Item Summary
Name	Type	Multiplicity	Description
registrationId	property string	[1,1]	Unique identifier of the client.
clientId	property string	[1,1]	OAuth 2.
clientSecret	property ProtectedStringType	[0,1]	OAuth 2.
clientAuthenticationMethod	property OidcClientAuthenticationMethodType	[0,1]	Define client authentication method.
clientSigningAlgorithm	property string	[0,1]	Identifier of algorithm for digitally sign or create a MAC of the content.
idTokenSigningAlgorithm	property string	[0,1]	JWA algorithm used for signing ID tokens.
scope	property string	[0,-1]	OpenID Connect Clients use scope values as defined in 3.
clientName	property string	[0,1]	Human friendly name of client.
nameOfUsernameAttribute	property string	[0,1]	Name of attribute in response, which value define name of user in Midpoint.
openIdProvider	container OidcOpenIdProviderType	[1,1]	OpenID Provider.
simpleProofKey	container AbstractSimpleKeyType	[0,1]	Key used for sign with PRIVATE_KEY_JWT.
keyStoreProofKey	container AbstractKeyStoreKeyType	[0,1]	Key used for sign with PRIVATE_KEY_JWT.
usePkce	property boolean	[0,1]	Use Proof Key for Code Exchange for added security.

Items
- registrationId
  
  Flags: RAM,runtime
  
  Multiplicity: [1,1]
  
  Unique identifier of the client. RegistrationId is used in url path, so it has to contain only correct symbols.
- clientId
  
  Flags: RAM,runtime
  
  Multiplicity: [1,1]
  
  OAuth 2.0 Client Identifier valid at the Authorization Server.
- clientSecret
  
  Flags: RAM,runtime
  
  Multiplicity: [0,1]
  
  OAuth 2.0 Client Secret valid at the Authorization Server.
- clientAuthenticationMethod
  
  Flags: RAM,runtime,AVals:5
  
  Multiplicity: [0,1]
  
  Define client authentication method.
- clientSigningAlgorithm
  
  Flags: RAM,runtime
  
  Multiplicity: [0,1]
  
  Identifier of algorithm for digitally sign or create a MAC of the content. (RFC7518 section-3.1)
- idTokenSigningAlgorithm
  
  Flags: RAM,runtime
  
  Multiplicity: [0,1]
  
  JWA algorithm used for signing ID tokens. (RFC7518 section-3.1)
- scope
  
  Flags: RAM,runtime
  
  Multiplicity: [0,-1]
  
  OpenID Connect Clients use scope values as defined in 3.3 of OAuth 2.0 [RFC6749] to specify what access privileges are being requested for Access Tokens.
- clientName
  
  Flags: RAM,runtime
  
  Multiplicity: [0,1]
  
  Human friendly name of client.
- nameOfUsernameAttribute
  
  Flags: RAM,runtime
  
  Multiplicity: [0,1]
  
  Name of attribute in response, which value define name of user in Midpoint. Default value is 'sub'.
- openIdProvider
  
  Flags: RAM,runtime
  
  Multiplicity: [1,1]
  
  OpenID Provider.
- simpleProofKey
  
  Flags: RAM,runtime
  
  Multiplicity: [0,1]
  
  Key used for sign with PRIVATE_KEY_JWT.
- keyStoreProofKey
  
  Flags: RAM,runtime
  
  Multiplicity: [0,1]
  
  Key used for sign with PRIVATE_KEY_JWT.
- usePkce
  
  Flags: RAM,runtime
  
  Multiplicity: [0,1]
  
  Use Proof Key for Code Exchange for added security. (RFC7636)

OidcClientAuthenticationModuleType (Complex Type)

Namespace: http://midpoint.evolveum.com/xml/ns/public/common/common-3

Items

registrationId

clientId

clientSecret

clientAuthenticationMethod

clientSigningAlgorithm

idTokenSigningAlgorithm

scope

clientName

nameOfUsernameAttribute

openIdProvider

simpleProofKey

keyStoreProofKey

usePkce