Configurations for the OpenID Connect Authorization server are done at the identity.xml file which can be found in the path
Look for the
OpenIDConnect configuration element.
Lets go through the important configuration sub elements.
IDTokenSubjectClaim- This is the claim used as the subject of the
IDToken. You can use different claims such as
IDTokenIssuerID- The value of
IDToken. This should be changed according to the deployment values.
IDTokenExpiration- The expiration value of the
IDTokenCustomClaimsCallBackHandler- This can be used to return extra custom claims with the
IDToken. You can implement a claims call back handler to push the custom claims to the
IDToken. This class needs to implement the interface
CustomClaimsCallbackHandler. You can find the default implementation here as a reference.
UserInfoEndpointClaimDialect- Defines which claim dialect should be returned from the User Endpoint. By default it uses the WSO2 claim dialect. You can configure other claim dialects such as
http://schema.openid.net/2007/05/claimsfor OpenID Simple Registration and
http://axschema.orgfor OpenID Attribute Exchange.
UserInfoEndpointClaimRetriever- Defines the class which builds the claims for the User Info Endpoint's response. This class needs to implement the interface
UserInfoClaimRetriever. The default implementation can be found here as a reference.