From 7a39d75736a01ae06349d55030f8340dae8b9202 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 29 Nov 2024 01:54:36 +0000 Subject: [PATCH] Sync documentation of main branch --- .../main/config/quarkus-all-config.adoc | 1557 ++++------------- .../main/config/quarkus-micrometer.adoc | 44 + ...quarkus-micrometer_quarkus.micrometer.adoc | 44 + .../main/config/quarkus-oidc-client.adoc | 1507 +++------------- ...arkus-oidc-client_quarkus.oidc-client.adoc | 1507 +++------------- .../hibernate-search-orm-elasticsearch.adoc | 25 +- ...rnate-search-standalone-elasticsearch.adoc | 19 +- ...urity-openid-connect-client-reference.adoc | 20 +- .../security-openid-connect-client.adoc | 16 +- _versions/main/guides/virtual-threads.adoc | 32 + 10 files changed, 1059 insertions(+), 3712 deletions(-) diff --git a/_generated-doc/main/config/quarkus-all-config.adoc b/_generated-doc/main/config/quarkus-all-config.adoc index cd6cbd6b0a9..c62cd89b57a 100644 --- a/_generated-doc/main/config/quarkus-all-config.adoc +++ b/_generated-doc/main/config/quarkus-all-config.adoc @@ -62939,6 +62939,50 @@ endif::add-copy-button-to-env-var[] |boolean | +a|icon:lock[title=Fixed at build time] [[quarkus-micrometer_quarkus-micrometer-binder-virtual-threads-enabled]] [.property-path]##link:#quarkus-micrometer_quarkus-micrometer-binder-virtual-threads-enabled[`quarkus.micrometer.binder.virtual-threads.enabled`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.micrometer.binder.virtual-threads.enabled+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +Virtual Threads metrics support. + +Support for virtual threads metrics will be enabled if Micrometer support is enabled, this value is set to `true` (default), the JVM supports virtual threads (Java 21{plus}) and the `quarkus.micrometer.binder-enabled-default` property is true. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_MICROMETER_BINDER_VIRTUAL_THREADS_ENABLED+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_MICROMETER_BINDER_VIRTUAL_THREADS_ENABLED+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +| + +a|icon:lock[title=Fixed at build time] [[quarkus-micrometer_quarkus-micrometer-binder-virtual-threads-tags]] [.property-path]##link:#quarkus-micrometer_quarkus-micrometer-binder-virtual-threads-tags[`quarkus.micrometer.binder.virtual-threads.tags`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.micrometer.binder.virtual-threads.tags+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +The tags to be added to the metrics. Empty by default. When set, tags are passed as: `key1=value1,key2=value2`. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_MICROMETER_BINDER_VIRTUAL_THREADS_TAGS+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_MICROMETER_BINDER_VIRTUAL_THREADS_TAGS+++` +endif::add-copy-button-to-env-var[] +-- +|list of string +| + a|icon:lock[title=Fixed at build time] [[quarkus-micrometer_quarkus-micrometer-binder-system]] [.property-path]##link:#quarkus-micrometer_quarkus-micrometer-binder-system[`quarkus.micrometer.binder.system`]## ifdef::add-copy-button-to-config-props[] config_property_copy_button:+++quarkus.micrometer.binder.system+++[] @@ -69889,6 +69933,11 @@ config_property_copy_button:+++quarkus.oidc-client.auth-server-url+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".auth-server-url` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".auth-server-url+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. @@ -69910,6 +69959,11 @@ config_property_copy_button:+++quarkus.oidc-client.discovery-enabled+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".discovery-enabled` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".discovery-enabled+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. @@ -69931,6 +69985,11 @@ config_property_copy_button:+++quarkus.oidc-client.registration-path+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".registration-path` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".registration-path+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. @@ -69952,6 +70011,11 @@ config_property_copy_button:+++quarkus.oidc-client.connection-delay+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".connection-delay` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".connection-delay+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. @@ -69973,6 +70037,11 @@ config_property_copy_button:+++quarkus.oidc-client.connection-retry-count+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".connection-retry-count` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".connection-retry-count+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. @@ -69994,6 +70063,11 @@ config_property_copy_button:+++quarkus.oidc-client.connection-timeout+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".connection-timeout` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".connection-timeout+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The number of seconds after which the current OIDC connection request times out. @@ -70015,6 +70089,11 @@ config_property_copy_button:+++quarkus.oidc-client.use-blocking-dns-lookup+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".use-blocking-dns-lookup` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".use-blocking-dns-lookup+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. @@ -70036,6 +70115,11 @@ config_property_copy_button:+++quarkus.oidc-client.max-pool-size+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".max-pool-size` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".max-pool-size+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The maximum size of the connection pool used by the WebClient. @@ -70057,6 +70141,11 @@ config_property_copy_button:+++quarkus.oidc-client.follow-redirects+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".follow-redirects` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".follow-redirects+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. @@ -70078,6 +70167,11 @@ config_property_copy_button:+++quarkus.oidc-client.token-path+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".token-path` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".token-path+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The OIDC token endpoint that issues access and refresh tokens; specified as a relative path or absolute URL. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. @@ -70099,6 +70193,11 @@ config_property_copy_button:+++quarkus.oidc-client.revoke-path+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".revoke-path` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".revoke-path+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The relative path or absolute URL of the OIDC token revocation endpoint. @@ -70120,6 +70219,11 @@ config_property_copy_button:+++quarkus.oidc-client.client-id+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".client-id` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".client-id+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The client id of the application. Each application has a client id that is used to identify the application. Setting the client id is not required if `application-type` is `service` and no token introspection is required. @@ -70141,6 +70245,11 @@ config_property_copy_button:+++quarkus.oidc-client.client-name+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".client-name` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".client-name+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The client name of the application. It is meant to represent a human readable description of the application which you may provide when an application (client) is registered in an OpenId Connect provider's dashboard. For example, you can set this property to have more informative log messages which record an activity of the given client. @@ -70162,6 +70271,11 @@ config_property_copy_button:+++quarkus.oidc-client.id+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".id` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".id+++[] +endif::add-copy-button-to-config-props[] + [.description] -- A unique OIDC client identifier. It must be set when OIDC clients are created dynamically and is optional in all other cases. @@ -70183,6 +70297,11 @@ config_property_copy_button:+++quarkus.oidc-client.client-enabled+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".client-enabled` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".client-enabled+++[] +endif::add-copy-button-to-config-props[] + [.description] -- If this client configuration is enabled. @@ -70204,6 +70323,11 @@ config_property_copy_button:+++quarkus.oidc-client.scopes+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".scopes` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".scopes+++[] +endif::add-copy-button-to-config-props[] + [.description] -- List of access token scopes @@ -70225,6 +70349,11 @@ config_property_copy_button:+++quarkus.oidc-client.refresh-token-time-skew+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".refresh-token-time-skew` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".refresh-token-time-skew+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Refresh token time skew. If this property is enabled then the configured duration is converted to seconds and is added to the current time when checking whether the access token should be refreshed. If the sum is greater than this access token's expiration time then a refresh is going to happen. @@ -70246,6 +70375,11 @@ config_property_copy_button:+++quarkus.oidc-client.access-token-expires-in+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".access-token-expires-in` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".access-token-expires-in+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Access token expiration period relative to the current time. This property is only checked when an access token grant response does not include an access token expiration property. @@ -70267,6 +70401,11 @@ config_property_copy_button:+++quarkus.oidc-client.absolute-expires-in+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".absolute-expires-in` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".absolute-expires-in+++[] +endif::add-copy-button-to-config-props[] + [.description] -- If the access token 'expires_in' property should be checked as an absolute time value as opposed to a duration relative to the current time. @@ -70288,6 +70427,11 @@ config_property_copy_button:+++quarkus.oidc-client.grant.type+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".grant.type` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".grant.type+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Grant type @@ -70309,6 +70453,11 @@ config_property_copy_button:+++quarkus.oidc-client.grant.access-token-property++ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".grant.access-token-property` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".grant.access-token-property+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Access token property name in a token grant response @@ -70330,6 +70479,11 @@ config_property_copy_button:+++quarkus.oidc-client.grant.refresh-token-property+ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".grant.refresh-token-property` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".grant.refresh-token-property+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Refresh token property name in a token grant response @@ -70351,6 +70505,11 @@ config_property_copy_button:+++quarkus.oidc-client.grant.expires-in-property+++[ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".grant.expires-in-property` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".grant.expires-in-property+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Access token expiry property name in a token grant response @@ -70372,6 +70531,11 @@ config_property_copy_button:+++quarkus.oidc-client.grant.refresh-expires-in-prop endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".grant.refresh-expires-in-property` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".grant.refresh-expires-in-property+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Refresh token expiry property name in a token grant response @@ -70393,6 +70557,11 @@ config_property_copy_button:+++quarkus.oidc-client.grant-options."grant-name"+++ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".grant-options."grant-name"` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".grant-options."grant-name"+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Grant options @@ -70414,6 +70583,11 @@ config_property_copy_button:+++quarkus.oidc-client.early-tokens-acquisition+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".early-tokens-acquisition` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".early-tokens-acquisition+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Requires that all filters which use 'OidcClient' acquire the tokens at the post-construct initialization time, possibly long before these tokens are used. This property should be disabled if the access token may expire before it is used for the first time and no refresh token is available. @@ -70435,6 +70609,11 @@ config_property_copy_button:+++quarkus.oidc-client.headers."headers"+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".headers."headers"` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".headers."headers"+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Custom HTTP headers which have to be sent to the token endpoint @@ -70460,6 +70639,11 @@ config_property_copy_button:+++quarkus.oidc-client.proxy.host+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".proxy.host` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".proxy.host+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The host name or IP address of the Proxy. + @@ -70482,6 +70666,11 @@ config_property_copy_button:+++quarkus.oidc-client.proxy.port+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".proxy.port` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".proxy.port+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The port number of the Proxy. The default value is `80`. @@ -70503,6 +70692,11 @@ config_property_copy_button:+++quarkus.oidc-client.proxy.username+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".proxy.username` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".proxy.username+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The username, if the Proxy needs authentication. @@ -70524,6 +70718,11 @@ config_property_copy_button:+++quarkus.oidc-client.proxy.password+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".proxy.password` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".proxy.password+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The password, if the Proxy needs authentication. @@ -70550,6 +70749,11 @@ config_property_copy_button:+++quarkus.oidc-client.tls.tls-configuration-name+++ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".tls.tls-configuration-name` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".tls.tls-configuration-name+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The name of the TLS configuration to use. @@ -70580,6 +70784,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.secret+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.secret` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.secret+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The client secret used by the `client_secret_basic` authentication method. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. You can use `client-secret.value` instead, but both properties are mutually exclusive. @@ -70601,6 +70810,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.client-secret.val endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.client-secret.value` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.value+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The client secret value. This value is ignored if `credentials.secret` is set. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. @@ -70622,6 +70836,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.client-secret.pro endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.client-secret.provider.name` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.provider.name+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered @@ -70643,6 +70862,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.client-secret.pro endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.client-secret.provider.keyring-name` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.provider.keyring-name+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager @@ -70664,6 +70888,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.client-secret.pro endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.client-secret.provider.key` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.provider.key+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The CredentialsProvider client secret key @@ -70685,6 +70914,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.client-secret.met endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.client-secret.method` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.method+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The authentication method. If the `clientSecret.value` secret is set, this method is `basic` by default. @@ -70706,6 +70940,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.source+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.source` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.source+++[] +endif::add-copy-button-to-config-props[] + [.description] -- JWT token source: OIDC provider client or an existing JWT bearer token. @@ -70727,6 +70966,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.secret+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.secret` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret+++[] +endif::add-copy-button-to-config-props[] + [.description] -- If provided, indicates that JWT is signed using a secret key. It is mutually exclusive with `key`, `key-file` and `key-store` properties. @@ -70748,6 +70992,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.secret-provid endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.secret-provider.name` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret-provider.name+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered @@ -70769,6 +71018,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.secret-provid endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.secret-provider.keyring-name` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret-provider.keyring-name+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager @@ -70790,6 +71044,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.secret-provid endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.secret-provider.key` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret-provider.key+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The CredentialsProvider client secret key @@ -70811,6 +71070,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.key+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.key` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key+++[] +endif::add-copy-button-to-config-props[] + [.description] -- String representation of a private key. If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key-file` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. @@ -70832,6 +71096,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.key-file+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.key-file` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-file+++[] +endif::add-copy-button-to-config-props[] + [.description] -- If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. @@ -70853,6 +71122,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.key-store-fil endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.key-store-file` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-store-file+++[] +endif::add-copy-button-to-config-props[] + [.description] -- If provided, indicates that JWT is signed using a private key from a keystore. It is mutually exclusive with `secret`, `key` and `key-file` properties. @@ -70874,6 +71148,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.key-store-pas endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.key-store-password` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-store-password+++[] +endif::add-copy-button-to-config-props[] + [.description] -- A parameter to specify the password of the keystore file. @@ -70895,6 +71174,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.key-id+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.key-id` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-id+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The private key id or alias. @@ -70916,6 +71200,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.key-password+ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.key-password` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-password+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The private key password. @@ -70937,6 +71226,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.audience+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.audience` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.audience+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The JWT audience (`aud`) claim value. By default, the audience is set to the address of the OpenId Connect Provider's token endpoint. @@ -70958,6 +71252,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.token-key-id+ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.token-key-id` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.token-key-id+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The key identifier of the signing key added as a JWT `kid` header. @@ -70979,6 +71278,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.issuer+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.issuer` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.issuer+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The issuer of the signing key added as a JWT `iss` claim. The default value is the client id. @@ -71000,6 +71304,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.subject+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.subject` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.subject+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Subject of the signing key added as a JWT `sub` claim The default value is the client id. @@ -71021,6 +71330,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.claims."claim endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.claims."claim-name"` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.claims."claim-name"+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Additional claims. @@ -71042,6 +71356,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.signature-alg endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.signature-algorithm` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.signature-algorithm+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The signature algorithm used for the `key-file` property. Supported values: `RS256` (default), `RS384`, `RS512`, `PS256`, `PS384`, `PS512`, `ES256`, `ES384`, `ES512`, `HS256`, `HS384`, `HS512`. @@ -71063,1264 +71382,52 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.lifespan+++[] endif::add-copy-button-to-config-props[] -[.description] --- -The JWT lifespan in seconds. This value is added to the time at which the JWT was issued to calculate the expiration time. