<!DOCTYPE html> <html lang="en-US"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Multi-region Deployments</title> <style> [data-color-scheme="dark"] { color-scheme: dark; } [data-color-scheme="light"] { color-scheme: light; } </style> <script> if (localStorage.colorScheme) document.documentElement.setAttribute("data-color-scheme", localStorage.colorScheme); </script> <link rel="canonical" href="https://curity.io/docs/idsvr/latest/system-admin-guide/deployment/multi-region.html" /> <link rel="icon" type="image/png" href="../../_static/favicon.png" sizes="32x32"> <link rel="apple-touch-icon" href="../../_static/favicon-touch.png"> <link rel="mask-icon" href="../../_static/safari-pinned-tab.svg" color="#2a2f3a"> <link rel="preload" href="../../_static/fonts/Roboto-Regular.woff2" as="font" crossorigin="anonymous" type="font/woff2" /> <link rel="preload" href="../../_static/fonts/Roboto-Light.woff2" as="font" crossorigin="anonymous" type="font/woff2" /> <link rel="preload" href="../../_static/fonts/Roboto-Medium.woff2" as="font" crossorigin="anonymous" type="font/woff2" /> <link rel="preload" href="../../_static/fonts/roboto-mono-v12-latin-regular.woff2" as="font" crossorigin="anonymous" type="font/woff2" /> <meta name="author" content="Curity AB" /> <meta name="theme-color" content="#2a2f3a"> <meta property="og:type" content="article" /> <meta property="og:title" content="Multi-region Deployments" /> <meta property="og:site_name" content="Curity Identity Server Docs" /> <meta property="og:description" content="Multi-region Deployments - Multi-region deployments usually take into account factors such as scalability, availability and region-specific restrictions..." /> <meta name="description" content="Multi-region Deployments - Multi-region deployments usually take into account factors such as scalability, availability and region-specific restrictions..." /> <meta name="twitter:description" content="Multi-region Deployments - Multi-region deployments usually take into account factors such as scalability, availability and region-specific restrictions..." /> <meta property="og:url" content="https://curity.io/docs/idsvr/latest/system-admin-guide/deployment/multi-region.html" /> <meta name="twitter:card" content="summary_large_image" /> <meta name="twitter:url" content="https://curity.io/docs/idsvr/latest/system-admin-guide/deployment/multi-region.html" /> <meta name="twitter:creator" content="@curityio" /> <meta name="twitter:title" content="Multi-region Deployments" /> <meta name="twitter:image" content="https://curity.io/docs/idsvr/latest/_static/docs-og.png" /> <meta itemprop="image" content="https://curity.io/docs/idsvr/latest/_static/docs-og.png" /> <meta property="og:image" content="https://curity.io/docs/idsvr/latest/_static/docs-og.png" /> <meta property="og:image:alt" content="Curity Identity Server" /> <link rel="stylesheet" href="../../_static/css/type.css?v=C34217C8" type="text/css" /> <link rel="stylesheet" href="../../_static/css/theme.css?v=F5E876DE" type="text/css" /> <link rel="index" title="Index" href="../../genindex.html"/> <link rel="search" title="Search" href="../../search.html"/> <link rel="top" title="se.curity 10.0.1 documentation" href="../../index.html"/> <link rel="up" title="Deployment" href="index.html"/> <link rel="next" title="Email Providers" href="../email-providers/index.html"/> <link rel="prev" title="Deploying with Docker" href="docker.html"/> <!-- Google tag (gtag.js) for Google Analytics 4 (GA4)--> <script async src="https://www.googletagmanager.com/gtag/js?id=G-0WD7W92S3P"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-0WD7W92S3P'); </script> </head> <body class="wy-body-for-nav body-system-admin-guide/deployment/multi-region" role="document"> <header class="header" role="banner"> <nav class="header-top" role="navigation"> <div class="container h100"> <div class="flex flex-center flex-justify h100"> <div class="flex flex-center flex-justify h100"> <a href="https://curity.io/docs/" class="flex flex-center"> <img class="header-top-logo mr1" width="126" height="36" src="../../_static/curity-logo-landscape-white.svg" alt="Curity logo" role="presentation" /> <span class="header-presentation inline-flex tertiary">Documentation</span> </a> </div> <div class="flex flex-center flex-justify h100"> <ul class="list-reset m0"> <li class="inline-block"> <a class="block button button-tiny button-white-outline" href="https://curity.io" style="height: initial;" target="_blank" rel="noopener"> Visit curity.io</a> </li> <li class="inline-block"> <div class="dropdown dropdown-top"> <button class="dropbtn header-top-link header-top-link-dropdown"> <span class="flex flex-center">Developer <i class="icon ion-ios-arrow-down"></i> </span> </button> <div class="dropdown-content dropdown-content-developer flex-wrap"> <a class="dropdown-content-link dropdown-content-link-dark" href="https://developer.curity.io/"> <img class="w-6 h-6 mr3 inline-block" src="../../_static/developer-portal.svg" alt="Curity Developer Portal" width="100" height="100" /> <div class="dropdown-content-link-text px2"> <span class="dropdown-content-link-text-heading white"> Curity Developer Portal </span> </div> </a> <a class="dropdown-content-link" href="https://developer.curity.io/login?next=/release/latest"> Downloads <span class="pill pill-primary-gradient ml2 dropdown-content-link-version"></span> </a> <a class="dropdown-content-link" href="https://curity.io/support">Support</a> <a class="dropdown-content-link" href="https://curity.io/resources/">Resource Library</a> <a class="dropdown-content-link" href="https://developer.curity.io/login?next=/sources">Libraries and SDKs</a> <a class="dropdown-content-link" href="https://oauth.tools/?utm_source=docs&utm_medium=link&utm_content=navigation">OAuth Tools</a> </div> </div> </li> <li class="inline-block"> <a class="header-top-link " href="https://curity.io/contact" target="_blank" rel="noopener">Contact</a> </li> <li> <div role="search"> <form id="rtd-search-form" class="wy-form" action="../../search.html" method="get"> <input type="text" name="q" placeholder="Search docs" /> <input type="hidden" name="check_keywords" value="yes" /> <input type="hidden" name="area" value="default" /> </form> </div></li> </ul> </div> </div> </nav> </header> <main class="article-main"> <aside class="article-sidebar"> <div class="article-nav-wrapper"> <div class="article-sidebar-panel"> <select class="curity-versions mb3"> <option value="10.0.1" data-url="/" data-visibility="public">10.0.1</option> </select> <p class="primary curity-version hide"></p> <ul> <li class="toctree-l1 article-sidebar-home"> <a href="../../index.html"> Home </a> </li> </ul> <p class="caption"><span class="caption-text">Table of Contents</span></p> <ul class="current"> <li class="toctree-l1 current"><a class="reference internal" href="../index.html">System Admin Guide</a><ul class="current"> <li class="toctree-l2"><a class="reference internal" href="../attribute-transformers/index.html">Attribute Transformers</a><ul> <li class="toctree-l3"><a class="reference internal" href="../attribute-transformers/index.html#regex-transformer-1">Regex Transformer</a><ul> <li class="toctree-l4"><a class="reference internal" href="../attribute-transformers/index.html#regex-transformation-examples">Regex transformation examples</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../attribute-transformers/index.html#data-source-transformer-1">Data Source Transformer</a><ul> <li class="toctree-l4"><a class="reference internal" href="../attribute-transformers/index.html#data-source-transformation-example">Data Source Transformation example</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../attribute-transformers/index.html#script-transformer-1">Script Transformer</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../audit-logging/index.html">Audit</a><ul> <li class="toctree-l3"><a class="reference internal" href="../audit-logging/index.html#configuration">Configuration</a><ul> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#logger">Logger</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#file-appender">File Appender</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#database-appender">Database Appender</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#batching-log-messages-for-performance">Batching Log Messages for performance</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../audit-logging/index.html#audit-data-1">Audit Data</a><ul> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#mandatory">Mandatory</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#optional">Optional</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../audit-logging/index.html#audit-events-1">Audit Events</a><ul> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#profile-added">profile-added</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#token-introspected">token-introspected</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#refresh-token-issued">refresh-token-issued</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#refresh-token-revoked">refresh-token-revoked</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#access-token-issued">access-token-issued</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#access-token-revoked">access-token-revoked</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#id-token-issued">id-token-issued</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#initial-dcr-access-token-issued">initial-dcr-access-token-issued</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#initial-dcr-access-token-consumed">initial-dcr-access-token-consumed</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#initial-dcr-access-token-revoked">initial-dcr-access-token-revoked</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#dcr-client-registered">dcr-client-registered</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#user-info">user-info</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#authorization-code-issued">authorization-code-issued</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#authorization-code-consumed">authorization-code-consumed</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#delegation-issued">delegation-issued</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#delegation-revoked">delegation-revoked</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