OAuth/OpenID Connect Authorization Server configuration

Maximum Redirect URL Length (com.soa.oauth.provider.config.maxRedirectURLLength)

Property to set the maximum length that a redirect URL can have when OAuth provider is initiating a redirect to the client/application.

Note: If the FAPI profile is enabled on an Akana OAuth/OIDC Provider domain, and the encrypted id_token exceeds the URL size limit, the id_token is returned in the form post.

Default: 2048

RSA Key Size (com.soa.oauth.provider.config.rsaJwkKeySize)

Property to set the key size when RSA Json Web keys are created by OpenID Connect provider to sign ID tokens issued to client. Should be >= 512.

Default: 2048

Jwk Validity In Seconds (com.soa.oauth.provider.config.defaultJwkValidityInSeconds)

Property to set the default validity for Asymmetric Json Web Keys created by OpenID Connect provider. Default: 86400 (1 day)

Default: 86400

Allowed Clock Skew For JWT (com.soa.oauth.provider.config.allowedClockSkewInSecondsForJWT)

Property to set the ClockSkew in Seconds created by OpenID Connect provider.

Default: 600

Allowed Authentication Token Length (com.soa.oauth.provider.config.allowedAuthenticationTokenLength)

Property to set the threshold length of OAuth Authentication Token. If the token length exceeds the configured value, a mini token will be returned in Cookie.

Default: 512

Grant Attributes Cache Max Size (com.soa.oauth.provider.config.grantAttributesCacheMaxSize)

The maximum size of Grant Attributes Cache in OAuth provider.

Default: 10000

Grant Attributes Cache Expiration (com.soa.oauth.provider.config.grantAttributesCacheExpirationTime)

Expiration time in milliseconds for the entries in Grant Attributes Cache in OAuth provider.

Default: 300000

Grant Sequence ID Cache Max Size (com.soa.oauth.provider.config.grantSequenceIDCacheMaxSize)

The maximum size of Grant Sequence ID Cache in OAuth provider.

Default: 10000

Grant Sequence ID CacheExpiration (com.soa.oauth.provider.config.grantSequenceIDCacheExpirationTime)

Expiration time in milliseconds for the entries in Grant Sequence ID Cache in OAuth provider.

Default: 300000

tokenAPIGetOperationSupport (com.soa.oauth.provider.config.tokenAPIGetOperationSupport)

Setting to enable or disable the TokenAPI GET method. Possible values are com.akana.feature.enabled and com.akana.feature.disabled.

Default: com.akana.feature.enabled