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_LIFESPAN+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_LIFESPAN+++` -endif::add-copy-button-to-env-var[] --- -|int -|`10` - -a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-assertion]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-assertion[`quarkus.oidc-client.credentials.jwt.assertion`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.assertion+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -If true then the client authentication token is a JWT bearer grant assertion. Instead of producing 'client_assertion' and 'client_assertion_type' form properties, only 'assertion' is produced. This option is only supported by the OIDC client extension. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_ASSERTION+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_ASSERTION+++` -endif::add-copy-button-to-env-var[] --- -|boolean -|`false` - - -h|[[quarkus-oidc-client_section_quarkus-oidc-client]] [.section-name.section-level0]##link:#quarkus-oidc-client_section_quarkus-oidc-client[Additional named clients]## -h|Type -h|Default - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-auth-server-url]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-auth-server-url[`quarkus.oidc-client."id".auth-server-url`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".auth-server-url+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__AUTH_SERVER_URL+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__AUTH_SERVER_URL+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-discovery-enabled]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-discovery-enabled[`quarkus.oidc-client."id".discovery-enabled`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".discovery-enabled+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__DISCOVERY_ENABLED+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__DISCOVERY_ENABLED+++` -endif::add-copy-button-to-env-var[] --- -|boolean -|`true` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-registration-path]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-registration-path[`quarkus.oidc-client."id".registration-path`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".registration-path+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__REGISTRATION_PATH+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__REGISTRATION_PATH+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-connection-delay]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-connection-delay[`quarkus.oidc-client."id".connection-delay`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".connection-delay+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_DELAY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_DELAY+++` -endif::add-copy-button-to-env-var[] --- -|link:https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/time/Duration.html[Duration] link:#duration-note-anchor-all-config[icon:question-circle[title=More information about the Duration format]] -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-connection-retry-count]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-connection-retry-count[`quarkus.oidc-client."id".connection-retry-count`]## +`quarkus.oidc-client."id".credentials.jwt.lifespan` ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".connection-retry-count+++[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.lifespan+++[] endif::add-copy-button-to-config-props[] - [.description] -- -The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. +The JWT lifespan in seconds. This value is added to the time at which the JWT was issued to calculate the expiration time. ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_RETRY_COUNT+++[] +Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_LIFESPAN+++[] endif::add-copy-button-to-env-var[] ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_RETRY_COUNT+++` +Environment variable: `+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_LIFESPAN+++` endif::add-copy-button-to-env-var[] -- |int -|`3` +|`10` -a| [[quarkus-oidc-client_quarkus-oidc-client-id-connection-timeout]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-connection-timeout[`quarkus.oidc-client."id".connection-timeout`]## +a| [[quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-assertion]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-credentials-jwt-assertion[`quarkus.oidc-client.credentials.jwt.assertion`]## ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".connection-timeout+++[] +config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.assertion+++[] endif::add-copy-button-to-config-props[] -[.description] --- -The number of seconds after which the current OIDC connection request times out. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_TIMEOUT+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_TIMEOUT+++` -endif::add-copy-button-to-env-var[] --- -|link:https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/time/Duration.html[Duration] link:#duration-note-anchor-all-config[icon:question-circle[title=More information about the Duration format]] -|`10S` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-use-blocking-dns-lookup]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-use-blocking-dns-lookup[`quarkus.oidc-client."id".use-blocking-dns-lookup`]## +`quarkus.oidc-client."id".credentials.jwt.assertion` ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".use-blocking-dns-lookup+++[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.assertion+++[] endif::add-copy-button-to-config-props[] - [.description] -- -Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. +If true then the client authentication token is a JWT bearer grant assertion. Instead of producing 'client_assertion' and 'client_assertion_type' form properties, only 'assertion' is produced. This option is only supported by the OIDC client extension. ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__USE_BLOCKING_DNS_LOOKUP+++[] +Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_ASSERTION+++[] endif::add-copy-button-to-env-var[] ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__USE_BLOCKING_DNS_LOOKUP+++` +Environment variable: `+++QUARKUS_OIDC_CLIENT_CREDENTIALS_JWT_ASSERTION+++` endif::add-copy-button-to-env-var[] -- |boolean |`false` -a| [[quarkus-oidc-client_quarkus-oidc-client-id-max-pool-size]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-max-pool-size[`quarkus.oidc-client."id".max-pool-size`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".max-pool-size+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The maximum size of the connection pool used by the WebClient. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__MAX_POOL_SIZE+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__MAX_POOL_SIZE+++` -endif::add-copy-button-to-env-var[] --- -|int -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-follow-redirects]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-follow-redirects[`quarkus.oidc-client."id".follow-redirects`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".follow-redirects+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__FOLLOW_REDIRECTS+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__FOLLOW_REDIRECTS+++` -endif::add-copy-button-to-env-var[] --- -|boolean -|`true` - -h|[[quarkus-oidc-client_section_quarkus-oidc-client-id-proxy]] [.section-name.section-level1]##link:#quarkus-oidc-client_section_quarkus-oidc-client-id-proxy[HTTP proxy configuration]## -h|Type -h|Default - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-host]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-proxy-host[`quarkus.oidc-client."id".proxy.host`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".proxy.host+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The host name or IP address of the Proxy. + -Note: If the OIDC adapter requires a Proxy to talk with the OIDC server (Provider), set this value to enable the usage of a Proxy. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_HOST+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__PROXY_HOST+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-port]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-proxy-port[`quarkus.oidc-client."id".proxy.port`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".proxy.port+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The port number of the Proxy. The default value is `80`. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_PORT+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__PROXY_PORT+++` -endif::add-copy-button-to-env-var[] --- -|int -|`80` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-username]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-proxy-username[`quarkus.oidc-client."id".proxy.username`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".proxy.username+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The username, if the Proxy needs authentication. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_USERNAME+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__PROXY_USERNAME+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-password]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-proxy-password[`quarkus.oidc-client."id".proxy.password`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".proxy.password+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The password, if the Proxy needs authentication. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_PASSWORD+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__PROXY_PASSWORD+++` -endif::add-copy-button-to-env-var[] --- -|string -| - - -h|[[quarkus-oidc-client_section_quarkus-oidc-client-id-tls]] [.section-name.section-level1]##link:#quarkus-oidc-client_section_quarkus-oidc-client-id-tls[TLS configuration]## -h|Type -h|Default - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-tls-tls-configuration-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-tls-tls-configuration-name[`quarkus.oidc-client."id".tls.tls-configuration-name`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".tls.tls-configuration-name+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The name of the TLS configuration to use. - -If a name is configured, it uses the configuration from `quarkus.tls..++*++` If a name is configured, but no TLS configuration is found with that name then an error will be thrown. - -The default TLS configuration is *not* used by default. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__TLS_TLS_CONFIGURATION_NAME+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__TLS_TLS_CONFIGURATION_NAME+++` -endif::add-copy-button-to-env-var[] --- -|string -| - - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-token-path]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-token-path[`quarkus.oidc-client."id".token-path`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".token-path+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The OIDC token endpoint that issues access and refresh tokens; specified as a relative path or absolute URL. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__TOKEN_PATH+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__TOKEN_PATH+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-revoke-path]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-revoke-path[`quarkus.oidc-client."id".revoke-path`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".revoke-path+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The relative path or absolute URL of the OIDC token revocation endpoint. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__REVOKE_PATH+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__REVOKE_PATH+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-client-id]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-client-id[`quarkus.oidc-client."id".client-id`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".client-id+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The client id of the application. Each application has a client id that is used to identify the application. Setting the client id is not required if `application-type` is `service` and no token introspection is required. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CLIENT_ID+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CLIENT_ID+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-client-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-client-name[`quarkus.oidc-client."id".client-name`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".client-name+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The client name of the application. It is meant to represent a human readable description of the application which you may provide when an application (client) is registered in an OpenId Connect provider's dashboard. For example, you can set this property to have more informative log messages which record an activity of the given client. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CLIENT_NAME+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CLIENT_NAME+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -h|[[quarkus-oidc-client_section_quarkus-oidc-client-id-credentials]] [.section-name.section-level1]##link:#quarkus-oidc-client_section_quarkus-oidc-client-id-credentials[Different authentication options for OIDC client to access OIDC token and other secured endpoints]## -h|Type -h|Default - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-secret]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-secret[`quarkus.oidc-client."id".credentials.secret`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.secret+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The client secret used by the `client_secret_basic` authentication method. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. You can use `client-secret.value` instead, but both properties are mutually exclusive. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_SECRET+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_SECRET+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-value]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-value[`quarkus.oidc-client."id".credentials.client-secret.value`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.value+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The client secret value. This value is ignored if `credentials.secret` is set. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_VALUE+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_VALUE+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provider-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provider-name[`quarkus.oidc-client."id".credentials.client-secret.provider.name`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.provider.name+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_NAME+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_NAME+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provider-keyring-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provider-keyring-name[`quarkus.oidc-client."id".credentials.client-secret.provider.keyring-name`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.provider.keyring-name+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEYRING_NAME+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEYRING_NAME+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provider-key]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provider-key[`quarkus.oidc-client."id".credentials.client-secret.provider.key`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.provider.key+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The CredentialsProvider client secret key - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEY+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-method]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-method[`quarkus.oidc-client."id".credentials.client-secret.method`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.method+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The authentication method. If the `clientSecret.value` secret is set, this method is `basic` by default. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_METHOD+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_METHOD+++` -endif::add-copy-button-to-env-var[] --- -a|tooltip:basic[`client_secret_basic` (default)\: The client id and secret are submitted with the HTTP Authorization Basic scheme.], tooltip:post[`client_secret_post`\: The client id and secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:post-jwt[`client_secret_jwt`\: The client id and generated JWT secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:query[client id and secret are submitted as HTTP query parameters. This option is only supported by the OIDC extension.] -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-source]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-source[`quarkus.oidc-client."id".credentials.jwt.source`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.source+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -JWT token source: OIDC provider client or an existing JWT bearer token. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SOURCE+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SOURCE+++` -endif::add-copy-button-to-env-var[] --- -a|`client`, `bearer` -|`client` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret[`quarkus.oidc-client."id".credentials.jwt.secret`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -If provided, indicates that JWT is signed using a secret key. It is mutually exclusive with `key`, `key-file` and `key-store` properties. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider-name[`quarkus.oidc-client."id".credentials.jwt.secret-provider.name`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret-provider.name+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_NAME+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_NAME+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider-keyring-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider-keyring-name[`quarkus.oidc-client."id".credentials.jwt.secret-provider.keyring-name`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret-provider.keyring-name+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_KEYRING_NAME+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_KEYRING_NAME+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider-key]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider-key[`quarkus.oidc-client."id".credentials.jwt.secret-provider.key`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret-provider.key+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The CredentialsProvider client secret key - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_KEY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_KEY+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key[`quarkus.oidc-client."id".credentials.jwt.key`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -String representation of a private key. If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key-file` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-file]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-file[`quarkus.oidc-client."id".credentials.jwt.key-file`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-file+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_FILE+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_FILE+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-store-file]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-store-file[`quarkus.oidc-client."id".credentials.jwt.key-store-file`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-store-file+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -If provided, indicates that JWT is signed using a private key from a keystore. It is mutually exclusive with `secret`, `key` and `key-file` properties. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_STORE_FILE+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_STORE_FILE+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-store-password]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-store-password[`quarkus.oidc-client."id".credentials.jwt.key-store-password`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-store-password+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -A parameter to specify the password of the keystore file. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_STORE_PASSWORD+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_STORE_PASSWORD+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-id]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-id[`quarkus.oidc-client."id".credentials.jwt.key-id`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-id+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The private key id or alias. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_ID+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_ID+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-password]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-password[`quarkus.oidc-client."id".credentials.jwt.key-password`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-password+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The private key password. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_PASSWORD+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_PASSWORD+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-audience]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-audience[`quarkus.oidc-client."id".credentials.jwt.audience`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.audience+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The JWT audience (`aud`) claim value. By default, the audience is set to the address of the OpenId Connect Provider's token endpoint. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_AUDIENCE+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_AUDIENCE+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-token-key-id]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-token-key-id[`quarkus.oidc-client."id".credentials.jwt.token-key-id`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.token-key-id+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The key identifier of the signing key added as a JWT `kid` header. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_TOKEN_KEY_ID+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_TOKEN_KEY_ID+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-issuer]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-issuer[`quarkus.oidc-client."id".credentials.jwt.issuer`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.issuer+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The issuer of the signing key added as a JWT `iss` claim. The default value is the client id. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_ISSUER+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_ISSUER+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-subject]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-subject[`quarkus.oidc-client."id".credentials.jwt.subject`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.subject+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Subject of the signing key added as a JWT `sub` claim The default value is the client id. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SUBJECT+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SUBJECT+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-claims-claim-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-claims-claim-name[`quarkus.oidc-client."id".credentials.jwt.claims."claim-name"`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.claims."claim-name"+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Additional claims. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_CLAIMS__CLAIM_NAME_+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_CLAIMS__CLAIM_NAME_+++` -endif::add-copy-button-to-env-var[] --- -|Map -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-signature-algorithm]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-signature-algorithm[`quarkus.oidc-client."id".credentials.jwt.signature-algorithm`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.signature-algorithm+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The signature algorithm used for the `key-file` property. Supported values: `RS256` (default), `RS384`, `RS512`, `PS256`, `PS384`, `PS512`, `ES256`, `ES384`, `ES512`, `HS256`, `HS384`, `HS512`. