +434,15 @@ ifndef::add-copy-button-to-env-var[] Environment variable: `+++QUARKUS_OIDC_CLIENT_CREDENTIALS_CLIENT_SECRET_METHOD+++` endif::add-copy-button-to-env-var[] -- -a|`basic`, `post`, `post-jwt`, `query` +a|tooltip:basic[`client_secret_basic` (default)\: The client id and secret are submitted with the HTTP Authorization Basic scheme.], tooltip:post[`client_secret_post`\: The client id and secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:post-jwt[`client_secret_jwt`\: The client id and generated JWT secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:query[client id and secret are submitted as HTTP query parameters. This option is only supported by the OIDC extension.] | a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-source]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-source[`quarkus.oidc-client.credentials.jwt.source`]## [.description] -- +JWT token source: OIDC provider client or an existing JWT bearer token. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_SOURCE+++[] @@ -403,6 +458,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-secret]] [.property [.description] -- +If provided, indicates that JWT is signed using a secret key. It is mutually exclusive with `key`, `key-file` and `key-store` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_SECRET+++[] @@ -418,6 +475,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-secret-provider-nam [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_SECRET_PROVIDER_NAME+++[] @@ -433,6 +492,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-secret-provider-key [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -448,6 +509,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-secret-provider-key [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_SECRET_PROVIDER_KEY+++[] @@ -463,6 +526,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-key]] [.property-pa [.description] -- +String representation of a private key. If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key-file` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_KEY+++[] @@ -478,6 +543,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-key-file]] [.proper [.description] -- +If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_KEY_FILE+++[] @@ -493,6 +560,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-key-store-file]] [. [.description] -- +If provided, indicates that JWT is signed using a private key from a keystore. It is mutually exclusive with `secret`, `key` and `key-file` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_KEY_STORE_FILE+++[] @@ -508,6 +577,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-key-store-password] [.description] -- +A parameter to specify the password of the keystore file. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_KEY_STORE_PASSWORD+++[] @@ -523,6 +594,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-key-id]] [.property [.description] -- +The private key id or alias. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_KEY_ID+++[] @@ -538,6 +611,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-key-password]] [.pr [.description] -- +The private key password. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_KEY_PASSWORD+++[] @@ -553,6 +628,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-audience]] [.proper [.description] -- +The JWT audience (`aud`) claim value. By default, the audience is set to the address of the OpenId Connect Provider's token endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_AUDIENCE+++[] @@ -568,6 +645,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-token-key-id]] [.pr [.description] -- +The key identifier of the signing key added as a JWT `kid` header. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_TOKEN_KEY_ID+++[] @@ -583,6 +662,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-issuer]] [.property [.description] -- +The issuer of the signing key added as a JWT `iss` claim. The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_ISSUER+++[] @@ -598,6 +679,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-subject]] [.propert [.description] -- +Subject of the signing key added as a JWT `sub` claim The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_SUBJECT+++[] @@ -613,6 +696,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-claims-claim-name]] [.description] -- +Additional claims. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_CLAIMS__CLAIM_NAME_+++[] @@ -628,6 +713,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-signature-algorithm [.description] -- +The signature algorithm used for the `key-file` property. Supported values: `RS256` (default), `RS384`, `RS512`, `PS256`, `PS384`, `PS512`, `ES256`, `ES384`, `ES512`, `HS256`, `HS384`, `HS512`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_SIGNATURE_ALGORITHM+++[] @@ -643,6 +730,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-lifespan]] [.proper [.description] -- +The JWT lifespan in seconds. This value is added to the time at which the JWT was issued to calculate the expiration time. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_LIFESPAN+++[] @@ -658,6 +747,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-assertion]] [.prope [.description] -- +If true then the client authentication token is a JWT bearer grant assertion. Instead of producing 'client_assertion' and 'client_assertion_type' form properties, only 'assertion' is produced. This option is only supported by the OIDC client extension. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_ASSERTION+++[] @@ -915,6 +1006,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-auth-server-url]] [.property-pat [.description] -- +The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__AUTH_SERVER_URL+++[] @@ -930,6 +1023,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-discovery-enabled]] [.property-p [.description] -- +Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__DISCOVERY_ENABLED+++[] @@ -945,6 +1040,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-registration-path]] [.property-p [.description] -- +The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__REGISTRATION_PATH+++[] @@ -960,6 +1057,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-connection-delay]] [.property-pa [.description] -- +The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_DELAY+++[] @@ -975,6 +1074,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-connection-retry-count]] [.prope [.description] -- +The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_RETRY_COUNT+++[] @@ -990,6 +1091,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-connection-timeout]] [.property- [.description] -- +The number of seconds after which the current OIDC connection request times out. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_TIMEOUT+++[] @@ -1005,6 +1108,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-use-blocking-dns-lookup]] [.prop [.description] -- +Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__USE_BLOCKING_DNS_LOOKUP+++[] @@ -1020,6 +1125,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-max-pool-size]] [.property-path] [.description] -- +The maximum size of the connection pool used by the WebClient. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__MAX_POOL_SIZE+++[] @@ -1035,6 +1142,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-follow-redirects]] [.property-pa [.description] -- +Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__FOLLOW_REDIRECTS+++[] @@ -1050,6 +1159,9 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-host]] [.property-path]##l [.description] -- +The host name or IP address of the Proxy. + +Note: If the OIDC adapter requires a Proxy to talk with the OIDC server (Provider), set this value to enable the usage of a Proxy. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_HOST+++[] @@ -1065,6 +1177,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-port]] [.property-path]##l [.description] -- +The port number of the Proxy. The default value is `80`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_PORT+++[] @@ -1080,6 +1194,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-username]] [.property-path [.description] -- +The username, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_USERNAME+++[] @@ -1095,6 +1211,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-password]] [.property-path [.description] -- +The password, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_PASSWORD+++[] @@ -1110,6 +1228,12 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-tls-tls-configuration-name]] [.p [.description] -- +The name of the TLS configuration to use. + +If a name is configured, it uses the configuration from `quarkus.tls..++*++` If a name is configured, but no TLS configuration is found with that name then an error will be thrown. + +The default TLS configuration is *not* used by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__TLS_TLS_CONFIGURATION_NAME+++[] @@ -1125,6 +1249,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-token-path]] [.property-path]##l [.description] -- +The OIDC token endpoint that issues access and refresh tokens; specified as a relative path or absolute URL. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__TOKEN_PATH+++[] @@ -1140,6 +1266,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-revoke-path]] [.property-path]## [.description] -- +The relative path or absolute URL of the OIDC token revocation endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__REVOKE_PATH+++[] @@ -1155,6 +1283,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-client-id]] [.property-path]##li [.description] -- +The client id of the application. Each application has a client id that is used to identify the application. Setting the client id is not required if `application-type` is `service` and no token introspection is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CLIENT_ID+++[] @@ -1170,6 +1300,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-client-name]] [.property-path]## [.description] -- +The client name of the application. It is meant to represent a human readable description of the application which you may provide when an application (client) is registered in an OpenId Connect provider's dashboard. For example, you can set this property to have more informative log messages which record an activity of the given client. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CLIENT_NAME+++[] @@ -1185,6 +1317,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-secret]] [.property- [.description] -- +The client secret used by the `client_secret_basic` authentication method. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. You can use `client-secret.value` instead, but both properties are mutually exclusive. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_SECRET+++[] @@ -1200,6 +1334,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-value] [.description] -- +The client secret value. This value is ignored if `credentials.secret` is set. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_VALUE+++[] @@ -1215,6 +1351,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provid [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_NAME+++[] @@ -1230,6 +1368,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provid [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -1245,6 +1385,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provid [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEY+++[] @@ -1260,6 +1402,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-method [.description] -- +The authentication method. If the `clientSecret.value` secret is set, this method is `basic` by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_METHOD+++[] @@ -1268,13 +1412,15 @@ ifndef::add-copy-button-to-env-var[] Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_METHOD+++` endif::add-copy-button-to-env-var[] -- -a|`basic`, `post`, `post-jwt`, `query` +a|tooltip:basic[`client_secret_basic` (default)\: The client id and secret are submitted with the HTTP Authorization Basic scheme.], tooltip:post[`client_secret_post`\: The client id and secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:post-jwt[`client_secret_jwt`\: The client id and generated JWT secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:query[client id and secret are submitted as HTTP query parameters. This option is only supported by the OIDC extension.] | a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-source]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-source[`quarkus.oidc-client."id".credentials.jwt.source`]## [.description] -- +JWT token source: OIDC provider client or an existing JWT bearer token. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SOURCE+++[] @@ -1290,6 +1436,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret]] [.prope [.description] -- +If provided, indicates that JWT is signed using a secret key. It is mutually exclusive with `key`, `key-file` and `key-store` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET+++[] @@ -1305,6 +1453,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider- [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_NAME+++[] @@ -1320,6 +1470,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider- [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -1335,6 +1487,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider- [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_KEY+++[] @@ -1350,6 +1504,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key]] [.property [.description] -- +String representation of a private key. If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key-file` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY+++[] @@ -1365,6 +1521,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-file]] [.pro [.description] -- +If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_FILE+++[] @@ -1380,6 +1538,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-store-file]] [.description] -- +If provided, indicates that JWT is signed using a private key from a keystore. It is mutually exclusive with `secret`, `key` and `key-file` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_STORE_FILE+++[] @@ -1395,6 +1555,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-store-passwo [.description] -- +A parameter to specify the password of the keystore file. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_STORE_PASSWORD+++[] @@ -1410,6 +1572,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-id]] [.prope [.description] -- +The private key id or alias. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_ID+++[] @@ -1425,6 +1589,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-password]] [ [.description] -- +The private key password. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_PASSWORD+++[] @@ -1440,6 +1606,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-audience]] [.pro [.description] -- +The JWT audience (`aud`) claim value. By default, the audience is set to the address of the OpenId Connect Provider's token endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_AUDIENCE+++[] @@ -1455,6 +1623,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-token-key-id]] [ [.description] -- +The key identifier of the signing key added as a JWT `kid` header. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_TOKEN_KEY_ID+++[] @@ -1470,6 +1640,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-issuer]] [.prope [.description] -- +The issuer of the signing key added as a JWT `iss` claim. The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_ISSUER+++[] @@ -1485,6 +1657,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-subject]] [.prop [.description] -- +Subject of the signing key added as a JWT `sub` claim The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SUBJECT+++[] @@ -1500,6 +1674,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-claims-claim-nam [.description] -- +Additional claims. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_CLAIMS__CLAIM_NAME_+++[] @@ -1515,6 +1691,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-signature-algori [.description] -- +The signature algorithm used for the `key-file` property. Supported values: `RS256` (default), `RS384`, `RS512`, `PS256`, `PS384`, `PS512`, `ES256`, `ES384`, `ES512`, `HS256`, `HS384`, `HS512`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SIGNATURE_ALGORITHM+++[] @@ -1530,6 +1708,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-lifespan]] [.pro [.description] -- +The JWT lifespan in seconds. This value is added to the time at which the JWT was issued to calculate the expiration time. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_LIFESPAN+++[] @@ -1545,6 +1725,8 @@ a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-assertion]] [.pr [.description] -- +If true then the client authentication token is a JWT bearer grant assertion. Instead of producing 'client_assertion' and 'client_assertion_type' form properties, only 'assertion' is produced. This option is only supported by the OIDC client extension. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_ASSERTION+++[] diff --git a/_generated-doc/main/config/quarkus-oidc.adoc b/_generated-doc/main/config/quarkus-oidc.adoc index 842f3b1def6..abff84fbb93 100644 --- a/_generated-doc/main/config/quarkus-oidc.adoc +++ b/_generated-doc/main/config/quarkus-oidc.adoc @@ -96,6 +96,8 @@ a| [[quarkus-oidc_quarkus-oidc-auth-server-url]] [.property-path]##link:#quarkus [.description] -- +The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_AUTH_SERVER_URL+++[] @@ -111,6 +113,8 @@ a| [[quarkus-oidc_quarkus-oidc-discovery-enabled]] [.property-path]##link:#quark [.description] -- +Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_DISCOVERY_ENABLED+++[] @@ -126,6 +130,8 @@ a| [[quarkus-oidc_quarkus-oidc-registration-path]] [.property-path]##link:#quark [.description] -- +The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_REGISTRATION_PATH+++[] @@ -141,6 +147,8 @@ a| [[quarkus-oidc_quarkus-oidc-connection-delay]] [.property-path]##link:#quarku [.description] -- +The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CONNECTION_DELAY+++[] @@ -156,6 +164,8 @@ a| [[quarkus-oidc_quarkus-oidc-connection-retry-count]] [.property-path]##link:# [.description] -- +The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CONNECTION_RETRY_COUNT+++[] @@ -171,6 +181,8 @@ a| [[quarkus-oidc_quarkus-oidc-connection-timeout]] [.property-path]##link:#quar [.description] -- +The number of seconds after which the current OIDC connection request times out. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CONNECTION_TIMEOUT+++[] @@ -186,6 +198,8 @@ a| [[quarkus-oidc_quarkus-oidc-use-blocking-dns-lookup]] [.property-path]##link: [.description] -- +Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_USE_BLOCKING_DNS_LOOKUP+++[] @@ -201,6 +215,8 @@ a| [[quarkus-oidc_quarkus-oidc-max-pool-size]] [.property-path]##link:#quarkus-o [.description] -- +The maximum size of the connection pool used by the WebClient. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_MAX_POOL_SIZE+++[] @@ -216,6 +232,8 @@ a| [[quarkus-oidc_quarkus-oidc-follow-redirects]] [.property-path]##link:#quarku [.description] -- +Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_FOLLOW_REDIRECTS+++[] @@ -231,6 +249,9 @@ a| [[quarkus-oidc_quarkus-oidc-proxy-host]] [.property-path]##link:#quarkus-oidc [.description] -- +The host name or IP address of the Proxy. + +Note: If the OIDC adapter requires a Proxy to talk with the OIDC server (Provider), set this value to enable the usage of a Proxy. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_PROXY_HOST+++[] @@ -246,6 +267,8 @@ a| [[quarkus-oidc_quarkus-oidc-proxy-port]] [.property-path]##link:#quarkus-oidc [.description] -- +The port number of the Proxy. The default value is `80`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_PROXY_PORT+++[] @@ -261,6 +284,8 @@ a| [[quarkus-oidc_quarkus-oidc-proxy-username]] [.property-path]##link:#quarkus- [.description] -- +The username, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_PROXY_USERNAME+++[] @@ -276,6 +301,8 @@ a| [[quarkus-oidc_quarkus-oidc-proxy-password]] [.property-path]##link:#quarkus- [.description] -- +The password, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_PROXY_PASSWORD+++[] @@ -291,6 +318,12 @@ a| [[quarkus-oidc_quarkus-oidc-tls-tls-configuration-name]] [.property-path]##li [.description] -- +The name of the TLS configuration to use. + +If a name is configured, it uses the configuration from `quarkus.tls..++*++` If a name is configured, but no TLS configuration is found with that name then an error will be thrown. + +The default TLS configuration is *not* used by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_TLS_TLS_CONFIGURATION_NAME+++[] @@ -306,6 +339,8 @@ a| [[quarkus-oidc_quarkus-oidc-token-path]] [.property-path]##link:#quarkus-oidc [.description] -- +The OIDC token endpoint that issues access and refresh tokens; specified as a relative path or absolute URL. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_TOKEN_PATH+++[] @@ -321,6 +356,8 @@ a| [[quarkus-oidc_quarkus-oidc-revoke-path]] [.property-path]##link:#quarkus-oid [.description] -- +The relative path or absolute URL of the OIDC token revocation endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_REVOKE_PATH+++[] @@ -336,6 +373,8 @@ a| [[quarkus-oidc_quarkus-oidc-client-id]] [.property-path]##link:#quarkus-oidc_ [.description] -- +The client id of the application. Each application has a client id that is used to identify the application. Setting the client id is not required if `application-type` is `service` and no token introspection is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_ID+++[] @@ -351,6 +390,8 @@ a| [[quarkus-oidc_quarkus-oidc-client-name]] [.property-path]##link:#quarkus-oid [.description] -- +The client name of the application. It is meant to represent a human readable description of the application which you may provide when an application (client) is registered in an OpenId Connect provider's dashboard. For example, you can set this property to have more informative log messages which record an activity of the given client. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_NAME+++[] @@ -366,6 +407,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-secret]] [.property-path]##link:#quar [.description] -- +The client secret used by the `client_secret_basic` authentication method. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. You can use `client-secret.value` instead, but both properties are mutually exclusive. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_SECRET+++[] @@ -381,6 +424,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-client-secret-value]] [.property-path [.description] -- +The client secret value. This value is ignored if `credentials.secret` is set. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_CLIENT_SECRET_VALUE+++[] @@ -396,6 +441,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-client-secret-provider-name]] [.prope [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_CLIENT_SECRET_PROVIDER_NAME+++[] @@ -411,6 +458,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-client-secret-provider-keyring-name]] [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_CLIENT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -426,6 +475,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-client-secret-provider-key]] [.proper [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_CLIENT_SECRET_PROVIDER_KEY+++[] @@ -441,6 +492,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-client-secret-method]] [.property-pat [.description] -- +The authentication method. If the `clientSecret.value` secret is set, this method is `basic` by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_CLIENT_SECRET_METHOD+++[] @@ -449,13 +502,15 @@ ifndef::add-copy-button-to-env-var[] Environment variable: `+++QUARKUS_OIDC_CREDENTIALS_CLIENT_SECRET_METHOD+++` endif::add-copy-button-to-env-var[] -- -a|`basic`, `post`, `post-jwt`, `query` +a|tooltip:basic[`client_secret_basic` (default)\: The client id and secret are submitted with the HTTP Authorization Basic scheme.], tooltip:post[`client_secret_post`\: The client id and secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:post-jwt[`client_secret_jwt`\: The client id and generated JWT secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:query[client id and secret are submitted as HTTP query parameters. This option is only supported by the OIDC extension.] | a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-source]] [.property-path]##link:#quarkus-oidc_quarkus-oidc-credentials-jwt-source[`quarkus.oidc.credentials.jwt.source`]## [.description] -- +JWT token source: OIDC provider client or an existing JWT bearer token. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_SOURCE+++[] @@ -471,6 +526,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-secret]] [.property-path]##link:# [.description] -- +If provided, indicates that JWT is signed using a secret key. It is mutually exclusive with `key`, `key-file` and `key-store` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_SECRET+++[] @@ -486,6 +543,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-secret-provider-name]] [.property [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_SECRET_PROVIDER_NAME+++[] @@ -501,6 +560,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-secret-provider-keyring-name]] [. [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -516,6 +577,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-secret-provider-key]] [.property- [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_SECRET_PROVIDER_KEY+++[] @@ -531,6 +594,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-key]] [.property-path]##link:#qua [.description] -- +String representation of a private key. If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key-file` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_KEY+++[] @@ -546,6 +611,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-key-file]] [.property-path]##link [.description] -- +If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_KEY_FILE+++[] @@ -561,6 +628,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-key-store-file]] [.property-path] [.description] -- +If provided, indicates that JWT is signed using a private key from a keystore. It is mutually exclusive with `secret`, `key` and `key-file` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_KEY_STORE_FILE+++[] @@ -576,6 +645,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-key-store-password]] [.property-p [.description] -- +A parameter to specify the password of the keystore file. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_KEY_STORE_PASSWORD+++[] @@ -591,6 +662,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-key-id]] [.property-path]##link:# [.description] -- +The private key id or alias. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_KEY_ID+++[] @@ -606,6 +679,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-key-password]] [.property-path]## [.description] -- +The private key password. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_KEY_PASSWORD+++[] @@ -621,6 +696,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-audience]] [.property-path]##link [.description] -- +The JWT audience (`aud`) claim value. By default, the audience is set to the address of the OpenId Connect Provider's token endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_AUDIENCE+++[] @@ -636,6 +713,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-token-key-id]] [.property-path]## [.description] -- +The key identifier of the signing key added as a JWT `kid` header. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_TOKEN_KEY_ID+++[] @@ -651,6 +730,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-issuer]] [.property-path]##link:# [.description] -- +The issuer of the signing key added as a JWT `iss` claim. The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_ISSUER+++[] @@ -666,6 +747,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-subject]] [.property-path]##link: [.description] -- +Subject of the signing key added as a JWT `sub` claim The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_SUBJECT+++[] @@ -681,6 +764,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-claims-claim-name]] [.property-pa [.description] -- +Additional claims. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_CLAIMS__CLAIM_NAME_+++[] @@ -696,6 +781,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-signature-algorithm]] [.property- [.description] -- +The signature algorithm used for the `key-file` property. Supported values: `RS256` (default), `RS384`, `RS512`, `PS256`, `PS384`, `PS512`, `ES256`, `ES384`, `ES512`, `HS256`, `HS384`, `HS512`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_SIGNATURE_ALGORITHM+++[] @@ -711,6 +798,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-lifespan]] [.property-path]##link [.description] -- +The JWT lifespan in seconds. This value is added to the time at which the JWT was issued to calculate the expiration time. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_LIFESPAN+++[] @@ -726,6 +815,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-assertion]] [.property-path]##lin [.description] -- +If true then the client authentication token is a JWT bearer grant assertion. Instead of producing 'client_assertion' and 'client_assertion_type' form properties, only 'assertion' is produced. This option is only supported by the OIDC client extension. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_ASSERTION+++[] @@ -2519,6 +2610,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-auth-server-url]] [.property-path]##link:# [.description] -- +The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__AUTH_SERVER_URL+++[] @@ -2534,6 +2627,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-discovery-enabled]] [.property-path]##link [.description] -- +Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__DISCOVERY_ENABLED+++[] @@ -2549,6 +2644,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-registration-path]] [.property-path]##link [.description] -- +The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__REGISTRATION_PATH+++[] @@ -2564,6 +2661,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-connection-delay]] [.property-path]##link: [.description] -- +The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CONNECTION_DELAY+++[] @@ -2579,6 +2678,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-connection-retry-count]] [.property-path]# [.description] -- +The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CONNECTION_RETRY_COUNT+++[] @@ -2594,6 +2695,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-connection-timeout]] [.property-path]##lin [.description] -- +The number of seconds after which the current OIDC connection request times out. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CONNECTION_TIMEOUT+++[] @@ -2609,6 +2712,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-use-blocking-dns-lookup]] [.property-path] [.description] -- +Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__USE_BLOCKING_DNS_LOOKUP+++[] @@ -2624,6 +2729,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-max-pool-size]] [.property-path]##link:#qu [.description] -- +The maximum size of the connection pool used by the WebClient. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__MAX_POOL_SIZE+++[] @@ -2639,6 +2746,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-follow-redirects]] [.property-path]##link: [.description] -- +Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__FOLLOW_REDIRECTS+++[] @@ -2654,6 +2763,9 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-proxy-host]] [.property-path]##link:#quark [.description] -- +The host name or IP address of the Proxy. + +Note: If the OIDC adapter requires a Proxy to talk with the OIDC server (Provider), set this value to enable the usage of a Proxy. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__PROXY_HOST+++[] @@ -2669,6 +2781,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-proxy-port]] [.property-path]##link:#quark [.description] -- +The port number of the Proxy. The default value is `80`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__PROXY_PORT+++[] @@ -2684,6 +2798,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-proxy-username]] [.property-path]##link:#q [.description] -- +The username, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__PROXY_USERNAME+++[] @@ -2699,6 +2815,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-proxy-password]] [.property-path]##link:#q [.description] -- +The password, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__PROXY_PASSWORD+++[] @@ -2714,6 +2832,12 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-tls-tls-configuration-name]] [.property-pa [.description] -- +The name of the TLS configuration to use. + +If a name is configured, it uses the configuration from `quarkus.tls..++*++` If a name is configured, but no TLS configuration is found with that name then an error will be thrown. + +The default TLS configuration is *not* used by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__TLS_TLS_CONFIGURATION_NAME+++[] @@ -2729,6 +2853,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-token-path]] [.property-path]##link:#quark [.description] -- +The OIDC token endpoint that issues access and refresh tokens; specified as a relative path or absolute URL. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__TOKEN_PATH+++[] @@ -2744,6 +2870,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-revoke-path]] [.property-path]##link:#quar [.description] -- +The relative path or absolute URL of the OIDC token revocation endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__REVOKE_PATH+++[] @@ -2759,6 +2887,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-client-id]] [.property-path]##link:#quarku [.description] -- +The client id of the application. Each application has a client id that is used to identify the application. Setting the client id is not required if `application-type` is `service` and no token introspection is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CLIENT_ID+++[] @@ -2774,6 +2904,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-client-name]] [.property-path]##link:#quar [.description] -- +The client name of the application. It is meant to represent a human readable description of the application which you may provide when an application (client) is registered in an OpenId Connect provider's dashboard. For example, you can set this property to have more informative log messages which record an activity of the given client. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CLIENT_NAME+++[] @@ -2789,6 +2921,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-secret]] [.property-path]##lin [.description] -- +The client secret used by the `client_secret_basic` authentication method. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. You can use `client-secret.value` instead, but both properties are mutually exclusive. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_SECRET+++[] @@ -2804,6 +2938,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-client-secret-value]] [.proper [.description] -- +The client secret value. This value is ignored if `credentials.secret` is set. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_CLIENT_SECRET_VALUE+++[] @@ -2819,6 +2955,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-client-secret-provider-name]] [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_CLIENT_SECRET_PROVIDER_NAME+++[] @@ -2834,6 +2972,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-client-secret-provider-keyring [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -2849,6 +2989,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-client-secret-provider-key]] [ [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEY+++[] @@ -2864,6 +3006,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-client-secret-method]] [.prope [.description] -- +The authentication method. If the `clientSecret.value` secret is set, this method is `basic` by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_CLIENT_SECRET_METHOD+++[] @@ -2872,13 +3016,15 @@ ifndef::add-copy-button-to-env-var[] Environment variable: `+++QUARKUS_OIDC__TENANT__CREDENTIALS_CLIENT_SECRET_METHOD+++` endif::add-copy-button-to-env-var[] -- -a|`basic`, `post`, `post-jwt`, `query` +a|tooltip:basic[`client_secret_basic` (default)\: The client id and secret are submitted with the HTTP Authorization Basic scheme.], tooltip:post[`client_secret_post`\: The client id and secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:post-jwt[`client_secret_jwt`\: The client id and generated JWT secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:query[client id and secret are submitted as HTTP query parameters. This option is only supported by the OIDC extension.] | a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-source]] [.property-path]##link:#quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-source[`quarkus.oidc."tenant".credentials.jwt.source`]## [.description] -- +JWT token source: OIDC provider client or an existing JWT bearer token. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_SOURCE+++[] @@ -2894,6 +3040,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-secret]] [.property-path]# [.description] -- +If provided, indicates that JWT is signed using a secret key. It is mutually exclusive with `key`, `key-file` and `key-store` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_SECRET+++[] @@ -2909,6 +3057,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-secret-provider-name]] [.p [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_SECRET_PROVIDER_NAME+++[] @@ -2924,6 +3074,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-secret-provider-keyring-na [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -2939,6 +3091,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-secret-provider-key]] [.pr [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_SECRET_PROVIDER_KEY+++[] @@ -2954,6 +3108,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-key]] [.property-path]##li [.description] -- +String representation of a private key. If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key-file` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_KEY+++[] @@ -2969,6 +3125,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-key-file]] [.property-path [.description] -- +If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_KEY_FILE+++[] @@ -2984,6 +3142,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-key-store-file]] [.propert [.description] -- +If provided, indicates that JWT is signed using a private key from a keystore. It is mutually exclusive with `secret`, `key` and `key-file` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_KEY_STORE_FILE+++[] @@ -2999,6 +3159,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-key-store-password]] [.pro [.description] -- +A parameter to specify the password of the keystore file. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_KEY_STORE_PASSWORD+++[] @@ -3014,6 +3176,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-key-id]] [.property-path]# [.description] -- +The private key id or alias. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_KEY_ID+++[] @@ -3029,6 +3193,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-key-password]] [.property- [.description] -- +The private key password. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_KEY_PASSWORD+++[] @@ -3044,6 +3210,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-audience]] [.property-path [.description] -- +The JWT audience (`aud`) claim value. By default, the audience is set to the address of the OpenId Connect Provider's token endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_AUDIENCE+++[] @@ -3059,6 +3227,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-token-key-id]] [.property- [.description] -- +The key identifier of the signing key added as a JWT `kid` header. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_TOKEN_KEY_ID+++[] @@ -3074,6 +3244,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-issuer]] [.property-path]# [.description] -- +The issuer of the signing key added as a JWT `iss` claim. The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_ISSUER+++[] @@ -3089,6 +3261,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-subject]] [.property-path] [.description] -- +Subject of the signing key added as a JWT `sub` claim The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_SUBJECT+++[] @@ -3104,6 +3278,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-claims-claim-name]] [.prop [.description] -- +Additional claims. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_CLAIMS__CLAIM_NAME_+++[] @@ -3119,6 +3295,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-signature-algorithm]] [.pr [.description] -- +The signature algorithm used for the `key-file` property. Supported values: `RS256` (default), `RS384`, `RS512`, `PS256`, `PS384`, `PS512`, `ES256`, `ES384`, `ES512`, `HS256`, `HS384`, `HS512`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_SIGNATURE_ALGORITHM+++[] @@ -3134,6 +3312,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-lifespan]] [.property-path [.description] -- +The JWT lifespan in seconds. This value is added to the time at which the JWT was issued to calculate the expiration time. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_LIFESPAN+++[] @@ -3149,6 +3329,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-assertion]] [.property-pat [.description] -- +If true then the client authentication token is a JWT bearer grant assertion. Instead of producing 'client_assertion' and 'client_assertion_type' form properties, only 'assertion' is produced. This option is only supported by the OIDC client extension. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_ASSERTION+++[] diff --git a/_generated-doc/main/config/quarkus-oidc_quarkus.oidc.adoc b/_generated-doc/main/config/quarkus-oidc_quarkus.oidc.adoc index 842f3b1def6..abff84fbb93 100644 --- a/_generated-doc/main/config/quarkus-oidc_quarkus.oidc.adoc +++ b/_generated-doc/main/config/quarkus-oidc_quarkus.oidc.adoc @@ -96,6 +96,8 @@ a| [[quarkus-oidc_quarkus-oidc-auth-server-url]] [.property-path]##link:#quarkus [.description] -- +The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_AUTH_SERVER_URL+++[] @@ -111,6 +113,8 @@ a| [[quarkus-oidc_quarkus-oidc-discovery-enabled]] [.property-path]##link:#quark [.description] -- +Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_DISCOVERY_ENABLED+++[] @@ -126,6 +130,8 @@ a| [[quarkus-oidc_quarkus-oidc-registration-path]] [.property-path]##link:#quark [.description] -- +The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_REGISTRATION_PATH+++[] @@ -141,6 +147,8 @@ a| [[quarkus-oidc_quarkus-oidc-connection-delay]] [.property-path]##link:#quarku [.description] -- +The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CONNECTION_DELAY+++[] @@ -156,6 +164,8 @@ a| [[quarkus-oidc_quarkus-oidc-connection-retry-count]] [.property-path]##link:# [.description] -- +The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CONNECTION_RETRY_COUNT+++[] @@ -171,6 +181,8 @@ a| [[quarkus-oidc_quarkus-oidc-connection-timeout]] [.property-path]##link:#quar [.description] -- +The number of seconds after which the current OIDC connection request times out. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CONNECTION_TIMEOUT+++[] @@ -186,6 +198,8 @@ a| [[quarkus-oidc_quarkus-oidc-use-blocking-dns-lookup]] [.property-path]##link: [.description] -- +Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_USE_BLOCKING_DNS_LOOKUP+++[] @@ -201,6 +215,8 @@ a| [[quarkus-oidc_quarkus-oidc-max-pool-size]] [.property-path]##link:#quarkus-o [.description] -- +The maximum size of the connection pool used by the WebClient. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_MAX_POOL_SIZE+++[] @@ -216,6 +232,8 @@ a| [[quarkus-oidc_quarkus-oidc-follow-redirects]] [.property-path]##link:#quarku [.description] -- +Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_FOLLOW_REDIRECTS+++[] @@ -231,6 +249,9 @@ a| [[quarkus-oidc_quarkus-oidc-proxy-host]] [.property-path]##link:#quarkus-oidc [.description] -- +The host name or IP address of the Proxy. + +Note: If the OIDC adapter requires a Proxy to talk with the OIDC server (Provider), set this value to enable the usage of a Proxy. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_PROXY_HOST+++[] @@ -246,6 +267,8 @@ a| [[quarkus-oidc_quarkus-oidc-proxy-port]] [.property-path]##link:#quarkus-oidc [.description] -- +The port number of the Proxy. The default value is `80`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_PROXY_PORT+++[] @@ -261,6 +284,8 @@ a| [[quarkus-oidc_quarkus-oidc-proxy-username]] [.property-path]##link:#quarkus- [.description] -- +The username, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_PROXY_USERNAME+++[] @@ -276,6 +301,8 @@ a| [[quarkus-oidc_quarkus-oidc-proxy-password]] [.property-path]##link:#quarkus- [.description] -- +The password, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_PROXY_PASSWORD+++[] @@ -291,6 +318,12 @@ a| [[quarkus-oidc_quarkus-oidc-tls-tls-configuration-name]] [.property-path]##li [.description] -- +The name of the TLS configuration to use. + +If a name is configured, it uses the configuration from `quarkus.tls..