- Expand the OAuth/OpenID Connect Configuration and click Configure.
- Fill in the form that appears. For the Allowed Grant Types you can disable the ones you do not require or wish to block.
- Click Add. The following information is added for your service provider.
- OAuth Client Key - This is the client key of the service provider, which will be checked for authentication by the Identity Server before providing the access token.
- OAuth Client Secret - This is the client secret of the service provider, which will be checked for authentication by the Identity Server before providing the access token. Click the Show button to view the exact value of this.
Tip: The OAuth client key and client secret are stored in plain text. To encrypt the client secret, access token and refresh token, do the following:
identity.xmlfile found in the
<IS_HOME>/repository/conf/directory and change the
<TokenPersistenceProcessor>property as follows:
Code Block language xml
When filling out the New Application form, the following should be taken into consideration.