#account-created">account-created</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#accounts-linked">accounts-linked</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#account-activated">account-activated</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#scim-account-updated">scim-account-updated</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#scim-account-created">scim-account-created</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#scim-account-deleted">scim-account-deleted</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#access-token-authentication">access-token-authentication</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#client-authentication-success">client-authentication-success</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#client-authentication-failure">client-authentication-failure</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#cat-verification-failed">cat-verification-failed</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#logout">logout</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#user-authentication-success">user-authentication-success</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#user-sso-authentication-success">user-sso-authentication-success</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#sso-session-created">sso-session-created</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#bc-authentication-start">bc-authentication-start</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#bc-authentication-success">bc-authentication-success</a></li> <li class="toctree-l4"><a class="reference internal" href="../audit-logging/index.html#bc-authentication-failure">bc-authentication-failure</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../authorization-managers/index.html">Authorization Managers</a><ul> <li class="toctree-l3"><a class="reference internal" href="../authorization-managers/groups-authorization-manager.html">Groups Authorization Manager</a><ul> <li class="toctree-l4"><a class="reference internal" href="../authorization-managers/groups-authorization-manager.html#group-rules">Group Rules</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../authorization-managers/scope-authorization-manager.html">Scope Authorization Manager</a><ul> <li class="toctree-l4"><a class="reference internal" href="../authorization-managers/scope-authorization-manager.html#policies-actions-and-rules">Policies, Actions and Rules</a></li> <li class="toctree-l4"><a class="reference internal" href="../authorization-managers/scope-authorization-manager.html#configuration">Configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../authorization-managers/scope-authorization-manager.html#use-with-openid-connect-user-info">Use with OpenID Connect User Info</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../authorization-managers/attribute-authorization-manager.html">Attribute Authorization Manager</a><ul> <li class="toctree-l4"><a class="reference internal" href="../authorization-managers/attribute-authorization-manager.html#configuration">Configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../authorization-managers/attribute-authorization-manager.html#limitations">Limitations</a></li> <li class="toctree-l4"><a class="reference internal" href="../authorization-managers/attribute-authorization-manager.html#examples">Examples</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../credential-managers/index.html">Credential Managers</a><ul> <li class="toctree-l3"><a class="reference internal" href="../credential-managers/index.html#user-account-credentials">User Account Credentials</a></li> <li class="toctree-l3"><a class="reference internal" href="../credential-managers/index.html#credential-policies">Credential Policies</a><ul> <li class="toctree-l4"><a class="reference internal" href="../credential-managers/index.html#managing-credential-rules-state">Managing Credential Rules State</a></li> <li class="toctree-l4"><a class="reference internal" href="../credential-managers/index.html#data-source-requirements">Data source requirements</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../credential-managers/index.html#credential-migration">Credential Migration</a></li> <li class="toctree-l3"><a class="reference internal" href="../credential-managers/index.html#credential-rehashing">Credential Rehashing</a></li> <li class="toctree-l3"><a class="reference internal" href="../credential-managers/index.html#maximum-credential-length-system-wide">Maximum Credential Length (system-wide)</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../crypto/index.html">Cryptography</a><ul> <li class="toctree-l3"><a class="reference internal" href="../crypto/index.html#configuring-certificates">Configuring certificates</a></li> <li class="toctree-l3"><a class="reference internal" href="../crypto/index.html#configuring-private-keystores-1">Configuring private keystores</a><ul> <li class="toctree-l4"><a class="reference internal" href="../crypto/index.html#using-an-action-to-add-a-keystore">Using an action to add a keystore</a></li> <li class="toctree-l4"><a class="reference internal" href="../crypto/index.html#preparing-the-keystore-for-embedding-in-an-xml-configuration-document">Preparing the keystore for embedding in an XML configuration document</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../crypto/index.html#converting-keystores-keystore-entry-into-correct-pkcs12-format">Converting KeyStores (keystore-entry) into correct PKCS12 format</a><ul> <li class="toctree-l4"><a class="reference internal" href="../crypto/index.html#usage-of-the-convertks-script">Usage of the convertks script</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../crypto/index.html#working-with-pkcs1-private-keys">Working with PKCS1 private keys</a></li> <li class="toctree-l3"><a class="reference internal" href="../crypto/index.html#hardware-security-module">Hardware Security Module</a><ul> <li class="toctree-l4"><a class="reference internal" href="../crypto/index.html#entering-a-pin">Entering a PIN</a></li> <li class="toctree-l4"><a class="reference internal" href="../crypto/index.html#configuring-the-hsm">Configuring the HSM</a></li> <li class="toctree-l4"><a class="reference internal" href="../crypto/index.html#debugging-the-pkcs-11-provider">Debugging the PKCS#11 Provider</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../crypto/index.html#eddsa-support">EdDSA support</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../data-sources/index.html">Data Sources</a><ul> <li class="toctree-l3"><a class="reference internal" href="../data-sources/overview.html">Overview</a><ul> <li class="toctree-l4"><a class="reference internal" href="../data-sources/overview.html#configuration-strategy">Configuration Strategy</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/overview.html#data-source-usage">Data Source Usage</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../data-sources/jdbc.html">JDBC</a><ul> <li class="toctree-l4"><a class="reference internal" href="../data-sources/jdbc.html#table-management">Table management</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/jdbc.html#database-maintenance">Database maintenance</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/jdbc.html#quoted-identifiers">Quoted identifiers</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/jdbc.html#configuration">Configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/jdbc.html#clustering">Clustering</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/jdbc.html#connection-pool-metrics">Connection Pool Metrics</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/jdbc.html#credential-data-access">Credential Data Access</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/jdbc.html#mysql-and-mariadb">MySQL and MariaDB</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/jdbc.html#microsoft-sql-server">Microsoft SQL Server</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/jdbc.html#postgresql">PostgreSQL</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/jdbc.html#oracle">Oracle</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/jdbc.html#hsqldb">HsqlDB</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../data-sources/ldap.html">LDAP</a><ul> <li class="toctree-l4"><a class="reference internal" href="../data-sources/ldap.html#ldap-for-account-and-credential-data-access">LDAP for Account and Credential Data Access</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/ldap.html#ldap-for-attribute-data-access">LDAP for Attribute Data Access</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/ldap.html#use-case-for-configuring-an-ldap-backend-for-html-forms-authenticator">Use-case for configuring an LDAP backend for HTML Forms authenticator</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/ldap.html#connection-pool">Connection Pool</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../data-sources/scim.html">SCIM</a><ul> <li class="toctree-l4"><a class="reference internal" href="../data-sources/scim.html#scim-1-1">SCIM 1.1</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/scim.html#scim-2-0">SCIM 2.0</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../data-sources/json.html">JSON / REST Data Source</a><ul> <li class="toctree-l4"><a class="reference internal" href="../data-sources/json.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../data-sources/dynamodb.html">DynamoDB</a><ul> <li class="toctree-l4"><a class="reference internal" href="../data-sources/dynamodb.html#table-management">Table management</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/dynamodb.html#database-maintenance">Database maintenance</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/dynamodb.html#user-management-service">User Management Service</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/dynamodb.html#credential-data-access">Credential Data Access</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/dynamodb.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../data-sources/mongodb.html">MongoDB</a><ul> <li class="toctree-l4"><a class="reference internal" href="../data-sources/mongodb.html#collections-management">Collections management</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/mongodb.html#multi-tenancy">Multi-Tenancy</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/mongodb.html#database-maintenance">Database maintenance</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/mongodb.html#credential-data-access">Credential Data Access</a></li> <li class="toctree-l4"><a class="reference internal" href="../data-sources/mongodb.