IdcsMtRoleMapperProvider (security.providers.idcs.mapper) Configuration

Multitenant IDCS role mapping provider

Type: io.helidon.security.providers.idcs.mapper.IdcsMtRoleMapperProvider

Config key
idcs-role-mapper
Copied

This type provides the following service implementations:

  • io.helidon.security.spi.SecurityProvider

  • io.helidon.security.spi.SubjectMappingProvider

Configuration options

Optional configuration options
keytypedefault valuedescription
cache-config

EvictableCache

 

Use explicit io.helidon.security.providers.common.EvictableCache for role caching.

default-idcs-subject-type

string

user

Configure subject type to use when requesting roles from IDCS. Can be either IDCS_SUBJECT_TYPE_USER or IDCS_SUBJECT_TYPE_CLIENT. Defaults to IDCS_SUBJECT_TYPE_USER.

idcs-app-name-handler

TokenHandler

 

Configure token handler for IDCS Application name. By default the header X-RESOURCE-SERVICE-INSTANCE-IDENTITY-APPNAME is used.

idcs-tenant-handler

TokenHandler

 

Configure token handler for IDCS Tenant ID. By default the header X-USER-IDENTITY-SERVICE-GUID is used.

oidc-config

OidcConfig

 

Use explicit io.helidon.security.providers.oidc.common.OidcConfig instance, e.g. when using it also for OIDC provider.

subject-types

SubjectType[] (USER, SERVICE)

USER

Add a supported subject type. If none added, io.helidon.security.SubjectType.USER is used. If any added, only the ones added will be used (e.g. if you want to use both io.helidon.security.SubjectType.USER and io.helidon.security.SubjectType.SERVICE, both need to be added.