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SIGNATURE_ALGORITHM+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SIGNATURE_ALGORITHM+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-lifespan]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-lifespan[`quarkus.oidc-client."id".credentials.jwt.lifespan`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.lifespan+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The JWT lifespan in seconds. This value is added to the time at which the JWT was issued to calculate the expiration time. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_LIFESPAN+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_LIFESPAN+++` -endif::add-copy-button-to-env-var[] --- -|int -|`10` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-assertion]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-assertion[`quarkus.oidc-client."id".credentials.jwt.assertion`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.assertion+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -If true then the client authentication token is a JWT bearer grant assertion. Instead of producing 'client_assertion' and 'client_assertion_type' form properties, only 'assertion' is produced. This option is only supported by the OIDC client extension. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_ASSERTION+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_ASSERTION+++` -endif::add-copy-button-to-env-var[] --- -|boolean -|`false` - - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-id]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-id[`quarkus.oidc-client."id".id`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".id+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -A unique OIDC client identifier. It must be set when OIDC clients are created dynamically and is optional in all other cases. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__ID+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__ID+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-client-enabled]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-client-enabled[`quarkus.oidc-client."id".client-enabled`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".client-enabled+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -If this client configuration is enabled. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CLIENT_ENABLED+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CLIENT_ENABLED+++` -endif::add-copy-button-to-env-var[] --- -|boolean -|`true` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-scopes]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-scopes[`quarkus.oidc-client."id".scopes`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".scopes+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -List of access token scopes - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__SCOPES+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__SCOPES+++` -endif::add-copy-button-to-env-var[] --- -|list of string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-refresh-token-time-skew]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-refresh-token-time-skew[`quarkus.oidc-client."id".refresh-token-time-skew`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".refresh-token-time-skew+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Refresh token time skew. If this property is enabled then the configured duration is converted to seconds and is added to the current time when checking whether the access token should be refreshed. If the sum is greater than this access token's expiration time then a refresh is going to happen. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__REFRESH_TOKEN_TIME_SKEW+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__REFRESH_TOKEN_TIME_SKEW+++` -endif::add-copy-button-to-env-var[] --- -|link:https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/time/Duration.html[Duration] link:#duration-note-anchor-all-config[icon:question-circle[title=More information about the Duration format]] -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-access-token-expires-in]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-access-token-expires-in[`quarkus.oidc-client."id".access-token-expires-in`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".access-token-expires-in+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Access token expiration period relative to the current time. This property is only checked when an access token grant response does not include an access token expiration property. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__ACCESS_TOKEN_EXPIRES_IN+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__ACCESS_TOKEN_EXPIRES_IN+++` -endif::add-copy-button-to-env-var[] --- -|link:https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/time/Duration.html[Duration] link:#duration-note-anchor-all-config[icon:question-circle[title=More information about the Duration format]] -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-absolute-expires-in]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-absolute-expires-in[`quarkus.oidc-client."id".absolute-expires-in`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".absolute-expires-in+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -If the access token 'expires_in' property should be checked as an absolute time value as opposed to a duration relative to the current time. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__ABSOLUTE_EXPIRES_IN+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__ABSOLUTE_EXPIRES_IN+++` -endif::add-copy-button-to-env-var[] --- -|boolean -|`false` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-grant-type]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-grant-type[`quarkus.oidc-client."id".grant.type`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".grant.type+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Grant type - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__GRANT_TYPE+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__GRANT_TYPE+++` -endif::add-copy-button-to-env-var[] --- -a|tooltip:client['client_credentials' grant requiring an OIDC client authentication only], tooltip:password['password' grant requiring both OIDC client and user ('username' and 'password') authentications], tooltip:code['authorization_code' grant requiring an OIDC client authentication as well as at least 'code' and 'redirect_uri' parameters which must be passed to OidcClient at the token request time.], tooltip:exchange['urn\:ietf\:params\:oauth\:grant-type\:token-exchange' grant requiring an OIDC client authentication as well as at least 'subject_token' parameter which must be passed to OidcClient at the token request time.], tooltip:jwt['urn\:ietf\:params\:oauth\:grant-type\:jwt-bearer' grant requiring an OIDC client authentication as well as at least an 'assertion' parameter which must be passed to OidcClient at the token request time.], tooltip:refresh['refresh_token' grant requiring an OIDC client authentication and a refresh token. Note, OidcClient supports this grant by default if an access token acquisition response contained a refresh token. However, in some cases, the refresh token is provided out of band, for example, it can be shared between several of the confidential client's services, etc. If 'quarkus.oidc-client.grant-type' is set to 'refresh' then `OidcClient` will only support refreshing the tokens.], tooltip:ciba['urn\:openid\:params\:grant-type\:ciba' grant requiring an OIDC client authentication as well as 'auth_req_id' parameter which must be passed to OidcClient at the token request time.], tooltip:device['urn\:ietf\:params\:oauth\:grant-type\:device_code' grant requiring an OIDC client authentication as well as 'device_code' parameter which must be passed to OidcClient at the token request time.] -|tooltip:client['client_credentials' grant requiring an OIDC client authentication only] - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-grant-access-token-property]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-grant-access-token-property[`quarkus.oidc-client."id".grant.access-token-property`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".grant.access-token-property+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Access token property name in a token grant response - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__GRANT_ACCESS_TOKEN_PROPERTY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__GRANT_ACCESS_TOKEN_PROPERTY+++` -endif::add-copy-button-to-env-var[] --- -|string -|`access_token` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-grant-refresh-token-property]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-grant-refresh-token-property[`quarkus.oidc-client."id".grant.refresh-token-property`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".grant.refresh-token-property+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Refresh token property name in a token grant response - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__GRANT_REFRESH_TOKEN_PROPERTY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__GRANT_REFRESH_TOKEN_PROPERTY+++` -endif::add-copy-button-to-env-var[] --- -|string -|`refresh_token` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-grant-expires-in-property]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-grant-expires-in-property[`quarkus.oidc-client."id".grant.expires-in-property`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".grant.expires-in-property+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Access token expiry property name in a token grant response - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__GRANT_EXPIRES_IN_PROPERTY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__GRANT_EXPIRES_IN_PROPERTY+++` -endif::add-copy-button-to-env-var[] --- -|string -|`expires_in` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-grant-refresh-expires-in-property]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-grant-refresh-expires-in-property[`quarkus.oidc-client."id".grant.refresh-expires-in-property`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".grant.refresh-expires-in-property+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Refresh token expiry property name in a token grant response - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__GRANT_REFRESH_EXPIRES_IN_PROPERTY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__GRANT_REFRESH_EXPIRES_IN_PROPERTY+++` -endif::add-copy-button-to-env-var[] --- -|string -|`refresh_expires_in` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-grant-options-grant-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-grant-options-grant-name[`quarkus.oidc-client."id".grant-options."grant-name"`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".grant-options."grant-name"+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Grant options - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__GRANT_OPTIONS__GRANT_NAME_+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__GRANT_OPTIONS__GRANT_NAME_+++` -endif::add-copy-button-to-env-var[] --- -|Map> -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-early-tokens-acquisition]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-early-tokens-acquisition[`quarkus.oidc-client."id".early-tokens-acquisition`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".early-tokens-acquisition+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Requires that all filters which use 'OidcClient' acquire the tokens at the post-construct initialization time, possibly long before these tokens are used. This property should be disabled if the access token may expire before it is used for the first time and no refresh token is available. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__EARLY_TOKENS_ACQUISITION+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__EARLY_TOKENS_ACQUISITION+++` -endif::add-copy-button-to-env-var[] --- -|boolean -|`true` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-headers-headers]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-headers-headers[`quarkus.oidc-client."id".headers."headers"`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".headers."headers"+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Custom HTTP headers which have to be sent to the token endpoint - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__HEADERS__HEADERS_+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__HEADERS__HEADERS_+++` -endif::add-copy-button-to-env-var[] --- -|Map -| - h|[.extension-name]##OpenID Connect Client integration for GraphQL client## diff --git a/_generated-doc/main/config/quarkus-micrometer.adoc b/_generated-doc/main/config/quarkus-micrometer.adoc index b838824285a..952881e3a5e 100644 --- a/_generated-doc/main/config/quarkus-micrometer.adoc +++ b/_generated-doc/main/config/quarkus-micrometer.adoc @@ -319,6 +319,50 @@ endif::add-copy-button-to-env-var[] |boolean | +a|icon:lock[title=Fixed at build time] [[quarkus-micrometer_quarkus-micrometer-binder-virtual-threads-enabled]] [.property-path]##link:#quarkus-micrometer_quarkus-micrometer-binder-virtual-threads-enabled[`quarkus.micrometer.binder.virtual-threads.enabled`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.micrometer.binder.virtual-threads.enabled+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +Virtual Threads metrics support. + +Support for virtual threads metrics will be enabled if Micrometer support is enabled, this value is set to `true` (default), the JVM supports virtual threads (Java 21{plus}) and the `quarkus.micrometer.binder-enabled-default` property is true. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_MICROMETER_BINDER_VIRTUAL_THREADS_ENABLED+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_MICROMETER_BINDER_VIRTUAL_THREADS_ENABLED+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +| + +a|icon:lock[title=Fixed at build time] [[quarkus-micrometer_quarkus-micrometer-binder-virtual-threads-tags]] [.property-path]##link:#quarkus-micrometer_quarkus-micrometer-binder-virtual-threads-tags[`quarkus.micrometer.binder.virtual-threads.tags`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.micrometer.binder.virtual-threads.tags+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +The tags to be added to the metrics. Empty by default. When set, tags are passed as: `key1=value1,key2=value2`. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_MICROMETER_BINDER_VIRTUAL_THREADS_TAGS+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_MICROMETER_BINDER_VIRTUAL_THREADS_TAGS+++` +endif::add-copy-button-to-env-var[] +-- +|list of string +| + a|icon:lock[title=Fixed at build time] [[quarkus-micrometer_quarkus-micrometer-binder-system]] [.property-path]##link:#quarkus-micrometer_quarkus-micrometer-binder-system[`quarkus.micrometer.binder.system`]## ifdef::add-copy-button-to-config-props[] config_property_copy_button:+++quarkus.micrometer.binder.system+++[] diff --git a/_generated-doc/main/config/quarkus-micrometer_quarkus.micrometer.adoc b/_generated-doc/main/config/quarkus-micrometer_quarkus.micrometer.adoc index b838824285a..952881e3a5e 100644 --- a/_generated-doc/main/config/quarkus-micrometer_quarkus.micrometer.adoc +++ b/_generated-doc/main/config/quarkus-micrometer_quarkus.micrometer.adoc @@ -319,6 +319,50 @@ endif::add-copy-button-to-env-var[] |boolean | +a|icon:lock[title=Fixed at build time] [[quarkus-micrometer_quarkus-micrometer-binder-virtual-threads-enabled]] [.property-path]##link:#quarkus-micrometer_quarkus-micrometer-binder-virtual-threads-enabled[`quarkus.micrometer.binder.virtual-threads.enabled`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.micrometer.binder.virtual-threads.enabled+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +Virtual Threads metrics support. + +Support for virtual threads metrics will be enabled if Micrometer support is enabled, this value is set to `true` (default), the JVM supports virtual threads (Java 21{plus}) and the `quarkus.micrometer.binder-enabled-default` property is true. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_MICROMETER_BINDER_VIRTUAL_THREADS_ENABLED+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_MICROMETER_BINDER_VIRTUAL_THREADS_ENABLED+++` +endif::add-copy-button-to-env-var[] +-- +|boolean +| + +a|icon:lock[title=Fixed at build time] [[quarkus-micrometer_quarkus-micrometer-binder-virtual-threads-tags]] [.property-path]##link:#quarkus-micrometer_quarkus-micrometer-binder-virtual-threads-tags[`quarkus.micrometer.binder.virtual-threads.tags`]## +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.micrometer.binder.virtual-threads.tags+++[] +endif::add-copy-button-to-config-props[] + + +[.description] +-- +The tags to be added to the metrics. Empty by default. When set, tags are passed as: `key1=value1,key2=value2`. + + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_MICROMETER_BINDER_VIRTUAL_THREADS_TAGS+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_MICROMETER_BINDER_VIRTUAL_THREADS_TAGS+++` +endif::add-copy-button-to-env-var[] +-- +|list of string +| + a|icon:lock[title=Fixed at build time] [[quarkus-micrometer_quarkus-micrometer-binder-system]] [.property-path]##link:#quarkus-micrometer_quarkus-micrometer-binder-system[`quarkus.micrometer.binder.system`]## ifdef::add-copy-button-to-config-props[] config_property_copy_button:+++quarkus.micrometer.binder.system+++[] diff --git a/_generated-doc/main/config/quarkus-oidc-client.adoc b/_generated-doc/main/config/quarkus-oidc-client.adoc index 3717e29c8a7..05190c12bc4 100644 --- a/_generated-doc/main/config/quarkus-oidc-client.adoc +++ b/_generated-doc/main/config/quarkus-oidc-client.adoc @@ -34,6 +34,11 @@ config_property_copy_button:+++quarkus.oidc-client.auth-server-url+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".auth-server-url` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".auth-server-url+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. @@ -55,6 +60,11 @@ config_property_copy_button:+++quarkus.oidc-client.discovery-enabled+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".discovery-enabled` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".discovery-enabled+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. @@ -76,6 +86,11 @@ config_property_copy_button:+++quarkus.oidc-client.registration-path+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".registration-path` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".registration-path+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. @@ -97,6 +112,11 @@ config_property_copy_button:+++quarkus.oidc-client.connection-delay+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".connection-delay` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".connection-delay+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. @@ -118,6 +138,11 @@ config_property_copy_button:+++quarkus.oidc-client.connection-retry-count+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".connection-retry-count` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".connection-retry-count+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. @@ -139,6 +164,11 @@ config_property_copy_button:+++quarkus.oidc-client.connection-timeout+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".connection-timeout` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".connection-timeout+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The number of seconds after which the current OIDC connection request times out. @@ -160,6 +190,11 @@ config_property_copy_button:+++quarkus.oidc-client.use-blocking-dns-lookup+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".use-blocking-dns-lookup` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".use-blocking-dns-lookup+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. @@ -181,6 +216,11 @@ config_property_copy_button:+++quarkus.oidc-client.max-pool-size+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".max-pool-size` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".max-pool-size+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The maximum size of the connection pool used by the WebClient. @@ -202,6 +242,11 @@ config_property_copy_button:+++quarkus.oidc-client.follow-redirects+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".follow-redirects` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".follow-redirects+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. @@ -223,6 +268,11 @@ config_property_copy_button:+++quarkus.oidc-client.token-path+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".token-path` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".token-path+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The OIDC token endpoint that issues access and refresh tokens; specified as a relative path or absolute URL. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. @@ -244,6 +294,11 @@ config_property_copy_button:+++quarkus.oidc-client.revoke-path+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".revoke-path` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".revoke-path+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The relative path or absolute URL of the OIDC token revocation endpoint. @@ -265,6 +320,11 @@ config_property_copy_button:+++quarkus.oidc-client.client-id+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".client-id` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".client-id+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The client id of the application. Each application has a client id that is used to identify the application. Setting the client id is not required if `application-type` is `service` and no token introspection is required. @@ -286,6 +346,11 @@ config_property_copy_button:+++quarkus.oidc-client.client-name+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".client-name` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".client-name+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The client name of the application. It is meant to represent a human readable description of the application which you may provide when an application (client) is registered in an OpenId Connect provider's dashboard. For example, you can set this property to have more informative log messages which record an activity of the given client. @@ -307,6 +372,11 @@ config_property_copy_button:+++quarkus.oidc-client.id+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".id` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".id+++[] +endif::add-copy-button-to-config-props[] + [.description] -- A unique OIDC client identifier. It must be set when OIDC clients are created dynamically and is optional in all other cases. @@ -328,6 +398,11 @@ config_property_copy_button:+++quarkus.oidc-client.client-enabled+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".client-enabled` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".client-enabled+++[] +endif::add-copy-button-to-config-props[] + [.description] -- If this client configuration is enabled. @@ -349,6 +424,11 @@ config_property_copy_button:+++quarkus.oidc-client.scopes+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".scopes` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".scopes+++[] +endif::add-copy-button-to-config-props[] + [.description] -- List of access token scopes @@ -370,6 +450,11 @@ config_property_copy_button:+++quarkus.oidc-client.refresh-token-time-skew+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".refresh-token-time-skew` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".refresh-token-time-skew+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Refresh token time skew. If this property is enabled then the configured duration is converted to seconds and is added to the current time when checking whether the access token should be refreshed. If the sum is greater than this access token's expiration time then a refresh is going to happen. @@ -391,6 +476,11 @@ config_property_copy_button:+++quarkus.oidc-client.access-token-expires-in+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".access-token-expires-in` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".access-token-expires-in+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Access token expiration period relative to the current time. This property is only checked when an access token grant response does not include an access token expiration property. @@ -412,6 +502,11 @@ config_property_copy_button:+++quarkus.oidc-client.absolute-expires-in+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".absolute-expires-in` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".absolute-expires-in+++[] +endif::add-copy-button-to-config-props[] + [.description] -- If the access token 'expires_in' property should be checked as an absolute time value as opposed to a duration relative to the current time. @@ -433,6 +528,11 @@ config_property_copy_button:+++quarkus.oidc-client.grant.type+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".grant.type` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".grant.type+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Grant type @@ -454,6 +554,11 @@ config_property_copy_button:+++quarkus.oidc-client.grant.access-token-property++ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".grant.access-token-property` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".grant.access-token-property+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Access token property name in a token grant response @@ -475,6 +580,11 @@ config_property_copy_button:+++quarkus.oidc-client.grant.refresh-token-property+ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".grant.refresh-token-property` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".grant.refresh-token-property+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Refresh token property name in a token grant response @@ -496,6 +606,11 @@ config_property_copy_button:+++quarkus.oidc-client.grant.expires-in-property+++[ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".grant.expires-in-property` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".grant.expires-in-property+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Access token expiry property name in a token grant response @@ -517,6 +632,11 @@ config_property_copy_button:+++quarkus.oidc-client.grant.refresh-expires-in-prop endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".grant.refresh-expires-in-property` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".grant.refresh-expires-in-property+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Refresh token expiry property name in a token grant response @@ -538,6 +658,11 @@ config_property_copy_button:+++quarkus.oidc-client.grant-options."grant-name"+++ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".grant-options."grant-name"` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".grant-options."grant-name"+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Grant options @@ -559,6 +684,11 @@ config_property_copy_button:+++quarkus.oidc-client.early-tokens-acquisition+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".early-tokens-acquisition` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".early-tokens-acquisition+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Requires that all filters which use 'OidcClient' acquire the tokens at the post-construct initialization time, possibly long before these tokens are used. This property should be disabled if the access token may expire before it is used for the first time and no refresh token is available. @@ -580,6 +710,11 @@ config_property_copy_button:+++quarkus.oidc-client.headers."headers"+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".headers."headers"` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".headers."headers"+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Custom HTTP headers which have to be sent to the token endpoint @@ -605,6 +740,11 @@ config_property_copy_button:+++quarkus.oidc-client.proxy.host+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".proxy.host` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".proxy.host+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The host name or IP address of the Proxy. + @@ -627,6 +767,11 @@ config_property_copy_button:+++quarkus.oidc-client.proxy.port+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".proxy.port` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".proxy.port+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The port number of the Proxy. The default value is `80`. @@ -648,6 +793,11 @@ config_property_copy_button:+++quarkus.oidc-client.proxy.username+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".proxy.username` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".proxy.username+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The username, if the Proxy needs authentication. @@ -669,6 +819,11 @@ config_property_copy_button:+++quarkus.oidc-client.proxy.password+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".proxy.password` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".proxy.password+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The password, if the Proxy needs authentication. @@ -695,6 +850,11 @@ config_property_copy_button:+++quarkus.oidc-client.tls.tls-configuration-name+++ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".tls.tls-configuration-name` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".tls.tls-configuration-name+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The name of the TLS configuration to use. @@ -725,6 +885,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.secret+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.secret` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.secret+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The client secret used by the `client_secret_basic` authentication method. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. You can use `client-secret.value` instead, but both properties are mutually exclusive. @@ -746,6 +911,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.client-secret.val endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.client-secret.value` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.value+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The client secret value. This value is ignored if `credentials.secret` is set. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. @@ -767,6 +937,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.client-secret.pro endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.client-secret.provider.name` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.provider.name+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered @@ -788,6 +963,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.client-secret.pro endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.client-secret.provider.keyring-name` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.provider.keyring-name+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager @@ -809,6 +989,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.client-secret.pro endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.client-secret.provider.key` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.provider.key+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The CredentialsProvider client secret key @@ -830,6 +1015,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.client-secret.met endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.client-secret.method` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.method+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The authentication method. If the `clientSecret.value` secret is set, this method is `basic` by default. @@ -851,6 +1041,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.source+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.source` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.source+++[] +endif::add-copy-button-to-config-props[] + [.description] -- JWT token source: OIDC provider client or an existing JWT bearer token. @@ -872,6 +1067,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.secret+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.secret` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret+++[] +endif::add-copy-button-to-config-props[] + [.description] -- If provided, indicates that JWT is signed using a secret key. It is mutually exclusive with `key`, `key-file` and `key-store` properties. @@ -893,6 +1093,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.secret-provid endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.secret-provider.name` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret-provider.name+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered @@ -914,6 +1119,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.secret-provid endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.secret-provider.keyring-name` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret-provider.keyring-name+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager @@ -935,6 +1145,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.secret-provid endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.secret-provider.key` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret-provider.key+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The CredentialsProvider client secret key @@ -956,6 +1171,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.key+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.key` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key+++[] +endif::add-copy-button-to-config-props[] + [.description] -- String representation of a private key. If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key-file` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. @@ -977,6 +1197,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.key-file+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.key-file` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-file+++[] +endif::add-copy-button-to-config-props[] + [.description] -- If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. @@ -998,6 +1223,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.key-store-fil endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.key-store-file` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-store-file+++[] +endif::add-copy-button-to-config-props[] + [.description] -- If provided, indicates that JWT is signed using a private key from a keystore. It is mutually exclusive with `secret`, `key` and `key-file` properties. @@ -1019,6 +1249,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.key-store-pas endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.key-store-password` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-store-password+++[] +endif::add-copy-button-to-config-props[] + [.description] -- A parameter to specify the password of the keystore file. @@ -1040,6 +1275,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.key-id+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.key-id` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-id+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The private key id or alias. @@ -1061,6 +1301,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.key-password+ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.key-password` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-password+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The private key password. @@ -1082,6 +1327,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.audience+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.audience` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.audience+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The JWT audience (`aud`) claim value. By default, the audience is set to the address of the OpenId Connect Provider's token endpoint. @@ -1103,6 +1353,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.token-key-id+ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.token-key-id` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.token-key-id+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The key identifier of the signing key added as a JWT `kid` header. @@ -1124,6 +1379,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.issuer+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.issuer` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.issuer+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The issuer of the signing key added as a JWT `iss` claim. The default value is the client id. @@ -1145,6 +1405,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.subject+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.subject` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.subject+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Subject of the signing key added as a JWT `sub` claim The default value is the client id. @@ -1166,6 +1431,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.claims."claim endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.claims."claim-name"` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.claims."claim-name"+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Additional claims. @@ -1187,6 +1457,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.signature-alg endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.signature-algorithm` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.signature-algorithm+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The signature algorithm used for the `key-file` property. Supported values: `RS256` (default), `RS384`, `RS512`, `PS256`, `PS384`, `PS512`, `ES256`, `ES384`, `ES512`, `HS256`, `HS384`, `HS512`. @@ -1208,6 +1483,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.lifespan+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.lifespan` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.lifespan+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The JWT lifespan in seconds. This value is added to the time at which the JWT was issued to calculate the expiration time. @@ -1229,6 +1509,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.assertion+++[ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.assertion` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.assertion+++[] +endif::add-copy-button-to-config-props[] + [.description] -- If true then the client authentication token is a JWT bearer grant assertion. Instead of producing 'client_assertion' and 'client_assertion_type' form properties, only 'assertion' is produced. This option is only supported by the OIDC client extension. @@ -1245,1228 +1530,6 @@ endif::add-copy-button-to-env-var[] |`false` -h|[[quarkus-oidc-client_section_quarkus-oidc-client]] [.section-name.section-level0]##link:#quarkus-oidc-client_section_quarkus-oidc-client[Additional named clients]## -h|Type -h|Default - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-auth-server-url]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-auth-server-url[`quarkus.oidc-client."id".auth-server-url`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".auth-server-url+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__AUTH_SERVER_URL+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__AUTH_SERVER_URL+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-discovery-enabled]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-discovery-enabled[`quarkus.oidc-client."id".discovery-enabled`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".discovery-enabled+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__DISCOVERY_ENABLED+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__DISCOVERY_ENABLED+++` -endif::add-copy-button-to-env-var[] --- -|boolean -|`true` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-registration-path]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-registration-path[`quarkus.oidc-client."id".registration-path`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".registration-path+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__REGISTRATION_PATH+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__REGISTRATION_PATH+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-connection-delay]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-connection-delay[`quarkus.oidc-client."id".connection-delay`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".connection-delay+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_DELAY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_DELAY+++` -endif::add-copy-button-to-env-var[] --- -|link:https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/time/Duration.html[Duration] link:#duration-note-anchor-quarkus-oidc-client_quarkus-oidc-client[icon:question-circle[title=More information about the Duration format]] -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-connection-retry-count]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-connection-retry-count[`quarkus.oidc-client."id".connection-retry-count`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".connection-retry-count+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_RETRY_COUNT+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_RETRY_COUNT+++` -endif::add-copy-button-to-env-var[] --- -|int -|`3` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-connection-timeout]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-connection-timeout[`quarkus.oidc-client."id".connection-timeout`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".connection-timeout+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The number of seconds after which the current OIDC connection request times out. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_TIMEOUT+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_TIMEOUT+++` -endif::add-copy-button-to-env-var[] --- -|link:https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/time/Duration.html[Duration] link:#duration-note-anchor-quarkus-oidc-client_quarkus-oidc-client[icon:question-circle[title=More information about the Duration format]] -|`10S` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-use-blocking-dns-lookup]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-use-blocking-dns-lookup[`quarkus.oidc-client."id".use-blocking-dns-lookup`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".use-blocking-dns-lookup+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__USE_BLOCKING_DNS_LOOKUP+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__USE_BLOCKING_DNS_LOOKUP+++` -endif::add-copy-button-to-env-var[] --- -|boolean -|`false` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-max-pool-size]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-max-pool-size[`quarkus.oidc-client."id".max-pool-size`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".max-pool-size+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The maximum size of the connection pool used by the WebClient. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__MAX_POOL_SIZE+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__MAX_POOL_SIZE+++` -endif::add-copy-button-to-env-var[] --- -|int -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-follow-redirects]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-follow-redirects[`quarkus.oidc-client."id".follow-redirects`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".follow-redirects+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__FOLLOW_REDIRECTS+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__FOLLOW_REDIRECTS+++` -endif::add-copy-button-to-env-var[] --- -|boolean -|`true` - -h|[[quarkus-oidc-client_section_quarkus-oidc-client-id-proxy]] [.section-name.section-level1]##link:#quarkus-oidc-client_section_quarkus-oidc-client-id-proxy[HTTP proxy configuration]## -h|Type -h|Default - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-host]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-proxy-host[`quarkus.oidc-client."id".proxy.host`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".proxy.host+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The host name or IP address of the Proxy. + -Note: If the OIDC adapter requires a Proxy to talk with the OIDC server (Provider), set this value to enable the usage of a Proxy. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_HOST+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__PROXY_HOST+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-port]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-proxy-port[`quarkus.oidc-client."id".proxy.port`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".proxy.port+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The port number of the Proxy. The default value is `80`. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_PORT+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__PROXY_PORT+++` -endif::add-copy-button-to-env-var[] --- -|int -|`80` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-username]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-proxy-username[`quarkus.oidc-client."id".proxy.username`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".proxy.username+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The username, if the Proxy needs authentication. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_USERNAME+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__PROXY_USERNAME+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-password]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-proxy-password[`quarkus.oidc-client."id".proxy.password`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".proxy.password+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The password, if the Proxy needs authentication. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_PASSWORD+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__PROXY_PASSWORD+++` -endif::add-copy-button-to-env-var[] --- -|string -| - - -h|[[quarkus-oidc-client_section_quarkus-oidc-client-id-tls]] [.section-name.section-level1]##link:#quarkus-oidc-client_section_quarkus-oidc-client-id-tls[TLS configuration]## -h|Type -h|Default - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-tls-tls-configuration-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-tls-tls-configuration-name[`quarkus.oidc-client."id".tls.tls-configuration-name`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".tls.tls-configuration-name+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The name of the TLS configuration to use. - -If a name is configured, it uses the configuration from `quarkus.tls..++*++` If a name is configured, but no TLS configuration is found with that name then an error will be thrown. - -The default TLS configuration is *not* used by default. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__TLS_TLS_CONFIGURATION_NAME+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__TLS_TLS_CONFIGURATION_NAME+++` -endif::add-copy-button-to-env-var[] --- -|string -| - - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-token-path]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-token-path[`quarkus.oidc-client."id".token-path`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".token-path+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The OIDC token endpoint that issues access and refresh tokens; specified as a relative path or absolute URL. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__TOKEN_PATH+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__TOKEN_PATH+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-revoke-path]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-revoke-path[`quarkus.oidc-client."id".revoke-path`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".revoke-path+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The relative path or absolute URL of the OIDC token revocation endpoint. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__REVOKE_PATH+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__REVOKE_PATH+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-client-id]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-client-id[`quarkus.oidc-client."id".client-id`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".client-id+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The client id of the application. Each application has a client id that is used to identify the application. Setting the client id is not required if `application-type` is `service` and no token introspection is required. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CLIENT_ID+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CLIENT_ID+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-client-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-client-name[`quarkus.oidc-client."id".client-name`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".client-name+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The client name of the application. It is meant to represent a human readable description of the application which you may provide when an application (client) is registered in an OpenId Connect provider's dashboard. For example, you can set this property to have more informative log messages which record an activity of the given client. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CLIENT_NAME+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CLIENT_NAME+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -h|[[quarkus-oidc-client_section_quarkus-oidc-client-id-credentials]] [.section-name.section-level1]##link:#quarkus-oidc-client_section_quarkus-oidc-client-id-credentials[Different authentication options for OIDC client to access OIDC token and other secured endpoints]## -h|Type -h|Default - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-secret]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-secret[`quarkus.oidc-client."id".credentials.secret`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.secret+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The client secret used by the `client_secret_basic` authentication method. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. You can use `client-secret.value` instead, but both properties are mutually exclusive. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_SECRET+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_SECRET+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-value]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-value[`quarkus.oidc-client."id".credentials.client-secret.value`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.value+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The client secret value. This value is ignored if `credentials.secret` is set. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_VALUE+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_VALUE+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provider-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provider-name[`quarkus.oidc-client."id".credentials.client-secret.provider.name`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.provider.name+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_NAME+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_NAME+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provider-keyring-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provider-keyring-name[`quarkus.oidc-client."id".credentials.client-secret.provider.keyring-name`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.provider.keyring-name+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEYRING_NAME+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEYRING_NAME+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provider-key]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provider-key[`quarkus.oidc-client."id".credentials.client-secret.provider.key`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.provider.key+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The CredentialsProvider client secret key - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEY+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-method]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-method[`quarkus.oidc-client."id".credentials.client-secret.method`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.method+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The authentication method. If the `clientSecret.value` secret is set, this method is `basic` by default. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_METHOD+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_METHOD+++` -endif::add-copy-button-to-env-var[] --- -a|tooltip:basic[`client_secret_basic` (default)\: The client id and secret are submitted with the HTTP Authorization Basic scheme.], tooltip:post[`client_secret_post`\: The client id and secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:post-jwt[`client_secret_jwt`\: The client id and generated JWT secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:query[client id and secret are submitted as HTTP query parameters. This option is only supported by the OIDC extension.] -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-source]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-source[`quarkus.oidc-client."id".credentials.jwt.source`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.source+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -JWT token source: OIDC provider client or an existing JWT bearer token. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SOURCE+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SOURCE+++` -endif::add-copy-button-to-env-var[] --- -a|`client`, `bearer` -|`client` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret[`quarkus.oidc-client."id".credentials.jwt.secret`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -If provided, indicates that JWT is signed using a secret key. It is mutually exclusive with `key`, `key-file` and `key-store` properties. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider-name[`quarkus.oidc-client."id".credentials.jwt.secret-provider.name`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret-provider.name+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_NAME+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_NAME+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider-keyring-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider-keyring-name[`quarkus.oidc-client."id".credentials.jwt.secret-provider.keyring-name`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret-provider.keyring-name+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_KEYRING_NAME+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_KEYRING_NAME+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider-key]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider-key[`quarkus.oidc-client."id".credentials.jwt.secret-provider.key`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret-provider.key+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The CredentialsProvider client secret key - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_KEY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_KEY+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key[`quarkus.oidc-client."id".credentials.jwt.key`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -String representation of a private key. If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key-file` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-file]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-file[`quarkus.oidc-client."id".credentials.jwt.key-file`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-file+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_FILE+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_FILE+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-store-file]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-store-file[`quarkus.oidc-client."id".credentials.jwt.key-store-file`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-store-file+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -If provided, indicates that JWT is signed using a private key from a keystore. It is mutually exclusive with `secret`, `key` and `key-file` properties. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_STORE_FILE+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_STORE_FILE+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-store-password]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-store-password[`quarkus.oidc-client."id".credentials.jwt.key-store-password`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-store-password+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -A parameter to specify the password of the keystore file. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_STORE_PASSWORD+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_STORE_PASSWORD+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-id]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-id[`quarkus.oidc-client."id".credentials.jwt.key-id`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-id+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The private key id or alias. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_ID+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_ID+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-password]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-password[`quarkus.oidc-client."id".credentials.jwt.key-password`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-password+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The private key password. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_PASSWORD+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_PASSWORD+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-audience]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-audience[`quarkus.oidc-client."id".credentials.jwt.audience`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.audience+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The JWT audience (`aud`) claim value. By default, the audience is set to the address of the OpenId Connect Provider's token endpoint. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_AUDIENCE+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_AUDIENCE+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-token-key-id]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-token-key-id[`quarkus.oidc-client."id".credentials.jwt.token-key-id`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.token-key-id+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The key identifier of the signing key added as a JWT `kid` header. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_TOKEN_KEY_ID+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_TOKEN_KEY_ID+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-issuer]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-issuer[`quarkus.oidc-client."id".credentials.jwt.issuer`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.issuer+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The issuer of the signing key added as a JWT `iss` claim. The default value is the client id. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_ISSUER+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_ISSUER+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-subject]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-subject[`quarkus.oidc-client."id".credentials.jwt.subject`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.subject+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Subject of the signing key added as a JWT `sub` claim The default value is the client id. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SUBJECT+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SUBJECT+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-claims-claim-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-claims-claim-name[`quarkus.oidc-client."id".credentials.jwt.claims."claim-name"`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.claims."claim-name"+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Additional claims. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_CLAIMS__CLAIM_NAME_+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_CLAIMS__CLAIM_NAME_+++` -endif::add-copy-button-to-env-var[] --- -|Map -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-signature-algorithm]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-signature-algorithm[`quarkus.oidc-client."id".credentials.jwt.signature-algorithm`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.signature-algorithm+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The signature algorithm used for the `key-file` property. Supported values: `RS256` (default), `RS384`, `RS512`, `PS256`, `PS384`, `PS512`, `ES256`, `ES384`, `ES512`, `HS256`, `HS384`, `HS512`. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SIGNATURE_ALGORITHM+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SIGNATURE_ALGORITHM+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-lifespan]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-lifespan[`quarkus.oidc-client."id".credentials.jwt.lifespan`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.lifespan+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The JWT lifespan in seconds. This value is added to the time at which the JWT was issued to calculate the expiration time. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_LIFESPAN+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_LIFESPAN+++` -endif::add-copy-button-to-env-var[] --- -|int -|`10` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-assertion]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-assertion[`quarkus.oidc-client."id".credentials.jwt.assertion`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.assertion+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -If true then the client authentication token is a JWT bearer grant assertion. Instead of producing 'client_assertion' and 'client_assertion_type' form properties, only 'assertion' is produced. This option is only supported by the OIDC client extension. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_ASSERTION+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_ASSERTION+++` -endif::add-copy-button-to-env-var[] --- -|boolean -|`false` - - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-id]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-id[`quarkus.oidc-client."id".id`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".id+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -A unique OIDC client identifier. It must be set when OIDC clients are created dynamically and is optional in all other cases. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__ID+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__ID+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-client-enabled]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-client-enabled[`quarkus.oidc-client."id".client-enabled`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".client-enabled+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -If this client configuration is enabled. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CLIENT_ENABLED+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CLIENT_ENABLED+++` -endif::add-copy-button-to-env-var[] --- -|boolean -|`true` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-scopes]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-scopes[`quarkus.oidc-client."id".scopes`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".scopes+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -List of access token scopes - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__SCOPES+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__SCOPES+++` -endif::add-copy-button-to-env-var[] --- -|list of string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-refresh-token-time-skew]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-refresh-token-time-skew[`quarkus.oidc-client."id".refresh-token-time-skew`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".refresh-token-time-skew+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Refresh token time skew. If this property is enabled then the configured duration is converted to seconds and is added to the current time when checking whether the access token should be refreshed. If the sum is greater than this access token's expiration time then a refresh is going to happen. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__REFRESH_TOKEN_TIME_SKEW+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__REFRESH_TOKEN_TIME_SKEW+++` -endif::add-copy-button-to-env-var[] --- -|link:https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/time/Duration.html[Duration] link:#duration-note-anchor-quarkus-oidc-client_quarkus-oidc-client[icon:question-circle[title=More information about the Duration format]] -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-access-token-expires-in]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-access-token-expires-in[`quarkus.oidc-client."id".access-token-expires-in`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".access-token-expires-in+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Access token expiration period relative to the current time. This property is only checked when an access token grant response does not include an access token expiration property. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__ACCESS_TOKEN_EXPIRES_IN+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__ACCESS_TOKEN_EXPIRES_IN+++` -endif::add-copy-button-to-env-var[] --- -|link:https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/time/Duration.html[Duration] link:#duration-note-anchor-quarkus-oidc-client_quarkus-oidc-client[icon:question-circle[title=More information about the Duration format]] -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-absolute-expires-in]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-absolute-expires-in[`quarkus.oidc-client."id".absolute-expires-in`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".absolute-expires-in+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -If the access token 'expires_in' property should be checked as an absolute time value as opposed to a duration relative to the current time. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__ABSOLUTE_EXPIRES_IN+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__ABSOLUTE_EXPIRES_IN+++` -endif::add-copy-button-to-env-var[] --- -|boolean -|`false` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-grant-type]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-grant-type[`quarkus.oidc-client."id".grant.type`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".grant.type+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Grant type - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__GRANT_TYPE+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__GRANT_TYPE+++` -endif::add-copy-button-to-env-var[] --- -a|tooltip:client['client_credentials' grant requiring an OIDC client authentication only], tooltip:password['password' grant requiring both OIDC client and user ('username' and 'password') authentications], tooltip:code['authorization_code' grant requiring an OIDC client authentication as well as at least 'code' and 'redirect_uri' parameters which must be passed to OidcClient at the token request time.], tooltip:exchange['urn\:ietf\:params\:oauth\:grant-type\:token-exchange' grant requiring an OIDC client authentication as well as at least 'subject_token' parameter which must be passed to OidcClient at the token request time.], tooltip:jwt['urn\:ietf\:params\:oauth\:grant-type\:jwt-bearer' grant requiring an OIDC client authentication as well as at least an 'assertion' parameter which must be passed to OidcClient at the token request time.], tooltip:refresh['refresh_token' grant requiring an OIDC client authentication and a refresh token. Note, OidcClient supports this grant by default if an access token acquisition response contained a refresh token. However, in some cases, the refresh token is provided out of band, for example, it can be shared between several of the confidential client's services, etc. If 'quarkus.oidc-client.grant-type' is set to 'refresh' then `OidcClient` will only support refreshing the tokens.], tooltip:ciba['urn\:openid\:params\:grant-type\:ciba' grant requiring an OIDC client authentication as well as 'auth_req_id' parameter which must be passed to OidcClient at the token request time.], tooltip:device['urn\:ietf\:params\:oauth\:grant-type\:device_code' grant requiring an OIDC client authentication as well as 'device_code' parameter which must be passed to OidcClient at the token request time.] -|tooltip:client['client_credentials' grant requiring an OIDC client authentication only] - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-grant-access-token-property]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-grant-access-token-property[`quarkus.oidc-client."id".grant.access-token-property`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".grant.access-token-property+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Access token property name in a token grant response - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__GRANT_ACCESS_TOKEN_PROPERTY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__GRANT_ACCESS_TOKEN_PROPERTY+++` -endif::add-copy-button-to-env-var[] --- -|string -|`access_token` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-grant-refresh-token-property]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-grant-refresh-token-property[`quarkus.oidc-client."id".grant.refresh-token-property`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".grant.refresh-token-property+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Refresh token property name in a token grant response - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__GRANT_REFRESH_TOKEN_PROPERTY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__GRANT_REFRESH_TOKEN_PROPERTY+++` -endif::add-copy-button-to-env-var[] --- -|string -|`refresh_token` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-grant-expires-in-property]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-grant-expires-in-property[`quarkus.oidc-client."id".grant.expires-in-property`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".grant.expires-in-property+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Access token expiry property name in a token grant response - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__GRANT_EXPIRES_IN_PROPERTY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__GRANT_EXPIRES_IN_PROPERTY+++` -endif::add-copy-button-to-env-var[] --- -|string -|`expires_in` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-grant-refresh-expires-in-property]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-grant-refresh-expires-in-property[`quarkus.oidc-client."id".grant.refresh-expires-in-property`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".grant.refresh-expires-in-property+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Refresh token expiry property name in a token grant response - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__GRANT_REFRESH_EXPIRES_IN_PROPERTY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__GRANT_REFRESH_EXPIRES_IN_PROPERTY+++` -endif::add-copy-button-to-env-var[] --- -|string -|`refresh_expires_in` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-grant-options-grant-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-grant-options-grant-name[`quarkus.oidc-client."id".grant-options."grant-name"`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".grant-options."grant-name"+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Grant options - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__GRANT_OPTIONS__GRANT_NAME_+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__GRANT_OPTIONS__GRANT_NAME_+++` -endif::add-copy-button-to-env-var[] --- -|Map> -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-early-tokens-acquisition]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-early-tokens-acquisition[`quarkus.oidc-client."id".early-tokens-acquisition`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".early-tokens-acquisition+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Requires that all filters which use 'OidcClient' acquire the tokens at the post-construct initialization time, possibly long before these tokens are used. This property should be disabled if the access token may expire before it is used for the first time and no refresh token is available. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__EARLY_TOKENS_ACQUISITION+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__EARLY_TOKENS_ACQUISITION+++` -endif::add-copy-button-to-env-var[] --- -|boolean -|`true` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-headers-headers]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-headers-headers[`quarkus.oidc-client."id".headers."headers"`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".headers."headers"+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Custom HTTP headers which have to be sent to the token endpoint - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__HEADERS__HEADERS_+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__HEADERS__HEADERS_+++` -endif::add-copy-button-to-env-var[] --- -|Map -| - - |=== ifndef::no-duration-note[] diff --git a/_generated-doc/main/config/quarkus-oidc-client_quarkus.oidc-client.adoc b/_generated-doc/main/config/quarkus-oidc-client_quarkus.oidc-client.adoc index 3717e29c8a7..05190c12bc4 100644 --- a/_generated-doc/main/config/quarkus-oidc-client_quarkus.oidc-client.adoc +++ b/_generated-doc/main/config/quarkus-oidc-client_quarkus.oidc-client.adoc @@ -34,6 +34,11 @@ config_property_copy_button:+++quarkus.oidc-client.auth-server-url+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".auth-server-url` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".auth-server-url+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. @@ -55,6 +60,11 @@ config_property_copy_button:+++quarkus.oidc-client.discovery-enabled+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".discovery-enabled` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".discovery-enabled+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. @@ -76,6 +86,11 @@ config_property_copy_button:+++quarkus.oidc-client.registration-path+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".registration-path` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".registration-path+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. @@ -97,6 +112,11 @@ config_property_copy_button:+++quarkus.oidc-client.connection-delay+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".connection-delay` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".connection-delay+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. @@ -118,6 +138,11 @@ config_property_copy_button:+++quarkus.oidc-client.connection-retry-count+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".connection-retry-count` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".connection-retry-count+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. @@ -139,6 +164,11 @@ config_property_copy_button:+++quarkus.oidc-client.connection-timeout+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".connection-timeout` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".connection-timeout+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The number of seconds after which the current OIDC connection request times out. @@ -160,6 +190,11 @@ config_property_copy_button:+++quarkus.oidc-client.use-blocking-dns-lookup+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".use-blocking-dns-lookup` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".use-blocking-dns-lookup+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. @@ -181,6 +216,11 @@ config_property_copy_button:+++quarkus.oidc-client.max-pool-size+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".max-pool-size` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".max-pool-size+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The maximum size of the connection pool used by the WebClient. @@ -202,6 +242,11 @@ config_property_copy_button:+++quarkus.oidc-client.follow-redirects+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".follow-redirects` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".follow-redirects+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. @@ -223,6 +268,11 @@ config_property_copy_button:+++quarkus.oidc-client.token-path+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".token-path` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".token-path+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The OIDC token endpoint that issues access and refresh tokens; specified as a relative path or absolute URL. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. @@ -244,6 +294,11 @@ config_property_copy_button:+++quarkus.oidc-client.revoke-path+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".revoke-path` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".revoke-path+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The relative path or absolute URL of the OIDC token revocation endpoint. @@ -265,6 +320,11 @@ config_property_copy_button:+++quarkus.oidc-client.client-id+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".client-id` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".client-id+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The client id of the application. Each application has a client id that is used to identify the application. Setting the client id is not required if `application-type` is `service` and no token introspection is required. @@ -286,6 +346,11 @@ config_property_copy_button:+++quarkus.oidc-client.client-name+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".client-name` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".client-name+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The client name of the application. It is meant to represent a human readable description of the application which you may provide when an application (client) is registered in an OpenId Connect provider's dashboard. For example, you can set this property to have more informative log messages which record an activity of the given client. @@ -307,6 +372,11 @@ config_property_copy_button:+++quarkus.oidc-client.id+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".id` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".id+++[] +endif::add-copy-button-to-config-props[] + [.description] -- A unique OIDC client identifier. It must be set when OIDC clients are created dynamically and is optional in all other cases. @@ -328,6 +398,11 @@ config_property_copy_button:+++quarkus.oidc-client.client-enabled+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".client-enabled` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".client-enabled+++[] +endif::add-copy-button-to-config-props[] + [.description] -- If this client configuration is enabled. @@ -349,6 +424,11 @@ config_property_copy_button:+++quarkus.oidc-client.scopes+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".scopes` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".scopes+++[] +endif::add-copy-button-to-config-props[] + [.description] -- List of access token scopes @@ -370,6 +450,11 @@ config_property_copy_button:+++quarkus.oidc-client.refresh-token-time-skew+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".refresh-token-time-skew` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".refresh-token-time-skew+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Refresh token time skew. If this property is enabled then the configured duration is converted to seconds and is added to the current time when checking whether the access token should be refreshed. If the sum is greater than this access token's expiration time then a refresh is going to happen. @@ -391,6 +476,11 @@ config_property_copy_button:+++quarkus.oidc-client.access-token-expires-in+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".access-token-expires-in` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".access-token-expires-in+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Access token expiration period relative to the current time. This property is only checked when an access token grant response does not include an access token expiration property. @@ -412,6 +502,11 @@ config_property_copy_button:+++quarkus.oidc-client.absolute-expires-in+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".absolute-expires-in` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".absolute-expires-in+++[] +endif::add-copy-button-to-config-props[] + [.description] -- If the access token 'expires_in' property should be checked as an absolute time value as opposed to a duration relative to the current time. @@ -433,6 +528,11 @@ config_property_copy_button:+++quarkus.oidc-client.grant.type+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".grant.type` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".grant.type+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Grant type @@ -454,6 +554,11 @@ config_property_copy_button:+++quarkus.oidc-client.grant.access-token-property++ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".grant.access-token-property` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".grant.access-token-property+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Access token property name in a token grant response @@ -475,6 +580,11 @@ config_property_copy_button:+++quarkus.oidc-client.grant.refresh-token-property+ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".grant.refresh-token-property` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".grant.refresh-token-property+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Refresh token property name in a token grant response @@ -496,6 +606,11 @@ config_property_copy_button:+++quarkus.oidc-client.grant.expires-in-property+++[ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".grant.expires-in-property` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".grant.expires-in-property+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Access token expiry property name in a token grant response @@ -517,6 +632,11 @@ config_property_copy_button:+++quarkus.oidc-client.grant.refresh-expires-in-prop endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".grant.refresh-expires-in-property` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".grant.refresh-expires-in-property+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Refresh token expiry property name in a token grant response @@ -538,6 +658,11 @@ config_property_copy_button:+++quarkus.oidc-client.grant-options."grant-name"+++ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".grant-options."grant-name"` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".grant-options."grant-name"+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Grant options @@ -559,6 +684,11 @@ config_property_copy_button:+++quarkus.oidc-client.early-tokens-acquisition+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".early-tokens-acquisition` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".early-tokens-acquisition+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Requires that all filters which use 'OidcClient' acquire the tokens at the post-construct initialization time, possibly long before these tokens are used. This property should be disabled if the access token may expire before it is used for the first time and no refresh token is available. @@ -580,6 +710,11 @@ config_property_copy_button:+++quarkus.oidc-client.headers."headers"+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".headers."headers"` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".headers."headers"+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Custom HTTP headers which have to be sent to the token endpoint @@ -605,6 +740,11 @@ config_property_copy_button:+++quarkus.oidc-client.proxy.host+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".proxy.host` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".proxy.host+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The host name or IP address of the Proxy. + @@ -627,6 +767,11 @@ config_property_copy_button:+++quarkus.oidc-client.proxy.port+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".proxy.port` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".proxy.port+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The port number of the Proxy. The default value is `80`. @@ -648,6 +793,11 @@ config_property_copy_button:+++quarkus.oidc-client.proxy.username+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".proxy.username` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".proxy.username+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The username, if the Proxy needs authentication. @@ -669,6 +819,11 @@ config_property_copy_button:+++quarkus.oidc-client.proxy.password+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".proxy.password` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".proxy.password+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The password, if the Proxy needs authentication. @@ -695,6 +850,11 @@ config_property_copy_button:+++quarkus.oidc-client.tls.tls-configuration-name+++ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".tls.tls-configuration-name` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".tls.tls-configuration-name+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The name of the TLS configuration to use. @@ -725,6 +885,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.secret+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.secret` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.secret+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The client secret used by the `client_secret_basic` authentication method. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. You can use `client-secret.value` instead, but both properties are mutually exclusive. @@ -746,6 +911,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.client-secret.val endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.client-secret.value` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.value+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The client secret value. This value is ignored if `credentials.secret` is set. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. @@ -767,6 +937,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.client-secret.pro endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.client-secret.provider.name` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.provider.name+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered @@ -788,6 +963,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.client-secret.pro endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.client-secret.provider.keyring-name` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.provider.keyring-name+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager @@ -809,6 +989,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.client-secret.pro endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.client-secret.provider.key` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.provider.key+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The CredentialsProvider client secret key @@ -830,6 +1015,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.client-secret.met endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.client-secret.method` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.method+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The authentication method. If the `clientSecret.value` secret is set, this method is `basic` by default. @@ -851,6 +1041,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.source+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.source` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.source+++[] +endif::add-copy-button-to-config-props[] + [.description] -- JWT token source: OIDC provider client or an existing JWT bearer token. @@ -872,6 +1067,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.secret+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.secret` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret+++[] +endif::add-copy-button-to-config-props[] + [.description] -- If provided, indicates that JWT is signed using a secret key. It is mutually exclusive with `key`, `key-file` and `key-store` properties. @@ -893,6 +1093,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.secret-provid endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.secret-provider.name` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret-provider.name+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered @@ -914,6 +1119,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.secret-provid endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.secret-provider.keyring-name` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret-provider.keyring-name+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager @@ -935,6 +1145,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.secret-provid endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.secret-provider.key` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret-provider.key+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The CredentialsProvider client secret key @@ -956,6 +1171,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.key+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.key` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key+++[] +endif::add-copy-button-to-config-props[] + [.description] -- String representation of a private key. If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key-file` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. @@ -977,6 +1197,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.key-file+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.key-file` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-file+++[] +endif::add-copy-button-to-config-props[] + [.description] -- If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. @@ -998,6 +1223,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.key-store-fil endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.key-store-file` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-store-file+++[] +endif::add-copy-button-to-config-props[] + [.description] -- If provided, indicates that JWT is signed using a private key from a keystore. It is mutually exclusive with `secret`, `key` and `key-file` properties. @@ -1019,6 +1249,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.key-store-pas endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.key-store-password` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-store-password+++[] +endif::add-copy-button-to-config-props[] + [.description] -- A parameter to specify the password of the keystore file. @@ -1040,6 +1275,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.key-id+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.key-id` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-id+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The private key id or alias. @@ -1061,6 +1301,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.key-password+ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.key-password` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-password+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The private key password. @@ -1082,6 +1327,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.audience+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.audience` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.audience+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The JWT audience (`aud`) claim value. By default, the audience is set to the address of the OpenId Connect Provider's token endpoint. @@ -1103,6 +1353,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.token-key-id+ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.token-key-id` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.token-key-id+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The key identifier of the signing key added as a JWT `kid` header. @@ -1124,6 +1379,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.issuer+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.issuer` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.issuer+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The issuer of the signing key added as a JWT `iss` claim. The default value is the client id. @@ -1145,6 +1405,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.subject+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.subject` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.subject+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Subject of the signing key added as a JWT `sub` claim The default value is the client id. @@ -1166,6 +1431,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.claims."claim endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.claims."claim-name"` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.claims."claim-name"+++[] +endif::add-copy-button-to-config-props[] + [.description] -- Additional claims. @@ -1187,6 +1457,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.signature-alg endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.signature-algorithm` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.signature-algorithm+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The signature algorithm used for the `key-file` property. Supported values: `RS256` (default), `RS384`, `RS512`, `PS256`, `PS384`, `PS512`, `ES256`, `ES384`, `ES512`, `HS256`, `HS384`, `HS512`. @@ -1208,6 +1483,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.lifespan+++[] endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.lifespan` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.lifespan+++[] +endif::add-copy-button-to-config-props[] + [.description] -- The JWT lifespan in seconds. This value is added to the time at which the JWT was issued to calculate the expiration time. @@ -1229,6 +1509,11 @@ config_property_copy_button:+++quarkus.oidc-client.credentials.jwt.assertion+++[ endif::add-copy-button-to-config-props[] +`quarkus.oidc-client."id".credentials.jwt.assertion` +ifdef::add-copy-button-to-config-props[] +config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.assertion+++[] +endif::add-copy-button-to-config-props[] + [.description] -- If true then the client authentication token is a JWT bearer grant assertion. Instead of producing 'client_assertion' and 'client_assertion_type' form properties, only 'assertion' is produced. This option is only supported by the OIDC client extension. @@ -1245,1228 +1530,6 @@ endif::add-copy-button-to-env-var[] |`false` -h|[[quarkus-oidc-client_section_quarkus-oidc-client]] [.section-name.section-level0]##link:#quarkus-oidc-client_section_quarkus-oidc-client[Additional named clients]## -h|Type -h|Default - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-auth-server-url]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-auth-server-url[`quarkus.oidc-client."id".auth-server-url`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".auth-server-url+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The base URL of the OpenID Connect (OIDC) server, for example, `https://host:port/auth`. Do not set this property if you use 'quarkus-oidc' and the public key verification (`public-key`) or certificate chain verification only (`certificate-chain`) is required. The OIDC discovery endpoint is called by default by appending a `.well-known/openid-configuration` path to this URL. For Keycloak, use `https://host:port/realms/++{++realm++}++`, replacing `++{++realm++}++` with the Keycloak realm name. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__AUTH_SERVER_URL+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__AUTH_SERVER_URL+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-discovery-enabled]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-discovery-enabled[`quarkus.oidc-client."id".discovery-enabled`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".discovery-enabled+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Discovery of the OIDC endpoints. If not enabled, you must configure the OIDC endpoint URLs individually. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__DISCOVERY_ENABLED+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__DISCOVERY_ENABLED+++` -endif::add-copy-button-to-env-var[] --- -|boolean -|`true` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-registration-path]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-registration-path[`quarkus.oidc-client."id".registration-path`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".registration-path+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The relative path or absolute URL of the OIDC dynamic client registration endpoint. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__REGISTRATION_PATH+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__REGISTRATION_PATH+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-connection-delay]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-connection-delay[`quarkus.oidc-client."id".connection-delay`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".connection-delay+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The duration to attempt the initial connection to an OIDC server. For example, setting the duration to `20S` allows 10 retries, each 2 seconds apart. This property is only effective when the initial OIDC connection is created. For dropped connections, use the `connection-retry-count` property instead. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_DELAY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_DELAY+++` -endif::add-copy-button-to-env-var[] --- -|link:https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/time/Duration.html[Duration] link:#duration-note-anchor-quarkus-oidc-client_quarkus-oidc-client[icon:question-circle[title=More information about the Duration format]] -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-connection-retry-count]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-connection-retry-count[`quarkus.oidc-client."id".connection-retry-count`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".connection-retry-count+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The number of times to retry re-establishing an existing OIDC connection if it is temporarily lost. Different from `connection-delay`, which applies only to initial connection attempts. For instance, if a request to the OIDC token endpoint fails due to a connection issue, it will be retried as per this setting. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_RETRY_COUNT+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_RETRY_COUNT+++` -endif::add-copy-button-to-env-var[] --- -|int -|`3` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-connection-timeout]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-connection-timeout[`quarkus.oidc-client."id".connection-timeout`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".connection-timeout+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The number of seconds after which the current OIDC connection request times out. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_TIMEOUT+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CONNECTION_TIMEOUT+++` -endif::add-copy-button-to-env-var[] --- -|link:https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/time/Duration.html[Duration] link:#duration-note-anchor-quarkus-oidc-client_quarkus-oidc-client[icon:question-circle[title=More information about the Duration format]] -|`10S` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-use-blocking-dns-lookup]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-use-blocking-dns-lookup[`quarkus.oidc-client."id".use-blocking-dns-lookup`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".use-blocking-dns-lookup+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Whether DNS lookup should be performed on the worker thread. Use this option when you can see logged warnings about blocked Vert.x event loop by HTTP requests to OIDC server. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__USE_BLOCKING_DNS_LOOKUP+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__USE_BLOCKING_DNS_LOOKUP+++` -endif::add-copy-button-to-env-var[] --- -|boolean -|`false` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-max-pool-size]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-max-pool-size[`quarkus.oidc-client."id".max-pool-size`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".max-pool-size+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The maximum size of the connection pool used by the WebClient. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__MAX_POOL_SIZE+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__MAX_POOL_SIZE+++` -endif::add-copy-button-to-env-var[] --- -|int -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-follow-redirects]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-follow-redirects[`quarkus.oidc-client."id".follow-redirects`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".follow-redirects+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Follow redirects automatically when WebClient gets HTTP 302. When this property is disabled only a single redirect to exactly the same original URI is allowed but only if one or more cookies were set during the redirect request. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__FOLLOW_REDIRECTS+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__FOLLOW_REDIRECTS+++` -endif::add-copy-button-to-env-var[] --- -|boolean -|`true` - -h|[[quarkus-oidc-client_section_quarkus-oidc-client-id-proxy]] [.section-name.section-level1]##link:#quarkus-oidc-client_section_quarkus-oidc-client-id-proxy[HTTP proxy configuration]## -h|Type -h|Default - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-host]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-proxy-host[`quarkus.oidc-client."id".proxy.host`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".proxy.host+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The host name or IP address of the Proxy. + -Note: If the OIDC adapter requires a Proxy to talk with the OIDC server (Provider), set this value to enable the usage of a Proxy. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_HOST+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__PROXY_HOST+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-port]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-proxy-port[`quarkus.oidc-client."id".proxy.port`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".proxy.port+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The port number of the Proxy. The default value is `80`. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_PORT+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__PROXY_PORT+++` -endif::add-copy-button-to-env-var[] --- -|int -|`80` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-username]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-proxy-username[`quarkus.oidc-client."id".proxy.username`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".proxy.username+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The username, if the Proxy needs authentication. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_USERNAME+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__PROXY_USERNAME+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-proxy-password]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-proxy-password[`quarkus.oidc-client."id".proxy.password`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".proxy.password+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The password, if the Proxy needs authentication. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__PROXY_PASSWORD+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__PROXY_PASSWORD+++` -endif::add-copy-button-to-env-var[] --- -|string -| - - -h|[[quarkus-oidc-client_section_quarkus-oidc-client-id-tls]] [.section-name.section-level1]##link:#quarkus-oidc-client_section_quarkus-oidc-client-id-tls[TLS configuration]## -h|Type -h|Default - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-tls-tls-configuration-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-tls-tls-configuration-name[`quarkus.oidc-client."id".tls.tls-configuration-name`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".tls.tls-configuration-name+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The name of the TLS configuration to use. - -If a name is configured, it uses the configuration from `quarkus.tls..++*++` If a name is configured, but no TLS configuration is found with that name then an error will be thrown. - -The default TLS configuration is *not* used by default. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__TLS_TLS_CONFIGURATION_NAME+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__TLS_TLS_CONFIGURATION_NAME+++` -endif::add-copy-button-to-env-var[] --- -|string -| - - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-token-path]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-token-path[`quarkus.oidc-client."id".token-path`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".token-path+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The OIDC token endpoint that issues access and refresh tokens; specified as a relative path or absolute URL. Set if `discovery-enabled` is `false` or a discovered token endpoint path must be customized. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__TOKEN_PATH+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__TOKEN_PATH+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-revoke-path]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-revoke-path[`quarkus.oidc-client."id".revoke-path`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".revoke-path+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The relative path or absolute URL of the OIDC token revocation endpoint. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__REVOKE_PATH+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__REVOKE_PATH+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-client-id]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-client-id[`quarkus.oidc-client."id".client-id`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".client-id+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The client id of the application. Each application has a client id that is used to identify the application. Setting the client id is not required if `application-type` is `service` and no token introspection is required. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CLIENT_ID+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CLIENT_ID+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-client-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-client-name[`quarkus.oidc-client."id".client-name`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".client-name+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The client name of the application. It is meant to represent a human readable description of the application which you may provide when an application (client) is registered in an OpenId Connect provider's dashboard. For example, you can set this property to have more informative log messages which record an activity of the given client. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CLIENT_NAME+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CLIENT_NAME+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -h|[[quarkus-oidc-client_section_quarkus-oidc-client-id-credentials]] [.section-name.section-level1]##link:#quarkus-oidc-client_section_quarkus-oidc-client-id-credentials[Different authentication options for OIDC client to access OIDC token and other secured endpoints]## -h|Type -h|Default - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-secret]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-secret[`quarkus.oidc-client."id".credentials.secret`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.secret+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The client secret used by the `client_secret_basic` authentication method. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. You can use `client-secret.value` instead, but both properties are mutually exclusive. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_SECRET+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_SECRET+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-value]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-value[`quarkus.oidc-client."id".credentials.client-secret.value`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.value+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The client secret value. This value is ignored if `credentials.secret` is set. Must be set unless a secret is set in `client-secret` or `jwt` client authentication is required. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_VALUE+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_VALUE+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provider-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provider-name[`quarkus.oidc-client."id".credentials.client-secret.provider.name`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.provider.name+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_NAME+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_NAME+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provider-keyring-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provider-keyring-name[`quarkus.oidc-client."id".credentials.client-secret.provider.keyring-name`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.provider.keyring-name+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEYRING_NAME+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEYRING_NAME+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provider-key]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-provider-key[`quarkus.oidc-client."id".credentials.client-secret.provider.key`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.provider.key+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The CredentialsProvider client secret key - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_PROVIDER_KEY+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-method]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-client-secret-method[`quarkus.oidc-client."id".credentials.client-secret.method`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.client-secret.method+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The authentication method. If the `clientSecret.value` secret is set, this method is `basic` by default. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_METHOD+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_CLIENT_SECRET_METHOD+++` -endif::add-copy-button-to-env-var[] --- -a|tooltip:basic[`client_secret_basic` (default)\: The client id and secret are submitted with the HTTP Authorization Basic scheme.], tooltip:post[`client_secret_post`\: The client id and secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:post-jwt[`client_secret_jwt`\: The client id and generated JWT secret are submitted as the `client_id` and `client_secret` form parameters.], tooltip:query[client id and secret are submitted as HTTP query parameters. This option is only supported by the OIDC extension.] -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-source]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-source[`quarkus.oidc-client."id".credentials.jwt.source`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.source+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -JWT token source: OIDC provider client or an existing JWT bearer token. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SOURCE+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SOURCE+++` -endif::add-copy-button-to-env-var[] --- -a|`client`, `bearer` -|`client` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret[`quarkus.oidc-client."id".credentials.jwt.secret`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -If provided, indicates that JWT is signed using a secret key. It is mutually exclusive with `key`, `key-file` and `key-store` properties. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider-name[`quarkus.oidc-client."id".credentials.jwt.secret-provider.name`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret-provider.name+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The CredentialsProvider bean name, which should only be set if more than one CredentialsProvider is registered - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_NAME+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_NAME+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider-keyring-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider-keyring-name[`quarkus.oidc-client."id".credentials.jwt.secret-provider.keyring-name`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret-provider.keyring-name+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The CredentialsProvider keyring name. The keyring name is only required when the CredentialsProvider being used requires the keyring name to look up the secret, which is often the case when a CredentialsProvider is shared by multiple extensions to retrieve credentials from a more dynamic source like a vault instance or secret manager - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_KEYRING_NAME+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_KEYRING_NAME+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider-key]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-secret-provider-key[`quarkus.oidc-client."id".credentials.jwt.secret-provider.key`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.secret-provider.key+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The CredentialsProvider client secret key - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_KEY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SECRET_PROVIDER_KEY+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key[`quarkus.oidc-client."id".credentials.jwt.key`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -String representation of a private key. If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key-file` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-file]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-file[`quarkus.oidc-client."id".credentials.jwt.key-file`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-file+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -If provided, indicates that JWT is signed using a private key in PEM or JWK format. It is mutually exclusive with `secret`, `key` and `key-store` properties. You can use the `signature-algorithm` property to override the default key algorithm, `RS256`. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_FILE+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_FILE+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-store-file]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-store-file[`quarkus.oidc-client."id".credentials.jwt.key-store-file`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-store-file+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -If provided, indicates that JWT is signed using a private key from a keystore. It is mutually exclusive with `secret`, `key` and `key-file` properties. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_STORE_FILE+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_STORE_FILE+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-store-password]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-store-password[`quarkus.oidc-client."id".credentials.jwt.key-store-password`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-store-password+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -A parameter to specify the password of the keystore file. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_STORE_PASSWORD+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_STORE_PASSWORD+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-id]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-id[`quarkus.oidc-client."id".credentials.jwt.key-id`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-id+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The private key id or alias. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_ID+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_ID+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-password]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-key-password[`quarkus.oidc-client."id".credentials.jwt.key-password`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.key-password+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The private key password. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_PASSWORD+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_KEY_PASSWORD+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-audience]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-audience[`quarkus.oidc-client."id".credentials.jwt.audience`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.audience+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The JWT audience (`aud`) claim value. By default, the audience is set to the address of the OpenId Connect Provider's token endpoint. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_AUDIENCE+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_AUDIENCE+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-token-key-id]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-token-key-id[`quarkus.oidc-client."id".credentials.jwt.token-key-id`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.token-key-id+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The key identifier of the signing key added as a JWT `kid` header. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_TOKEN_KEY_ID+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_TOKEN_KEY_ID+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-issuer]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-issuer[`quarkus.oidc-client."id".credentials.jwt.issuer`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.issuer+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The issuer of the signing key added as a JWT `iss` claim. The default value is the client id. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_ISSUER+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_ISSUER+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-subject]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-subject[`quarkus.oidc-client."id".credentials.jwt.subject`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.subject+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Subject of the signing key added as a JWT `sub` claim The default value is the client id. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SUBJECT+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SUBJECT+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-claims-claim-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-claims-claim-name[`quarkus.oidc-client."id".credentials.jwt.claims."claim-name"`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.claims."claim-name"+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Additional claims. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_CLAIMS__CLAIM_NAME_+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_CLAIMS__CLAIM_NAME_+++` -endif::add-copy-button-to-env-var[] --- -|Map -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-signature-algorithm]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-signature-algorithm[`quarkus.oidc-client."id".credentials.jwt.signature-algorithm`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.signature-algorithm+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The signature algorithm used for the `key-file` property. Supported values: `RS256` (default), `RS384`, `RS512`, `PS256`, `PS384`, `PS512`, `ES256`, `ES384`, `ES512`, `HS256`, `HS384`, `HS512`. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SIGNATURE_ALGORITHM+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_SIGNATURE_ALGORITHM+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-lifespan]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-lifespan[`quarkus.oidc-client."id".credentials.jwt.lifespan`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.lifespan+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -The JWT lifespan in seconds. This value is added to the time at which the JWT was issued to calculate the expiration time. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_LIFESPAN+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_LIFESPAN+++` -endif::add-copy-button-to-env-var[] --- -|int -|`10` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-assertion]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-credentials-jwt-assertion[`quarkus.oidc-client."id".credentials.jwt.assertion`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".credentials.jwt.assertion+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -If true then the client authentication token is a JWT bearer grant assertion. Instead of producing 'client_assertion' and 'client_assertion_type' form properties, only 'assertion' is produced. This option is only supported by the OIDC client extension. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_ASSERTION+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CREDENTIALS_JWT_ASSERTION+++` -endif::add-copy-button-to-env-var[] --- -|boolean -|`false` - - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-id]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-id[`quarkus.oidc-client."id".id`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".id+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -A unique OIDC client identifier. It must be set when OIDC clients are created dynamically and is optional in all other cases. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__ID+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__ID+++` -endif::add-copy-button-to-env-var[] --- -|string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-client-enabled]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-client-enabled[`quarkus.oidc-client."id".client-enabled`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".client-enabled+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -If this client configuration is enabled. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__CLIENT_ENABLED+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__CLIENT_ENABLED+++` -endif::add-copy-button-to-env-var[] --- -|boolean -|`true` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-scopes]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-scopes[`quarkus.oidc-client."id".scopes`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".scopes+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -List of access token scopes - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__SCOPES+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__SCOPES+++` -endif::add-copy-button-to-env-var[] --- -|list of string -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-refresh-token-time-skew]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-refresh-token-time-skew[`quarkus.oidc-client."id".refresh-token-time-skew`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".refresh-token-time-skew+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Refresh token time skew. If this property is enabled then the configured duration is converted to seconds and is added to the current time when checking whether the access token should be refreshed. If the sum is greater than this access token's expiration time then a refresh is going to happen. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__REFRESH_TOKEN_TIME_SKEW+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__REFRESH_TOKEN_TIME_SKEW+++` -endif::add-copy-button-to-env-var[] --- -|link:https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/time/Duration.html[Duration] link:#duration-note-anchor-quarkus-oidc-client_quarkus-oidc-client[icon:question-circle[title=More information about the Duration format]] -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-access-token-expires-in]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-access-token-expires-in[`quarkus.oidc-client."id".access-token-expires-in`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".access-token-expires-in+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Access token expiration period relative to the current time. This property is only checked when an access token grant response does not include an access token expiration property. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__ACCESS_TOKEN_EXPIRES_IN+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__ACCESS_TOKEN_EXPIRES_IN+++` -endif::add-copy-button-to-env-var[] --- -|link:https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/time/Duration.html[Duration] link:#duration-note-anchor-quarkus-oidc-client_quarkus-oidc-client[icon:question-circle[title=More information about the Duration format]] -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-absolute-expires-in]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-absolute-expires-in[`quarkus.oidc-client."id".absolute-expires-in`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".absolute-expires-in+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -If the access token 'expires_in' property should be checked as an absolute time value as opposed to a duration relative to the current time. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__ABSOLUTE_EXPIRES_IN+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__ABSOLUTE_EXPIRES_IN+++` -endif::add-copy-button-to-env-var[] --- -|boolean -|`false` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-grant-type]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-grant-type[`quarkus.oidc-client."id".grant.type`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".grant.type+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Grant type - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__GRANT_TYPE+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__GRANT_TYPE+++` -endif::add-copy-button-to-env-var[] --- -a|tooltip:client['client_credentials' grant requiring an OIDC client authentication only], tooltip:password['password' grant requiring both OIDC client and user ('username' and 'password') authentications], tooltip:code['authorization_code' grant requiring an OIDC client authentication as well as at least 'code' and 'redirect_uri' parameters which must be passed to OidcClient at the token request time.], tooltip:exchange['urn\:ietf\:params\:oauth\:grant-type\:token-exchange' grant requiring an OIDC client authentication as well as at least 'subject_token' parameter which must be passed to OidcClient at the token request time.], tooltip:jwt['urn\:ietf\:params\:oauth\:grant-type\:jwt-bearer' grant requiring an OIDC client authentication as well as at least an 'assertion' parameter which must be passed to OidcClient at the token request time.], tooltip:refresh['refresh_token' grant requiring an OIDC client authentication and a refresh token. Note, OidcClient supports this grant by default if an access token acquisition response contained a refresh token. However, in some cases, the refresh token is provided out of band, for example, it can be shared between several of the confidential client's services, etc. If 'quarkus.oidc-client.grant-type' is set to 'refresh' then `OidcClient` will only support refreshing the tokens.], tooltip:ciba['urn\:openid\:params\:grant-type\:ciba' grant requiring an OIDC client authentication as well as 'auth_req_id' parameter which must be passed to OidcClient at the token request time.], tooltip:device['urn\:ietf\:params\:oauth\:grant-type\:device_code' grant requiring an OIDC client authentication as well as 'device_code' parameter which must be passed to OidcClient at the token request time.] -|tooltip:client['client_credentials' grant requiring an OIDC client authentication only] - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-grant-access-token-property]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-grant-access-token-property[`quarkus.oidc-client."id".grant.access-token-property`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".grant.access-token-property+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Access token property name in a token grant response - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__GRANT_ACCESS_TOKEN_PROPERTY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__GRANT_ACCESS_TOKEN_PROPERTY+++` -endif::add-copy-button-to-env-var[] --- -|string -|`access_token` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-grant-refresh-token-property]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-grant-refresh-token-property[`quarkus.oidc-client."id".grant.refresh-token-property`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".grant.refresh-token-property+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Refresh token property name in a token grant response - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__GRANT_REFRESH_TOKEN_PROPERTY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__GRANT_REFRESH_TOKEN_PROPERTY+++` -endif::add-copy-button-to-env-var[] --- -|string -|`refresh_token` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-grant-expires-in-property]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-grant-expires-in-property[`quarkus.oidc-client."id".grant.expires-in-property`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".grant.expires-in-property+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Access token expiry property name in a token grant response - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__GRANT_EXPIRES_IN_PROPERTY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__GRANT_EXPIRES_IN_PROPERTY+++` -endif::add-copy-button-to-env-var[] --- -|string -|`expires_in` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-grant-refresh-expires-in-property]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-grant-refresh-expires-in-property[`quarkus.oidc-client."id".grant.refresh-expires-in-property`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".grant.refresh-expires-in-property+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Refresh token expiry property name in a token grant response - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__GRANT_REFRESH_EXPIRES_IN_PROPERTY+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__GRANT_REFRESH_EXPIRES_IN_PROPERTY+++` -endif::add-copy-button-to-env-var[] --- -|string -|`refresh_expires_in` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-grant-options-grant-name]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-grant-options-grant-name[`quarkus.oidc-client."id".grant-options."grant-name"`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".grant-options."grant-name"+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Grant options - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__GRANT_OPTIONS__GRANT_NAME_+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__GRANT_OPTIONS__GRANT_NAME_+++` -endif::add-copy-button-to-env-var[] --- -|Map> -| - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-early-tokens-acquisition]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-early-tokens-acquisition[`quarkus.oidc-client."id".early-tokens-acquisition`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".early-tokens-acquisition+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Requires that all filters which use 'OidcClient' acquire the tokens at the post-construct initialization time, possibly long before these tokens are used. This property should be disabled if the access token may expire before it is used for the first time and no refresh token is available. - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__EARLY_TOKENS_ACQUISITION+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__EARLY_TOKENS_ACQUISITION+++` -endif::add-copy-button-to-env-var[] --- -|boolean -|`true` - -a| [[quarkus-oidc-client_quarkus-oidc-client-id-headers-headers]] [.property-path]##link:#quarkus-oidc-client_quarkus-oidc-client-id-headers-headers[`quarkus.oidc-client."id".headers."headers"`]## -ifdef::add-copy-button-to-config-props[] -config_property_copy_button:+++quarkus.oidc-client."id".headers."headers"+++[] -endif::add-copy-button-to-config-props[] - - -[.description] --- -Custom HTTP headers which have to be sent to the token endpoint - - -ifdef::add-copy-button-to-env-var[] -Environment variable: env_var_with_copy_button:+++QUARKUS_OIDC_CLIENT__ID__HEADERS__HEADERS_+++[] -endif::add-copy-button-to-env-var[] -ifndef::add-copy-button-to-env-var[] -Environment variable: `+++QUARKUS_OIDC_CLIENT__ID__HEADERS__HEADERS_+++` -endif::add-copy-button-to-env-var[] --- -|Map -| - - |=== ifndef::no-duration-note[] diff --git a/_versions/main/guides/hibernate-search-orm-elasticsearch.adoc b/_versions/main/guides/hibernate-search-orm-elasticsearch.adoc index 674de2b0c92..c856125afe8 100644 --- a/_versions/main/guides/hibernate-search-orm-elasticsearch.adoc +++ b/_versions/main/guides/hibernate-search-orm-elasticsearch.adoc @@ -627,32 +627,29 @@ Edit `src/main/resources/application.properties` and inject the following config [source,properties] ---- -quarkus.ssl.native=false <1> +quarkus.datasource.db-kind=postgresql <1> -quarkus.datasource.db-kind=postgresql <2> +quarkus.hibernate-orm.sql-load-script=import.sql <2> -quarkus.hibernate-orm.sql-load-script=import.sql <3> +quarkus.hibernate-search-orm.elasticsearch.version=8 <3> +quarkus.hibernate-search-orm.indexing.plan.synchronization.strategy=sync <4> -quarkus.hibernate-search-orm.elasticsearch.version=8 <4> -quarkus.hibernate-search-orm.indexing.plan.synchronization.strategy=sync <5> - -%prod.quarkus.datasource.jdbc.url=jdbc:postgresql://localhost/quarkus_test <6> +%prod.quarkus.datasource.jdbc.url=jdbc:postgresql://localhost/quarkus_test %prod.quarkus.datasource.username=quarkus_test %prod.quarkus.datasource.password=quarkus_test %prod.quarkus.hibernate-orm.database.generation=create -%prod.quarkus.hibernate-search-orm.elasticsearch.hosts=localhost:9200 <6> +%prod.quarkus.hibernate-search-orm.elasticsearch.hosts=localhost:9200 <5> ---- -<1> We won't use SSL, so we disable it to have a more compact native executable. -<2> Let's create a PostgreSQL datasource. -<3> We load some initial data on startup (see <>). -<4> We need to tell Hibernate Search about the version of Elasticsearch we will use. +<1> Let's create a PostgreSQL datasource. +<2> We load some initial data on startup (see <>). +<3> We need to tell Hibernate Search about the version of Elasticsearch we will use. It is important because there are significant differences between Elasticsearch mapping syntax depending on the version. Since the mapping is created at build time to reduce startup time, Hibernate Search cannot connect to the cluster to automatically detect the version. Note that, for OpenSearch, you need to prefix the version with `opensearch:`; see <>. -<5> This means that we wait for the entities to be searchable before considering a write complete. +<4> This means that we wait for the entities to be searchable before considering a write complete. On a production setup, the `write-sync` default will provide better performance. Using `sync` is especially important when testing as you need the entities to be searchable immediately. -<6> For development and tests, we rely on <>, +<5> For development and tests, we rely on <>, which means Quarkus will start a PostgreSQL database and Elasticsearch cluster automatically. In production mode, however, we will want to start a PostgreSQL database and Elasticsearch cluster manually, diff --git a/_versions/main/guides/hibernate-search-standalone-elasticsearch.adoc b/_versions/main/guides/hibernate-search-standalone-elasticsearch.adoc index bf2b4ef7dd1..fc4f742d8c1 100644 --- a/_versions/main/guides/hibernate-search-standalone-elasticsearch.adoc +++ b/_versions/main/guides/hibernate-search-standalone-elasticsearch.adoc @@ -559,31 +559,28 @@ Edit `src/main/resources/application.properties` and inject the following config [source,properties] ---- -quarkus.ssl.native=false <1> +quarkus.hibernate-search-standalone.mapping.structure=document <1> +quarkus.hibernate-search-standalone.elasticsearch.version=8 <2> +quarkus.hibernate-search-standalone.indexing.plan.synchronization.strategy=sync <3> -quarkus.hibernate-search-standalone.mapping.structure=document <2> -quarkus.hibernate-search-standalone.elasticsearch.version=8 <3> -quarkus.hibernate-search-standalone.indexing.plan.synchronization.strategy=sync <4> - -%prod.quarkus.hibernate-search-standalone.elasticsearch.hosts=localhost:9200 <5> +%prod.quarkus.hibernate-search-standalone.elasticsearch.hosts=localhost:9200 <4> ---- -<1> We won't use SSL, so we disable it to have a more compact native executable. -<2> We need to tell Hibernate Search about the structure of our entities. +<1> We need to tell Hibernate Search about the structure of our entities. + In this application we consider an indexed entity (the author) is the root of a "document": the author "owns" books it references through associations, which *cannot* be updated independently of the author. + See <> for other options and more details. -<3> We need to tell Hibernate Search about the version of Elasticsearch we will use. +<2> We need to tell Hibernate Search about the version of Elasticsearch we will use. + It is important because there are significant differences between Elasticsearch mapping syntax depending on the version. Since the mapping is created at build time to reduce startup time, Hibernate Search cannot connect to the cluster to automatically detect the version. Note that, for OpenSearch, you need to prefix the version with `opensearch:`; see <>. -<4> This means that we wait for the entities to be searchable before considering a write complete. +<3> This means that we wait for the entities to be searchable before considering a write complete. On a production setup, the `write-sync` default will provide better performance. Using `sync` is especially important when testing as you need the entities to be searchable immediately. -<5> For development and tests, we rely on <>, +<4> For development and tests, we rely on <>, which means Quarkus will start an Elasticsearch cluster automatically. In production mode, however, we will want to start an Elasticsearch cluster manually, diff --git a/_versions/main/guides/security-openid-connect-client-reference.adoc b/_versions/main/guides/security-openid-connect-client-reference.adoc index 329345aa1a9..1f82509661f 100644 --- a/_versions/main/guides/security-openid-connect-client-reference.adoc +++ b/_versions/main/guides/security-openid-connect-client-reference.adoc @@ -355,8 +355,8 @@ import java.util.Map; import org.eclipse.microprofile.config.inject.ConfigProperty; import io.quarkus.oidc.client.OidcClient; -import io.quarkus.oidc.client.OidcClientConfig; -import io.quarkus.oidc.client.OidcClientConfig.Grant.Type; +import io.quarkus.oidc.client.runtime.OidcClientConfig; +import io.quarkus.oidc.client.runtime.OidcClientConfig.Grant.Type; import io.quarkus.oidc.client.OidcClients; import io.quarkus.runtime.StartupEvent; import io.smallrye.mutiny.Uni; @@ -383,14 +383,14 @@ public class OidcClientCreator { } private Uni createOidcClient() { - OidcClientConfig cfg = new OidcClientConfig(); - cfg.setId("myclient"); - cfg.setAuthServerUrl(oidcProviderAddress); - cfg.setClientId("backend-service"); - cfg.getCredentials().setSecret("secret"); - cfg.getGrant().setType(Type.PASSWORD); - cfg.setGrantOptions(Map.of("password", - Map.of("username", "alice", "password", "alice"))); + OidcClientConfig cfg = OidcClientConfig + .authServerUrl(oidcProviderAddress) + .id("myclient") + .clientId("backend-service") + .credentials("secret") + .grant(Type.PASSWORD) + .grantOptions("password", Map.of("username", "alice", "password", "alice")) + .build(); return oidcClients.newClient(cfg); } } diff --git a/_versions/main/guides/security-openid-connect-client.adoc b/_versions/main/guides/security-openid-connect-client.adoc index 134a70af243..5444790c3f7 100644 --- a/_versions/main/guides/security-openid-connect-client.adoc +++ b/_versions/main/guides/security-openid-connect-client.adoc @@ -303,14 +303,14 @@ public class OidcClientCreator { } private Uni createOidcClient() { - OidcClientConfig cfg = new OidcClientConfig(); - cfg.setId("myclient"); - cfg.setAuthServerUrl(oidcProviderAddress); - cfg.setClientId("backend-service"); - cfg.getCredentials().setSecret("secret"); - cfg.getGrant().setType(Type.PASSWORD); - cfg.setGrantOptions(Map.of("password", - Map.of("username", "alice", "password", "alice"))); + OidcClientConfig cfg = OidcClientConfig + .authServerUrl(oidcProviderAddress) + .id("myclient") + .clientId("backend-service") + .credentials("secret") + .grant(Type.PASSWORD) + .grantOptions("password", Map.of("username", "alice", "password", "alice")) + .build(); return oidcClients.newClient(cfg); } } diff --git a/_versions/main/guides/virtual-threads.adoc b/_versions/main/guides/virtual-threads.adoc index 72257ae91ac..89000b4cb25 100644 --- a/_versions/main/guides/virtual-threads.adoc +++ b/_versions/main/guides/virtual-threads.adoc @@ -550,6 +550,38 @@ public class LoomUnitExampleTest { } ---- +== Virtual thread metrics + +You can enable the Micrometer Virtual Thread _binder_ by adding the following artifact to your application: + +[source,xml] +---- + + io.micrometer + micrometer-java21 + +---- + +This binder keeps track of the number of pinning events and the number of virtual threads failed to be started or un-parked. +See the https://docs.micrometer.io/micrometer/reference/reference/jvm.html#_java_21_metrics[MicroMeter documentation] for more information. + +You can explicitly disable the binder by setting the following property in your `application.properties`: + +[source,properties] +---- +# The binder is automatically enabled if the micrometer-java21 dependency is present +quarkus.micrometer.binder.virtual-threads.enabled=false +---- + +In addition, if the application is running on a JVM that does not support virtual threads (prior to Java 21), the binder is automatically disabled. + +You can associate tags to the collected metrics by setting the following properties in your `application.properties`: + +[source,properties] +---- +quarkus.micrometer.binder.virtual-threads.tags=tag_1=value_1, tag_2=value_2 +---- + == Additional references - https://dl.acm.org/doi/10.1145/3583678.3596895[Considerations for integrating virtual threads in a Java framework: a Quarkus example in a resource-constrained environment]