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../data-sources/multizone.html">Multi-zone</a><ul> <li class="toctree-l4"><a class="reference internal" href="../data-sources/multizone.html#configuration">Configuration</a></li> </ul> </li> </ul> </li> <li class="toctree-l2 current"><a class="reference internal" href="index.html">Deployment</a><ul class="current"> <li class="toctree-l3"><a class="reference internal" href="clustering.html">Cluster</a><ul> <li class="toctree-l4"><a class="reference internal" href="clustering.html#two-node-setup">Two Node Setup</a></li> <li class="toctree-l4"><a class="reference internal" href="clustering.html#standalone-admin-setup">Standalone Admin Setup</a></li> <li class="toctree-l4"><a class="reference internal" href="clustering.html#asymmetric-setup">Asymmetric Setup</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="clustering.html#scalability">Scalability</a></li> <li class="toctree-l3"><a class="reference internal" href="clustering.html#creating-a-cluster">Creating a Cluster</a><ul> <li class="toctree-l4"><a class="reference internal" href="clustering.html#preparing-configuration">Preparing Configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="clustering.html#setup-nodes">Setup Nodes</a></li> <li class="toctree-l4"><a class="reference internal" href="clustering.html#service-role">Service Role</a></li> <li class="toctree-l4"><a class="reference internal" href="clustering.html#viewing-connected-nodes">Viewing Connected Nodes</a></li> <li class="toctree-l4"><a class="reference internal" href="clustering.html#cluster-lifecycle">Cluster Lifecycle</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="docker.html">Deploying with Docker</a><ul> <li class="toctree-l4"><a class="reference internal" href="docker.html#building-a-docker-container">Building a Docker Container</a></li> <li class="toctree-l4"><a class="reference internal" href="docker.html#running-with-docker-compose">Running with docker-compose</a></li> </ul> </li> <li class="toctree-l3 current"><a class="current reference internal" href="#">Multi-region Deployments</a><ul> <li class="toctree-l4"><a class="reference internal" href="#authorization-flows-front-channel">Authorization flows - Front-channel</a></li> <li class="toctree-l4"><a class="reference internal" href="#authorization-flows-back-channel">Authorization flows - Back-channel</a></li> <li class="toctree-l4"><a class="reference internal" href="#data-sources">Data sources</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../email-providers/index.html">Email Providers</a><ul> <li class="toctree-l3"><a class="reference internal" href="../email-providers/index.html#smtp-email-provider">SMTP Email Provider</a><ul> <li class="toctree-l4"><a class="reference internal" href="../email-providers/index.html#domainkeys-identified-mail">DomainKeys Identified Mail</a></li> <li class="toctree-l4"><a class="reference internal" href="../email-providers/index.html#embedded-content">Embedded Content</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../email-providers/index.html#configure-email-provider-for-a-service">Configure Email Provider for a Service</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../http-clients/index.html">Http Clients</a><ul> <li class="toctree-l3"><a class="reference internal" href="../http-clients/index.html#introduction">Introduction</a></li> <li class="toctree-l3"><a class="reference internal" href="../http-clients/index.html#http-client-configuration">HTTP Client Configuration</a><ul> <li class="toctree-l4"><a class="reference internal" href="../http-clients/index.html#scheme">Scheme</a></li> <li class="toctree-l4"><a class="reference internal" href="../http-clients/index.html#connection-pool">Connection Pool</a></li> <li class="toctree-l4"><a class="reference internal" href="../http-clients/index.html#caching">Caching</a></li> <li class="toctree-l4"><a class="reference internal" href="../http-clients/index.html#authentication">Authentication</a></li> <li class="toctree-l4"><a class="reference internal" href="../http-clients/index.html#tls-encryption">TLS (encryption)</a></li> <li class="toctree-l4"><a class="reference internal" href="../http-clients/index.html#proxies">Proxies</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../http-clients/index.html#metrics">Metrics</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../observability/index.html">Observability</a><ul> <li class="toctree-l3"><a class="reference internal" href="../observability/alarms/index.html">Alarms</a><ul> <li class="toctree-l4"><a class="reference internal" href="../observability/alarms/overview.html">Overview</a></li> <li class="toctree-l4"><a class="reference internal" href="../observability/alarms/alarm-types/index.html">Alarm Types</a></li> <li class="toctree-l4"><a class="reference internal" href="../observability/alarms/alarm-handlers/index.html">Alarm Handlers</a></li> <li class="toctree-l4"><a class="reference internal" href="../observability/alarms/testing.html">Testing Alarms</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../observability/logging/index.html">Logging</a><ul> <li class="toctree-l4"><a class="reference internal" href="../observability/logging/index.html#log-levels">Log Levels</a></li> <li class="toctree-l4"><a class="reference internal" href="../observability/logging/index.html#configuration-overview">Configuration Overview</a></li> <li class="toctree-l4"><a class="reference internal" href="../observability/logging/index.html#appenders-1">Appenders</a></li> <li class="toctree-l4"><a class="reference internal" href="../observability/logging/index.html#loggers-1">Loggers</a></li> <li class="toctree-l4"><a class="reference internal" href="../observability/logging/index.html#logging-incorrect-cookies">Logging Incorrect Cookies</a></li> <li class="toctree-l4"><a class="reference internal" href="../observability/logging/index.html#masking">Masking</a></li> <li class="toctree-l4"><a class="reference internal" href="../observability/logging/index.html#shipping-logs">Shipping Logs</a></li> <li class="toctree-l4"><a class="reference internal" href="../observability/logging/index.html#log4j-scripting-languages">Log4j Scripting Languages</a></li> <li class="toctree-l4"><a class="reference internal" href="../observability/logging/index.html#files-not-configurable-by-log4j">Files Not Configurable by Log4j</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../observability/monitoring/index.html">Monitoring</a><ul> <li class="toctree-l4"><a class="reference internal" href="../observability/monitoring/index.html#jmx">JMX</a></li> <li class="toctree-l4"><a class="reference internal" href="../observability/monitoring/index.html#tracing">Tracing</a></li> <li class="toctree-l4"><a class="reference internal" href="../observability/monitoring/index.html#java-flight-recorder">Java Flight Recorder</a></li> <li class="toctree-l4"><a class="reference internal" href="../observability/monitoring/index.html#status-endpoint">Status Endpoint</a></li> <li class="toctree-l4"><a class="reference internal" href="../observability/monitoring/index.html#prometheus-compliant-metrics">Prometheus-compliant Metrics</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../observability/open-telemetry/index.html">OpenTelemetry</a><ul> <li class="toctree-l4"><a class="reference internal" href="../observability/open-telemetry/index.html#configuration">Configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../observability/open-telemetry/index.html#note-about-unstable-components">Note about unstable components</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../observability/server-events/index.html">Server Events</a><ul> <li class="toctree-l4"><a class="reference internal" href="../observability/server-events/index.html#event-listener-types">Event Listener Types</a></li> <li class="toctree-l4"><a class="reference internal" href="../observability/server-events/index.html#types-of-events">Types of Events</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../scripting/index.html">Scripting</a><ul> <li class="toctree-l3"><a class="reference internal" href="../scripting/index.html#introduction-to-scripts">Introduction to scripts</a><ul> <li class="toctree-l4"><a class="reference internal" href="../scripting/index.html#procedures-during-authentication">Procedures during authentication</a></li> <li class="toctree-l4"><a class="reference internal" href="../scripting/index.html#procedures-during-token-issuance-and-processing">Procedures during token issuance and processing</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../scripting/index.html#configuring-scripts">Configuring Scripts</a><ul> <li class="toctree-l4"><a class="reference internal" href="../scripting/index.html#script-types">Script Types</a></li> <li class="toctree-l4"><a class="reference internal" href="../scripting/index.html#preparations">Preparations</a></li> <li class="toctree-l4"><a class="reference internal" href="../scripting/index.html#configuring-using-etc-init">Configuring using etc/init</a></li> <li class="toctree-l4"><a class="reference internal" href="../scripting/index.html#writing-scripts">Writing Scripts</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../sms-providers/index.html">SMS Providers</a><ul> <li class="toctree-l3"><a class="reference internal" href="../sms-providers/index.html#twilio-sms-provider">Twilio Sms Provider</a></li> <li class="toctree-l3"><a class="reference internal" href="../sms-providers/index.html#rest-sms-provider">REST Sms Provider</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../tls/index.html">Transport Layer Security</a><ul> <li class="toctree-l3"><a class="reference internal" href="../tls/index.html#server-name-indication">Server Name Indication</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../upgrade/index.html">Upgrading</a><ul> <li class="toctree-l3"><a class="reference internal" href="../upgrade/7_0_X_to_7_1_0.html">Upgrading from 7.0.X to 7.1.