Class OidcProvider

  • All Implemented Interfaces:
    AuthenticationProvider, OutboundSecurityProvider, SecurityProvider

    public final class OidcProvider
    extends SynchronousProvider
    implements AuthenticationProvider, OutboundSecurityProvider
    Open ID Connect authentication provider. IDCS specific notes:
    • If you want to use JWK to validate tokens, you must give access to the endpoint (by default only admin can access it)
    • If you want to use introspect endpoint to validate tokens, you must give rights to the application to do so (Client Configuration/Allowed Operations)
    • If you want to retrieve groups when using IDCS, you must add "Client Credentials" in "Allowed Grant Types" in application configuration, as well as "Grant the client access to Identity Cloud Service Admin APIs." configured to "User Administrator"