++*++` If a name is configured, but no TLS configuration is found with that name then an error will be thrown. + +The default TLS configuration is *not* used by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_TLS_TLS_CONFIGURATION_NAME+++[] @@ -306,6 +339,8 @@ a| [[quarkus-oidc_quarkus-oidc-token-path]] [.property-path]##link:#quarkus-oidc [.description] -- +The OIDC token endpoint that issues access and refresh tokens; specified as a relative path or absolute URL. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_TOKEN_PATH+++[] @@ -321,6 +356,8 @@ a| [[quarkus-oidc_quarkus-oidc-revoke-path]] [.property-path]##link:#quarkus-oid [.description] -- +The relative path or absolute URL of the OIDC token revocation endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_REVOKE_PATH+++[] @@ -336,6 +373,8 @@ a| [[quarkus-oidc_quarkus-oidc-client-id]] [.property-path]##link:#quarkus-oidc_ [.description] -- +The client id of the application. Each application has a client id that is used to identify the application. Setting the client id is not required if `application-type` is `service` and no token introspection is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_ID+++[] @@ -351,6 +390,8 @@ a| [[quarkus-oidc_quarkus-oidc-client-name]] [.property-path]##link:#quarkus-oid [.description] -- +The client name of the application. It is meant to represent a human readable description of the application which you may provide when an application (client) is registered in an OpenId Connect provider's dashboard. For example, you can set this property to have more informative log messages which record an activity of the given client. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_NAME+++[] @@ -366,6 +407,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-secret]] [.property-path]##link:#quar [.description] -- +The client secret used by the `client_secret_basic` authentication method. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. You can use `client-secret.value` instead, but both properties are mutually exclusive. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_SECRET+++[] @@ -381,6 +424,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-client-secret-value]] [.property-path [.description] -- +The client secret value. This value is ignored if `credentials.secret` is set. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_CLIENT_SECRET_VALUE+++[] @@ -396,6 +441,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-client-secret-provider-name]] [.prope [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_CLIENT_SECRET_PROVIDER_NAME+++[] @@ -411,6 +458,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-client-secret-provider-keyring-name]] [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_CLIENT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -426,6 +475,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-client-secret-provider-key]] [.proper [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_CLIENT_SECRET_PROVIDER_KEY+++[] @@ -441,6 +492,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-client-secret-method]] [.property-pat [.description] -- +The authentication method. If the `clientSecret.value` secret is set, this method is `basic` by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_CLIENT_SECRET_METHOD+++[] @@ -449,13 +502,15 @@ ifndef::add-copy-button-to-env-var[] Environment variable: `+++QUARKUS_OIDC_CREDENTIALS_CLIENT_SECRET_METHOD+++` endif::add-copy-button-to-env-var[] -- -a|`basic`, `post`, `post-jwt`, `query` +a|tooltip:basic[`client_secret_basic` (default)\: The client id and secret are submitted with the HTTP Authorization Basic scheme.], tooltip:post[`client_secret_post`\: The client id and secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:post-jwt[`client_secret_jwt`\: The client id and generated JWT secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:query[client id and secret are submitted as HTTP query parameters. This option is only supported by the OIDC extension.] | a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-source]] [.property-path]##link:#quarkus-oidc_quarkus-oidc-credentials-jwt-source[`quarkus.oidc.credentials.jwt.source`]## [.description] -- +JWT token source: OIDC provider client or an existing JWT bearer token. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_SOURCE+++[] @@ -471,6 +526,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-secret]] [.property-path]##link:# [.description] -- +If provided, indicates that JWT is signed using a secret key. It is mutually exclusive with `key`, `key-file` and `key-store` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_SECRET+++[] @@ -486,6 +543,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-secret-provider-name]] [.property [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_SECRET_PROVIDER_NAME+++[] @@ -501,6 +560,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-secret-provider-keyring-name]] [. [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -516,6 +577,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-secret-provider-key]] [.property- [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_SECRET_PROVIDER_KEY+++[] @@ -531,6 +594,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-key]] [.property-path]##link:#qua [.description] -- +String representation of a private key. If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key-file` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_KEY+++[] @@ -546,6 +611,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-key-file]] [.property-path]##link [.description] -- +If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_KEY_FILE+++[] @@ -561,6 +628,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-key-store-file]] [.property-path] [.description] -- +If provided, indicates that JWT is signed using a private key from a keystore. It is mutually exclusive with `secret`, `key` and `key-file` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_KEY_STORE_FILE+++[] @@ -576,6 +645,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-key-store-password]] [.property-p [.description] -- +A parameter to specify the password of the keystore file. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_KEY_STORE_PASSWORD+++[] @@ -591,6 +662,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-key-id]] [.property-path]##link:# [.description] -- +The private key id or alias. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_KEY_ID+++[] @@ -606,6 +679,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-key-password]] [.property-path]## [.description] -- +The private key password. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_KEY_PASSWORD+++[] @@ -621,6 +696,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-audience]] [.property-path]##link [.description] -- +The JWT audience (`aud`) claim value. By default, the audience is set to the address of the OpenId Connect Provider's token endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_AUDIENCE+++[] @@ -636,6 +713,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-token-key-id]] [.property-path]## [.description] -- +The key identifier of the signing key added as a JWT `kid` header. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_TOKEN_KEY_ID+++[] @@ -651,6 +730,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-issuer]] [.property-path]##link:# [.description] -- +The issuer of the signing key added as a JWT `iss` claim. The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_ISSUER+++[] @@ -666,6 +747,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-subject]] [.property-path]##link: [.description] -- +Subject of the signing key added as a JWT `sub` claim The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_SUBJECT+++[] @@ -681,6 +764,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-claims-claim-name]] [.property-pa [.description] -- +Additional claims. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_CLAIMS__CLAIM_NAME_+++[] @@ -696,6 +781,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-signature-algorithm]] [.property- [.description] -- +The signature algorithm used for the `key-file` property. Supported values: `RS256` (default), `RS384`, `RS512`, `PS256`, `PS384`, `PS512`, `ES256`, `ES384`, `ES512`, `HS256`, `HS384`, `HS512`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_SIGNATURE_ALGORITHM+++[] @@ -711,6 +798,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-lifespan]] [.property-path]##link [.description] -- +The JWT lifespan in seconds. This value is added to the time at which the JWT was issued to calculate the expiration time. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_LIFESPAN+++[] @@ -726,6 +815,8 @@ a| [[quarkus-oidc_quarkus-oidc-credentials-jwt-assertion]] [.property-path]##lin [.description] -- +If true then the client authentication token is a JWT bearer grant assertion. Instead of producing 'client_assertion' and 'client_assertion_type' form properties, only 'assertion' is produced. This option is only supported by the OIDC client extension. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CREDENTIALS_JWT_ASSERTION+++[] @@ -2519,6 +2610,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-auth-server-url]] [.property-path]##link:# [.description] -- +The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__AUTH_SERVER_URL+++[] @@ -2534,6 +2627,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-discovery-enabled]] [.property-path]##link [.description] -- +Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__DISCOVERY_ENABLED+++[] @@ -2549,6 +2644,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-registration-path]] [.property-path]##link [.description] -- +The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__REGISTRATION_PATH+++[] @@ -2564,6 +2661,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-connection-delay]] [.property-path]##link: [.description] -- +The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CONNECTION_DELAY+++[] @@ -2579,6 +2678,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-connection-retry-count]] [.property-path]# [.description] -- +The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CONNECTION_RETRY_COUNT+++[] @@ -2594,6 +2695,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-connection-timeout]] [.property-path]##lin [.description] -- +The number of seconds after which the current OIDC connection request times out. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CONNECTION_TIMEOUT+++[] @@ -2609,6 +2712,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-use-blocking-dns-lookup]] [.property-path] [.description] -- +Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__USE_BLOCKING_DNS_LOOKUP+++[] @@ -2624,6 +2729,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-max-pool-size]] [.property-path]##link:#qu [.description] -- +The maximum size of the connection pool used by the WebClient. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__MAX_POOL_SIZE+++[] @@ -2639,6 +2746,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-follow-redirects]] [.property-path]##link: [.description] -- +Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__FOLLOW_REDIRECTS+++[] @@ -2654,6 +2763,9 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-proxy-host]] [.property-path]##link:#quark [.description] -- +The host name or IP address of the Proxy. + +Note: If the OIDC adapter requires a Proxy to talk with the OIDC server (Provider), set this value to enable the usage of a Proxy. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__PROXY_HOST+++[] @@ -2669,6 +2781,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-proxy-port]] [.property-path]##link:#quark [.description] -- +The port number of the Proxy. The default value is `80`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__PROXY_PORT+++[] @@ -2684,6 +2798,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-proxy-username]] [.property-path]##link:#q [.description] -- +The username, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__PROXY_USERNAME+++[] @@ -2699,6 +2815,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-proxy-password]] [.property-path]##link:#q [.description] -- +The password, if the Proxy needs authentication. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__PROXY_PASSWORD+++[] @@ -2714,6 +2832,12 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-tls-tls-configuration-name]] [.property-pa [.description] -- +The name of the TLS configuration to use. + +If a name is configured, it uses the configuration from `quarkus.tls..++*++` If a name is configured, but no TLS configuration is found with that name then an error will be thrown. + +The default TLS configuration is *not* used by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__TLS_TLS_CONFIGURATION_NAME+++[] @@ -2729,6 +2853,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-token-path]] [.property-path]##link:#quark [.description] -- +The OIDC token endpoint that issues access and refresh tokens; specified as a relative path or absolute URL. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__TOKEN_PATH+++[] @@ -2744,6 +2870,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-revoke-path]] [.property-path]##link:#quar [.description] -- +The relative path or absolute URL of the OIDC token revocation endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__REVOKE_PATH+++[] @@ -2759,6 +2887,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-client-id]] [.property-path]##link:#quarku [.description] -- +The client id of the application. Each application has a client id that is used to identify the application. Setting the client id is not required if `application-type` is `service` and no token introspection is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CLIENT_ID+++[] @@ -2774,6 +2904,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-client-name]] [.property-path]##link:#quar [.description] -- +The client name of the application. It is meant to represent a human readable description of the application which you may provide when an application (client) is registered in an OpenId Connect provider's dashboard. For example, you can set this property to have more informative log messages which record an activity of the given client. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CLIENT_NAME+++[] @@ -2789,6 +2921,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-secret]] [.property-path]##lin [.description] -- +The client secret used by the `client_secret_basic` authentication method. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. You can use `client-secret.value` instead, but both properties are mutually exclusive. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_SECRET+++[] @@ -2804,6 +2938,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-client-secret-value]] [.proper [.description] -- +The client secret value. This value is ignored if `credentials.secret` is set. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_CLIENT_SECRET_VALUE+++[] @@ -2819,6 +2955,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-client-secret-provider-name]] [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_CLIENT_SECRET_PROVIDER_NAME+++[] @@ -2834,6 +2972,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-client-secret-provider-keyring [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -2849,6 +2989,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-client-secret-provider-key]] [ [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEY+++[] @@ -2864,6 +3006,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-client-secret-method]] [.prope [.description] -- +The authentication method. If the `clientSecret.value` secret is set, this method is `basic` by default. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_CLIENT_SECRET_METHOD+++[] @@ -2872,13 +3016,15 @@ ifndef::add-copy-button-to-env-var[] Environment variable: `+++QUARKUS_OIDC__TENANT__CREDENTIALS_CLIENT_SECRET_METHOD+++` endif::add-copy-button-to-env-var[] -- -a|`basic`, `post`, `post-jwt`, `query` +a|tooltip:basic[`client_secret_basic` (default)\: The client id and secret are submitted with the HTTP Authorization Basic scheme.], tooltip:post[`client_secret_post`\: The client id and secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:post-jwt[`client_secret_jwt`\: The client id and generated JWT secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:query[client id and secret are submitted as HTTP query parameters. This option is only supported by the OIDC extension.] | a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-source]] [.property-path]##link:#quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-source[`quarkus.oidc."tenant".credentials.jwt.source`]## [.description] -- +JWT token source: OIDC provider client or an existing JWT bearer token. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_SOURCE+++[] @@ -2894,6 +3040,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-secret]] [.property-path]# [.description] -- +If provided, indicates that JWT is signed using a secret key. It is mutually exclusive with `key`, `key-file` and `key-store` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_SECRET+++[] @@ -2909,6 +3057,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-secret-provider-name]] [.p [.description] -- +The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_SECRET_PROVIDER_NAME+++[] @@ -2924,6 +3074,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-secret-provider-keyring-na [.description] -- +The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_SECRET_PROVIDER_KEYRING_NAME+++[] @@ -2939,6 +3091,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-secret-provider-key]] [.pr [.description] -- +The CredentialsProvider client secret key + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_SECRET_PROVIDER_KEY+++[] @@ -2954,6 +3108,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-key]] [.property-path]##li [.description] -- +String representation of a private key. If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key-file` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_KEY+++[] @@ -2969,6 +3125,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-key-file]] [.property-path [.description] -- +If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_KEY_FILE+++[] @@ -2984,6 +3142,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-key-store-file]] [.propert [.description] -- +If provided, indicates that JWT is signed using a private key from a keystore. It is mutually exclusive with `secret`, `key` and `key-file` properties. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_KEY_STORE_FILE+++[] @@ -2999,6 +3159,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-key-store-password]] [.pro [.description] -- +A parameter to specify the password of the keystore file. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_KEY_STORE_PASSWORD+++[] @@ -3014,6 +3176,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-key-id]] [.property-path]# [.description] -- +The private key id or alias. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_KEY_ID+++[] @@ -3029,6 +3193,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-key-password]] [.property- [.description] -- +The private key password. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_KEY_PASSWORD+++[] @@ -3044,6 +3210,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-audience]] [.property-path [.description] -- +The JWT audience (`aud`) claim value. By default, the audience is set to the address of the OpenId Connect Provider's token endpoint. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_AUDIENCE+++[] @@ -3059,6 +3227,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-token-key-id]] [.property- [.description] -- +The key identifier of the signing key added as a JWT `kid` header. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_TOKEN_KEY_ID+++[] @@ -3074,6 +3244,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-issuer]] [.property-path]# [.description] -- +The issuer of the signing key added as a JWT `iss` claim. The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_ISSUER+++[] @@ -3089,6 +3261,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-subject]] [.property-path] [.description] -- +Subject of the signing key added as a JWT `sub` claim The default value is the client id. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_SUBJECT+++[] @@ -3104,6 +3278,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-claims-claim-name]] [.prop [.description] -- +Additional claims. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_CLAIMS__CLAIM_NAME_+++[] @@ -3119,6 +3295,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-signature-algorithm]] [.pr [.description] -- +The signature algorithm used for the `key-file` property. Supported values: `RS256` (default), `RS384`, `RS512`, `PS256`, `PS384`, `PS512`, `ES256`, `ES384`, `ES512`, `HS256`, `HS384`, `HS512`. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_SIGNATURE_ALGORITHM+++[] @@ -3134,6 +3312,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-lifespan]] [.property-path [.description] -- +The JWT lifespan in seconds. This value is added to the time at which the JWT was issued to calculate the expiration time. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_LIFESPAN+++[] @@ -3149,6 +3329,8 @@ a| [[quarkus-oidc_quarkus-oidc-tenant-credentials-jwt-assertion]] [.property-pat [.description] -- +If true then the client authentication token is a JWT bearer grant assertion. Instead of producing 'client_assertion' and 'client_assertion_type' form properties, only 'assertion' is produced. This option is only supported by the OIDC client extension. + ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC__TENANT__CREDENTIALS_JWT_ASSERTION+++[] diff --git a/_generated-doc/main/infra/quarkus-all-build-items.adoc b/_generated-doc/main/infra/quarkus-all-build-items.adoc index 3b0e38de70b..f0b9bf0d484 100644 --- a/_generated-doc/main/infra/quarkus-all-build-items.adoc +++ b/_generated-doc/main/infra/quarkus-all-build-items.adoc @@ -1411,6 +1411,17 @@ _No Javadoc found_ +a| https://github.com/quarkusio/quarkus/blob/main/core/deployment/src/main/java/io/quarkus/deployment/builditem/LogSocketFormatBuildItem.java[`io.quarkus.deployment.builditem.LogSocketFormatBuildItem`, window="_blank"] +[.description] +-- +The socket format build item. Producing this item will cause the logging subsystem to disregard its socket logging formatting configuration and use the formatter provided instead. If multiple formatters are enabled at runtime, a warning message is printed and only one is used. +-- a|`io.quarkus.runtime.RuntimeValue> formatterValue` + +_No Javadoc found_ + + + + a| https://github.com/quarkusio/quarkus/blob/main/core/deployment/src/main/java/io/quarkus/deployment/logging/LogStreamBuildItem.java[`io.quarkus.deployment.logging.LogStreamBuildItem`, window="_blank"] [.description] -- @@ -6059,6 +6070,10 @@ _No Javadoc found_ _No Javadoc found_ +`boolean hasGeneratedTemplate` + +_No Javadoc found_ + diff --git a/_versions/main/guides/centralized-log-management.adoc b/_versions/main/guides/centralized-log-management.adoc index 663df993637..4fbb13b0638 100644 --- a/_versions/main/guides/centralized-log-management.adoc +++ b/_versions/main/guides/centralized-log-management.adoc @@ -236,6 +236,77 @@ networks: Launch your application, you should see your logs arriving inside the Elastic Stack; you can use Kibana available at http://localhost:5601/ to access them. + +[[logstash_ecs]] +== GELF alternative: Send logs to Logstash in the ECS (Elastic Common Schema) format + +You can also send your logs to Logstash using a TCP input in the https://www.elastic.co/guide/en/ecs-logging/overview/current/intro.html[ECS] format. +To achieve this we will use the `quarkus-logging-json` extension to format the logs in JSON format and the socket handler to send them to Logstash. + +For this you can use the same `docker-compose.yml` file as above but with a different Logstash pipeline configuration. + +[source] +---- +input { + tcp { + port => 4560 + coded => json + } +} + +filter { + if ![span][id] and [mdc][spanId] { + mutate { rename => { "[mdc][spanId]" => "[span][id]" } } + } + if ![trace][id] and [mdc][traceId] { + mutate { rename => {"[mdc][traceId]" => "[trace][id]"} } + } +} + +output { + stdout {} + elasticsearch { + hosts => ["http://elasticsearch:9200"] + } +} +---- + +Then configure your application to log in JSON format instead of GELF + +[source,xml,role="primary asciidoc-tabs-target-sync-cli asciidoc-tabs-target-sync-maven"] +.pom.xml +---- + + io.quarkus + quarkus-logging-json + +---- + +[source,gradle,role="secondary asciidoc-tabs-target-sync-gradle"] +.build.gradle +---- +implementation("io.quarkus:quarkus-logging-json") +---- + +and specify the host and port of your Logstash endpoint. To be ECS compliant, specify the log format. + +[source, properties] +---- +# to keep the logs in the usual format in the console +quarkus.log.console.json=false + +quarkus.log.socket.enable=true +quarkus.log.socket.json=true +quarkus.log.socket.endpoint=localhost:4560 + +# to have the exception serialized into a single text element +quarkus.log.socket.json.exception-output-type=formatted + +# specify the format of the produced JSON log +quarkus.log.socket.json.log-format=ECS +---- + + == Send logs to Fluentd (EFK) First, you need to create a Fluentd image with the needed plugins: elasticsearch and input-gelf. @@ -422,6 +493,7 @@ quarkus.log.syslog.hostname=quarkus-test Launch your application, you should see your logs arriving inside EFK: you can use Kibana available at http://localhost:5601/ to access them. + == Elasticsearch indexing consideration Be careful that, by default, Elasticsearch will automatically map unknown fields (if not disabled in the index settings) by detecting their type. diff --git a/_versions/main/guides/logging.adoc b/_versions/main/guides/logging.adoc index aa47489dade..8d1491466bb 100644 --- a/_versions/main/guides/logging.adoc +++ b/_versions/main/guides/logging.adoc @@ -511,6 +511,24 @@ quarkus.log.category."com.example".use-parent-handlers=false For details about its configuration, see the xref:#quarkus-core_section_quarkus-log-syslog[Syslog logging configuration] reference. +=== Socket log handler + +This handler will send the logs to a socket. +It is disabled by default, so you must first enable it. +When enabled, it sends all log events to a socket, for instance to a Logstash server. + +This will typically be used in conjunction with the `quarkus-logging-json` extension so send logs in ECS format to an Elasticsearch instance. +An example configuration can be found in the xref:centralized-log-management.adoc[Centralized log management] guide. + +* A global configuration example: ++ +[source, properties] +---- +quarkus.log.socket.enable=true +quarkus.log.socket.endpoint=localhost:4560 +---- + + == Add a logging filter to your log handler Log handlers, such as the console log handler, can be linked with a link:https://docs.oracle.com/en/java/javase/17/docs/api/java.logging/java/util/logging/Filter.html[filter] that determines whether a log record should be logged.