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/7_0_X_to_7_1_0.html#haapi-dpop-improved-processing">HAAPI DPoP improved processing</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/7_0_X_to_7_1_0.html#template-and-message-updates">Template and message updates</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/7_1_X_to_7_2_0.html">Upgrading from 7.1.X to 7.2.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/7_1_X_to_7_2_0.html#sdk-changes">SDK Changes</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/7_1_X_to_7_2_0.html#logging-changes">Logging Changes</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/7_2_X_to_7_3_0.html">Upgrading from 7.2.X to 7.3.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/7_2_X_to_7_3_0.html#authentication-action-attributes">Authentication Action Attributes</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/7_3_X_to_7_4_0.html">Upgrading from 7.3.X to 7.4.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/7_3_X_to_7_4_0.html#email-templates-in-authentication-actions">Email templates in Authentication Actions</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/7_3_X_to_7_4_0.html#startup-script-changes">Startup script changes</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/7_3_X_to_7_4_0.html#user-management-with-graphql">User Management with GraphQL</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/7_3_X_to_7_4_0.html#dynamodb-schema-changes">DynamoDB schema changes</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/7_4_X_to_7_5_0.html">Upgrading from 7.4.X to 7.5.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/7_4_X_to_7_5_0.html#http-client-default-timeouts">HTTP Client Default Timeouts</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/7_5_X_to_7_6_0.html">Upgrading from 7.5.X to 7.6.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/7_5_X_to_7_6_0.html#systemd-config-file-update">Systemd config file update</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/7_5_X_to_7_6_0.html#new-saml-authenticator">New SAML Authenticator</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/7_6_X_to_8_0_0.html">Upgrading from 7.6.X to 8.0.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/7_6_X_to_8_0_0.html#upgrading-the-xml-configuration">Upgrading the XML Configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/7_6_X_to_8_0_0.html#authorization-custom-token-procedures-update">Authorization custom token procedures update</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/7_6_X_to_8_0_0.html#dynamodb-schema-changes">DynamoDB schema changes</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/7_6_X_to_8_0_0.html#webauthn-authenticator">WebAuthn authenticator</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/7_6_X_to_8_0_0.html#haapi-capability-and-use-of-legacy-dpop">HAAPI capability and use of legacy DPOP</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/7_6_X_to_8_0_0.html#microsoft-sql-server-jdbc-driver">Microsoft SQL Server JDBC driver</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/7_6_X_to_8_0_0.html#changes-to-haapi-responses">Changes to HAAPI responses</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/7_6_X_to_8_0_0.html#password-based-pbes2-jwe-algorithms">Password-based PBES2 JWE algorithms</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/7_6_X_to_8_0_0.html#windows-connector-failover-update">Windows Connector Failover Update</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/8_0_X_to_8_1_0.html">Upgrading from 8.0.X to 8.1.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_0_X_to_8_1_0.html#database-changes">Database Changes</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_0_X_to_8_1_0.html#custom-token-issuers">Custom Token Issuers</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_0_X_to_8_1_0.html#email-authenticator">Email Authenticator</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/8_1_X_to_8_2_0.html">Upgrading from 8.1.X to 8.2.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_1_X_to_8_2_0.html#user-consent-template">User consent template</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_1_X_to_8_2_0.html#sdk-changes">SDK Changes</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_1_X_to_8_2_0.html#token-procedure-plugin-configuration">Token Procedure Plugin Configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_1_X_to_8_2_0.html#claims">Claims</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/8_2_X_to_8_3_0.html">Upgrading from 8.2.X to 8.3.0</a></li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/8_3_X_to_8_4_0.html">Upgrading from 8.3.X to 8.4.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_3_X_to_8_4_0.html#sdk">SDK</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_3_X_to_8_4_0.html#database-changes">Database Changes</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_3_X_to_8_4_0.html#deprecation-notice">Deprecation notice</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_3_X_to_8_4_0.html#logging-incorrect-cookies">Logging Incorrect Cookies</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/8_4_X_to_8_5_0.html">Upgrading from 8.4.X to 8.5.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_4_X_to_8_5_0.html#template-changes">Template Changes</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_4_X_to_8_5_0.html#deprecation-notice">Deprecation notice</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/8_5_X_to_8_6_0.html">Upgrading from 8.5.X to 8.6.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_5_X_to_8_6_0.html#deprecation-notice">Deprecation notice</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/8_6_X_to_8_7_0.html">Upgrading from 8.6.X to 8.7.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_6_X_to_8_7_0.html#hypermedia-api-external-browser-flow">Hypermedia API external browser flow</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_6_X_to_8_7_0.html#haapi-authorization-code-and-refresh-token-binding">HAAPI authorization code and refresh token binding</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/8_7_X_to_9_0_0.html">Upgrading from 8.7.X to 9.0.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_7_X_to_9_0_0.html#jdbc-data-source-database-schema-changes">JDBC data source - database schema changes</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_7_X_to_9_0_0.html#user-management">User management</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_7_X_to_9_0_0.html#service-name">Service name</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_7_X_to_9_0_0.html#attribute-authorization-manager">Attribute Authorization Manager</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_7_X_to_9_0_0.html#updates-on-docker-images">Updates on Docker images</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_7_X_to_9_0_0.html#sdk-changes">SDK changes</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_7_X_to_9_0_0.html#events-and-audit-data">Events and audit data</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_7_X_to_9_0_0.html#token-issuers-data-sources">Token Issuers Data Sources</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_7_X_to_9_0_0.html#custom-claims">Custom Claims</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_7_X_to_9_0_0.html#database-client-change">Database client change</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_7_X_to_9_0_0.html#html-forms-authenticator">HTML Forms authenticator</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_7_X_to_9_0_0.html#logging-incorrect-cookies">Logging Incorrect Cookies</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/8_7_X_to_9_0_0.html#saml-authenticator-removal">SAML Authenticator removal</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/9_0_X_to_9_1_0.html">Upgrading from 9.0.X to 9.1.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_0_X_to_9_1_0.html#jdbc-data-source">JDBC data source</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_0_X_to_9_1_0.html#html-forms-authenticator">HTML Forms authenticator</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_0_X_to_9_1_0.html#sdk-changes">SDK changes</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/9_1_X_to_9_2_0.html">Upgrading from 9.1.X to 9.2.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_1_X_to_9_2_0.html#jdbc-data-source-database-schema-changes">JDBC data source - database schema changes</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_1_X_to_9_2_0.html#template-changes">Template Changes</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_1_X_to_9_2_0.html#sdk-changes">SDK changes</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/9_2_X_to_9_3_0.html">Upgrading from 9.2.X to 9.3.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_2_X_to_9_3_0.html#jdbc-data-source-multi-tenancy-and-discoverable-credentials-support">JDBC data source: multi-tenancy and discoverable credentials support</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_2_X_to_9_3_0.html#dynamodb-database-changes">DynamoDB Database changes</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_2_X_to_9_3_0.html#sdk-changes">SDK changes</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_2_X_to_9_3_0.html#token-handler-applications">Token Handler Applications</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/9_3_X_to_9_4_0.html">Upgrading from 9.3.X to 9.4.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_3_X_to_9_4_0.html#jdbc-data-source-multi-tenancy-support-for-delegations">JDBC data source: multi-tenancy support for delegations</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_3_X_to_9_4_0.html#template-changes">Template Changes</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_3_X_to_9_4_0.html#token-handler-applications">Token Handler Applications</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_3_X_to_9_4_0.html#sdk">SDK</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/9_4_X_to_9_5_0.html">Upgrading from 9.4.X to 9.5.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_4_X_to_9_5_0.html#passkeys-authenticator">Passkeys Authenticator</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/9_5_X_to_9_6_0.html">Upgrading from 9.5.X to 9.6.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_5_X_to_9_6_0.html#sdk">SDK</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_5_X_to_9_6_0.html#template-changes">Template Changes</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_5_X_to_9_6_0.html#dynamodb-data-source-credential-data-access">DynamoDB data source: credential data access</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/9_6_X_to_9_7_0.html">Upgrading from 9.6.X to 9.7.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_6_X_to_9_7_0.html#maximum-length-of-inputs-used-for-secret-password-validation">Maximum length of inputs used for secret/password validation</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_6_X_to_9_7_0.html#user-info-claims">User Info claims</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/9_7_X_to_10_0_0.html">Upgrading from 9.7.X to 10.0.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_7_X_to_10_0_0.html#token-handler-applications">Token Handler Applications</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_7_X_to_10_0_0.html#openid-connect-authenticator-signed-userinfo-responses">OpenID Connect Authenticator - Signed UserInfo Responses</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_7_X_to_10_0_0.html#email-authenticator">Email Authenticator</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_7_X_to_10_0_0.html#bankid-authenticator">BankID Authenticator</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_7_X_to_10_0_0.html#jdbc-data-source-deprecation-of-old-credential-storage-schema-and-related-credential-modes">JDBC Data Source - Deprecation of old credential storage schema and related credential modes</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_7_X_to_10_0_0.html#user-management-username-updates-and-account-deletion-with-legacy-credential-data-sources">User Management - Username updates and account deletion with legacy credential data sources</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_7_X_to_10_0_0.html#oauth-client-authentication">OAuth Client Authentication</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_7_X_to_10_0_0.html#sdk">SDK</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/9_7_X_to_10_0_0.html#original-query-parameter-encoding">Original Query parameter encoding</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../upgrade/index.html#general-upgrade-procedure-1">General Upgrade Procedure</a><ul> <li class="toctree-l4"><a class="reference internal" href="../upgrade/index.html#preparing-the-upgrade">Preparing the upgrade</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/index.html#performing-the-upgrade">Performing the upgrade</a></li> <li class="toctree-l4"><a class="reference internal" href="../upgrade/index.html#after-the-upgrade">After the Upgrade</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../devops-dashboard.html">DevOps Dashboard</a><ul> <li class="toctree-l3"><a class="reference internal" href="../devops-dashboard.html#enabling-the-dd">Enabling the DevOps Dashboard</a></li> <li class="toctree-l3"><a class="reference internal" href="../devops-dashboard.html#requirements-of-an-oauth-client">Requirements of an OAuth Client</a></li> <li class="toctree-l3"><a class="reference internal" href="../devops-dashboard.html#group-access">Group Access</a></li> <li class="toctree-l3"><a class="reference internal" href="../devops-dashboard.html#availability">Availability</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../system-requirements.html">System Requirements</a><ul> <li class="toctree-l3"><a class="reference internal" href="../system-requirements.html#operating-systems">Operating Systems</a></li> <li class="toctree-l3"><a class="reference internal" href="../system-requirements.html#minimum-hardware-requirements">Minimum Hardware Requirements</a></li> <li class="toctree-l3"><a class="reference internal" href="../system-requirements.html#recommended-hardware-setup">Recommended Hardware Setup</a></li> <li class="toctree-l3"><a class="reference internal" href="../system-requirements.html#hypermedia-authentication-api">Hypermedia Authentication API</a></li> <li class="toctree-l3"><a class="reference internal" href="../system-requirements.html#browsers">Browsers</a></li> <li class="toctree-l3"><a class="reference internal" href="../system-requirements.html#database">Database</a></li> <li class="toctree-l3"><a class="reference internal" href="../system-requirements.html#user-repositories">User Repositories</a></li> <li class="toctree-l3"><a class="reference internal" href="../system-requirements.html#networking">Networking</a></li> <li class="toctree-l3"><a class="reference internal" href="../system-requirements.html#hardware-security-module">Hardware Security Module</a></li> <li class="toctree-l3"><a class="reference internal" href="../system-requirements.html#file-encoding">File Encoding</a></li> <li class="toctree-l3"><a class="reference internal" href="../system-requirements.html#http">HTTP</a></li> <li class="toctree-l3"><a class="reference internal" href="../system-requirements.html#tls">TLS</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../jvm-options.html">JVM Configuration</a><ul> <li class="toctree-l3"><a class="reference internal" href="../jvm-options.html#changing-jvm-settings-in-the-admin-ui">Changing JVM Settings in the Admin UI</a></li> <li class="toctree-l3"><a class="reference internal" href="../jvm-options.html#changing-the-jvm-settings-with-the-cli">Changing the JVM Settings with the CLI</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../go-live-checklist.html">Go-live Checklist</a><ul> <li class="toctree-l3"><a class="reference internal" href="../go-live-checklist.html#general-system">General System</a></li> <li class="toctree-l3"><a class="reference internal" href="../go-live-checklist.html#related-systems">Related Systems</a></li> <li class="toctree-l3"><a class="reference internal" href="../go-live-checklist.html#all-profile-types">All Profile Types</a></li> <li class="toctree-l3"><a class="reference internal" href="../go-live-checklist.html#authentication">Authentication</a></li> <li class="toctree-l3"><a class="reference internal" href="../go-live-checklist.html#token-service">Token Service</a></li> <li class="toctree-l3"><a class="reference internal" href="../go-live-checklist.html#user-management">User Management</a></li> <li class="toctree-l3"><a class="reference internal" href="../go-live-checklist.html#configuration">Configuration</a></li> <li class="toctree-l3"><a class="reference internal" href="../go-live-checklist.html#clustering">Clustering</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../cors.html">CORS</a></li> <li class="toctree-l2"><a class="reference internal" href="../cross-site.html">Cross Site Requests</a></li> </ul> </li> <li class="toctree-l1"><a class="reference internal" href="../../application-service-admin-guide/index.html">Application Service Admin Guide</a><ul> <li class="toctree-l2"><a class="reference internal" href="../../application-service-admin-guide/overview.html">Overview</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../application-service-admin-guide/applications/token-handler.html">Token Handler Application</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../application-service-admin-guide/applications/token-handler.html#creating-a-token-handler-application">Creating a Token Handler Application</a></li> <li class="toctree-l4"><a class="reference internal" href="../../application-service-admin-guide/applications/token-handler.html#configuring-a-token-handler-application">Configuring a Token Handler Application</a></li> <li class="toctree-l4"><a class="reference internal" href="../../application-service-admin-guide/applications/token-handler.html#token-handler-application-api">Token Handler Application API</a></li> <li class="toctree-l4"><a class="reference internal" href="../../application-service-admin-guide/applications/token-handler.html#spa-integration">SPA Integration</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../application-service-admin-guide/defining-application-profile.html">Defining an Application Service Profile</a></li> </ul> </li> <li class="toctree-l1"><a class="reference internal" href="../../authentication-service-admin-guide/index.html">Authentication Service Admin Guide</a><ul> <li class="toctree-l2"><a class="reference internal" href="../../authentication-service-admin-guide/overview.html">Overview</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/overview.html#authenticators">Authenticators</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/overview.html#actions">Actions</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/overview.html#single-sign-on-sso">Single Sign-On (SSO)</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/overview.html#logout">Logout</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/overview.html#multi-tenancy">Multi-Tenancy</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/overview.html#account-domains">Account Domains</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/overview.html#validation-procedures">Validation Procedures</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/overview.html#authenticator-filters">Authenticator Filters</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/overview.html#service-providers">Service Providers</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/overview.html#protocol-plugins">Protocol Plugins</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/overview.html#automatic-login">Automatic login</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../authentication-service-admin-guide/defining-authn-profile.html">Defining an Authentication Service Profile</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/defining-authn-profile.html#preparing-the-authentication-service-profile">Preparing the Authentication Service Profile</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/defining-authn-profile.html#pre-requisite-configuration">Pre-requisite configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/defining-authn-profile.html#base-configuration-of-an-authentication-service-profile">Base Configuration of an Authentication Service Profile</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/defining-authn-profile.html#example-create-request">Example Create request</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/index.html">Authenticators</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/overview.html">Overview of Authenticators</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/overview.html#authenticator-purpose">Authenticator purpose</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/overview.html#authenticator-base-configuration">Authenticator Base Configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/overview.html#multi-factor-configuration-for-authentication">Multi-factor configuration for Authentication</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/overview.html#back-channel-authenticators">Back-channel Authenticators</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/bankid.html">BankID</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/bankid.html#integrating-with-bankid">Integrating with BankID</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/bankid.html#kinds-of-bankids">Kinds of BankIDs</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/bankid.html#trusted-bankid-provider">Trusted BankID Provider</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/bankid.html#authentication-flows">Authentication flows</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/bankid.html#configuration-settings">Configuration settings</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/bankid.html#risk-assessment-1">Risk Assessment</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/bankid.html#ip-address-check-on-same-device">IP address check on same device</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/bankid.html#bankid-on-the-phone-1">BankID on the Phone</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/bankid.html#bankid-backchannel-authenticator">BankID Backchannel Authenticator</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/bankid.html#testing-the-integration-and-configuration">Testing the Integration and Configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/bankid.html#persisting-the-bankid-responses">Persisting the BankID Responses</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/bankid.html#launch-behavior-1">Launch behavior</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/bankid.html#change-specific-browser-behavior">Change specific browser behavior</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/bankid.html#disable-autostart">Disable autostart</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/bankid.html#debugging-the-templates">Debugging the templates</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/duo.html">Duo</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/duo.html#configuration-settings">Configuration Settings</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/duo.html#creating-a-new-authenticator">Creating a New Authenticator</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/duo.html#logging-in">Logging In</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/dynamic.html">Dynamic Authenticator</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/dynamic.html#configuration">Configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/dynamic.html#delegate-authenticator">Delegate Authenticator</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/dynamic.html#dynamic-configuration-source">Dynamic Configuration Source</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/dynamic.html#configuration-example">Configuration Example</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/dynamic.html#example-use-case">Example Use-case</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/email.html">Email</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/email.html#using-as-standalone-factor-single-factor">Using as standalone factor (single factor)</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/email.html#using-as-second-or-n-th-factor">Using as second or N-th factor</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/email.html#using-an-intermediate-attribute">Using an Intermediate Attribute</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/email.html#hyperlink">Hyperlink</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/email.html#one-time-password-otp-code">One Time Password (OTP) Code</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/email.html#inactive-accounts">Inactive Accounts</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/email.html#email-throttling">Email Throttling</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/email.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/encap.html">Encap</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/encap.html#basic-configuration">Basic Configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/encap.html#registration-during-login">Registration During Login</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/encap.html#additional-information-before-registration">Additional Information Before Registration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/encap.html#automatic-login">Automatic Login</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/entrust-idaas.html">Entrust IDaaS</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/entrust-idaas.html#creating-an-app-in-entrust">Creating an App in Entrust</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/entrust-idaas.html#creating-a-new-authenticator">Creating a new Authenticator</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/facebook.html">Facebook Authenticator</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/facebook.html#configuring-facebook">Configuring Facebook</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/facebook.html#the-redirect-uri">The Redirect URI</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/facebook.html#the-data-deletion-request-callback-url">The Data Deletion Request Callback URL</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/facebook.html#configuration-in-the-authentication-service">Configuration in the Authentication Service</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/google.html">Google Authenticator</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/google.html#configuring-google">Configuring Google</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/google.html#the-redirect-uri">The Redirect URI</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/google.html#configuration-in-the-authentication-service">Configuration in the Authentication Service</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/html.html">HTML Forms Authenticator</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/html.html#paths">Paths</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/html.html#validation-scripts">Validation Scripts</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/html.html#email-provider">Email Provider</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/html.html#automatic-login">Automatic Login</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/html.html#password-only">Password Only</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/html.html#remember-me">Remember Me</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/html.html#binding-message">Binding Message</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/html.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/oidc.html">OpenID Connect Authenticator</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/oidc.html#the-redirect-uri">The Redirect URI</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/oidc.html#jwks-endpoint">JWKS Endpoint</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/oidc.html#returned-attributes">Returned attributes</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/oidc.html#parameter-mappings">Parameter Mappings</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/oidc.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/openid-wallet.html">OpenID Wallet</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/openid-wallet.html#configuring-openid-wallet-authenticator">Configuring OpenID Wallet Authenticator</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/openid-wallet.html#anonymous-jwks-endpoint">Anonymous JWKS Endpoint</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/openid-wallet.html#further-reading">Further Reading</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/passkeys.html">Passkeys</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/passkeys.html#configuring-a-passkeys-authenticator">Configuring a Passkeys authenticator</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/passkeys.html#registering-devices">Registering devices</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/passkeys.html#hypermedia-authentication-api">Hypermedia Authentication API</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/passkeys.html#discoverable-credentials">Discoverable Credentials</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/passkeys.html#ios-domain-association">iOS Domain Association</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/passkeys.html#android-domain-association">Android Domain Association</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/passkeys.html#known-limitations">Known limitations</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/ping-idp-authenticator.html">PingFederate IdP Adapter Authenticator</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/ping-idp-authenticator.html#authentication-flow">Authentication Flow</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/ping-idp-authenticator.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/pingfederate.html">PingFederate</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/saml2.html">SAML2</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/saml2.html#paths">Paths</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/saml2.html#validation-scripts">Validation Scripts</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/saml2.html#configuration">Configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/saml2.html#saml2-dynamic-authenticator">SAML2 dynamic authenticator</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/saml2.html#known-limitations">Known limitations</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/sign-in-with-apple.html">Sign in with Apple</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/sign-in-with-apple.html#configuring-a-sign-in-with-apple-service">Configuring a Sign in with Apple Service</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/sign-in-with-apple.html#setting-up-the-authenticator">Setting up the authenticator</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/siths.html">SITHS</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/siths.html#configuring-an-authenticator">Configuring an Authenticator</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/sms-otp.html">SMS OTP</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/sms-otp.html#base-configuration">Base Configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/sms-otp.html#using-as-standalone-factor-single-factor">Using as standalone factor (Single factor)</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/sms-otp.html#using-as-second-or-n-th-factor">Using as second or N-th factor</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/sms-otp.html#using-an-intermediate-attribute">Using an Intermediate Attribute</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/sms-otp.html#sms-otp-in-otp-mode">SMS OTP in OTP mode</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/sms-otp.html#sms-otp-in-hyperlink-mode">SMS OTP in Hyperlink mode</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/sms-otp.html#registration">Registration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/sms-otp.html#automatic-login">Automatic Login</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/sms-otp.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/totp.html">TOTP - Time base One Time Password</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/totp.html#configuring-an-authenticator">Configuring an Authenticator</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/totp.html#multiple-device-registration">Multiple Device registration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/totp.html#configuring-for-pre-shared-keys">Configuring for pre-shared keys</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/totp.html#configuring-for-generated-keys">Configuring for generated keys</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/totp.html#automatic-login">Automatic Login</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/twitter.html">Twitter</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/twitter.html#creating-an-app-in-twitter">Creating an App in Twitter</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/twitter.html#configuring-the-twitter-authenticator">Configuring the Twitter Authenticator</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/username.html">Username</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/username.html#configuration">Configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/username.html#source-code">Source Code</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/webauthn.html">WebAuthn</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/webauthn.html#device-types">Device Types</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/webauthn.html#configuring-a-webauthn-authenticator">Configuring a WebAuthn authenticator</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/webauthn.html#registering-devices">Registering devices</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/webauthn.html#user-interaction-for-platform-devices">User Interaction for platform devices</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/webauthn.html#hypermedia-authentication-api">Hypermedia Authentication API</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/webauthn.html#ios-domain-association">iOS Domain Association</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/webauthn.html#android-domain-association">Android Domain Association</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/webauthn.html#known-limitations">Known limitations</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/windows.html">Windows</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/windows.html#installing-the-windows-connector">Installing the Windows Connector</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/windows.html#configuring-an-authenticator">Configuring an Authenticator</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/windows.html#configuring-the-windows-connector">Configuring the Windows Connector</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authenticators/windows.html#troubleshooting">Troubleshooting</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/index.html">Authentication Actions</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/overview.html">Overview</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/overview.html#login-actions">Login Actions</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/overview.html#sso-actions">SSO Actions</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/overview.html#actions-and-action-completions">Actions and Action Completions</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/overview.html#action-attributes">Action attributes</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/overview.html#actions-prompts-and-backwards-navigation">Actions prompts and backwards navigation</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/attribute-prompt.html">Attribute Prompt Action</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/attribute-prompt.html#configuration">Configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/attribute-prompt.html#localization">Localization</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/auto-create-account.html">Auto Create Account</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/auto-create-account.html#creating-accounts">Creating accounts</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/auto-create-account.html#configuration">Configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/auto-create-account.html#default-values-in-the-account">Default Values in the account</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/auto-create-account.html#errors">Errors</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/auto-link-accounts.html">Auto Link Accounts</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/auto-link-accounts.html#overview">Overview</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/auto-link-accounts.html#configuration">Configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/auto-link-accounts.html#advanced">Advanced</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/auto-link-accounts.html#user-confirmation">User Confirmation</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/bundle.html">Bundle Action</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/bundle.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/conditional-multi-factor.html">Conditional Multi-Factor</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/conditional-multi-factor.html#attribute-enable-condition">Attribute Enable Condition</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/conditional-multi-factor.html#attribute-acr-condition">Attribute ACR Condition</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/conditional-multi-factor.html#subject-condition">Subject Condition</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/conditional-multi-factor.html#client-property-condition">Client Property Condition</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/conditional-multi-factor.html#subject-check">Subject Check</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/conditional-multi-factor.html#use-sso-on-second-factor">Use SSO on second factor</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/copy-attribute.html">Copy Attribute</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/copy-attribute.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/data-source-transformer.html">Data Source Transformer Action</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/data-source-transformer.html#transforming-values-using-data-source-values">Transforming values using data source values</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/data-source-transformer.html#include-additional-values-from-datasource">Include additional values from datasource</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/data-source-transformer.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/date-deny.html">Date/Time Deny Action</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/debug-attribute.html">Debug Attribute Action</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/deny.html">Deny Action</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/deny.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/allow-deny-country.html">Geolocation Allow or Deny Country Action</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/allow-deny-country.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/changed-country.html">Geolocation Changed Country Action</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/changed-country.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/impossible-journey.html">Geolocation Impossible Journey Action</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/impossible-journey.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/new-country.html">Geolocation New Country Action</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/new-country.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/lookup-account.html">Lookup Account</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/lookup-links-action.html">Lookup Links Action</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/lookup-links-action.html#overview">Overview</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/lookup-links-action.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/opt-in-mfa.html">Opt-In MFA</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/opt-in-mfa.html#registering-a-new-factor">Registering a New Factor</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/opt-in-mfa.html#managing-factors">Managing Factors</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/opt-in-mfa.html#recovery-codes">Recovery Codes</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/opt-in-mfa.html#single-sign-on-of-second-factors">Single Sign-On of second factors</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/opt-in-mfa.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/regex-transformer.html">Regular Expression Transformer Action</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/regex-transformer.html#transforming-values-using-regular-expressions">Transforming values using regular expressions</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/regex-transformer.html#excluding-attributes">Excluding attributes</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/regex-transformer.html#renaming-attributes">Renaming attributes</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/regex-transformer.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/registered-passkey.html">Registered Passkey</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/registered-passkey.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/remove-attribute-transformer.html">Remove Attribute Transformer Action</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/remove-attribute-transformer.html#configuring-attributes-for-removal">Configuring attributes for removal</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/request-acknowledgement.html">Request Acknowledgement</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/request-acknowledgement.html#localization">Localization</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/request-acknowledgement.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/require-active-account.html">Require Active Account</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/require-active-account.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/reset-password.html">Reset Password</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/reset-password.html#configuration">Configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/reset-password.html#example-usage">Example Usage</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/reset-password.html#errors">Errors</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/resolve-account-link.html">Resolve Account Link</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/resolve-account-link.html#overview">Overview</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/resolve-account-link.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/restart.html">Restart Action</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/restart.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/script-transformer.html">Script Transformer Action</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/script-transformer.html#transforming-values-using-script-procedures">Transforming values using script procedures</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/script-transformer.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/selector.html">Selector</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/selector.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/send-email.html">Send Email Action</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/send-email.html#configuration">Configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/send-email.html#templates">Templates</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/sequence.html">Sequence Action</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/sequence.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/set-attribute.html">Set Attribute</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/set-attribute.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/sign-in-selector.html">Sign-In Selector</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/sign-in-selector.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/signup.html">Signup</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/signup.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/switch.html">Switch Action</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/switch.html#conditions">Conditions</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/switch.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/time-deny.html">Time-based Deny Action</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/update-account.html">Update Account</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/update-account.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/zone-transfer.html">Zone Transfer</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/zone-transfer.html#configuration">Configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/zone-transfer.html#errors">Errors</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../authentication-service-admin-guide/multi-factor-authentication.html">Multi-Factor Authentication</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/multi-factor-authentication.html#using-a-chain-of-authenticators">Using a chain of authenticators</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/multi-factor-authentication.html#more-than-two-factors">More than two factors</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/multi-factor-authentication.html#single-sign-on-and-multi-factor">Single Sign-On and Multi-Factor</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/multi-factor-authentication.html#freshness-and-forced-authentication">Freshness and Forced Authentication</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/multi-factor-authentication.html#using-the-acr-parameter">Using the ACR Parameter</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/multi-factor-authentication.html#using-a-multi-factor-authentication-action">Using a Multi-Factor Authentication Action</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../authentication-service-admin-guide/multi-tenancy.html">Multi-Tenancy</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/multi-tenancy.html#requirements-to-multi-tenancy">Requirements to Multi-Tenancy</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/multi-tenancy.html#configuring-multi-tenancy">Configuring Multi-Tenancy</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../authentication-service-admin-guide/account-linking/index.html">Account Linking</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/account-linking/index.html#basic-concepts">Basic Concepts</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/account-linking/index.html#example-of-linking-with-facebook">Example of Linking with Facebook</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/account-linking/index.html#example-of-linking-with-facebook-as-second-authenticator">Example of Linking with Facebook as Second authenticator</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/account-linking/index.html#resolving-links-1">Resolving Links</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/account-linking/index.html#looking-up-links">Looking up Links</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/account-linking/index.html#common-linking-flows">Common Linking Flows</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/account-linking/index.html#linking-a-foreign-account-and-adding-links-to-the-result">Linking a foreign account and adding links to the result</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/account-linking/index.html#linking-using-the-foreign-authenticator-and-resolving-immediately">Linking using the foreign authenticator and resolving immediately</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/account-linking/index.html#linking-using-the-local-authenticator-resolving-on-next-login-with-foreign">Linking using the local authenticator, resolving on next login with foreign</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/account-linking/index.html#linking-two-foreign-accounts-using-auto-create-account-1">Linking two foreign accounts using auto create account</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/account-linking/index.html#linking-two-foreign-accounts-using-auto-create-resolving-on-next-login">Linking two foreign accounts using auto create &amp; resolving on next login</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../authentication-service-admin-guide/service-provider-integration/index.html">Protocol Plugins</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/service-provider-integration/pingfederate.html">PingFederate</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/service-provider-integration/pingfederate.html#configuring-pingfederate">Configuring PingFederate</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/service-provider-integration/pingfederate.html#adapter-configuration">Adapter Configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/service-provider-integration/pingfederate.html#configuring-the-authentication-service">Configuring the Authentication Service</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/service-provider-integration/saml.html">SAML</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/service-provider-integration/saml.html#saml-protocol">SAML protocol</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/service-provider-integration/saml.html#configuring-the-authentication-service">Configuring the Authentication Service</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/service-provider-integration/saml.html#service-provider-app-integration">Service Provider (App) integration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/service-provider-integration/saml.html#federation-server-integration">Federation Server integration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/service-provider-integration/saml.html#saml-logout">SAML Logout</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../authentication-service-admin-guide/account-managers/index.html">Account Manager</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/account-managers/index.html#registration-create-account">Registration - Create account</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/account-managers/index.html#username-is-email">Username is Email</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../authentication-service-admin-guide/service-providers.html">Service Providers</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/service-providers.html#introduction">Introduction</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/service-providers.html#managing-service-providers-in-the-admin-ui">Managing Service Providers in the Admin UI</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/service-providers.html#framable-user-interface">Framable User Interface</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/service-providers.html#multiple-values-for-allowed-origins">Multiple values for ‘allowed-origins’</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/service-providers.html#origin-uri-pattern-format">Origin URI pattern format</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/service-providers.html#original-query-retry-integration">Original Query retry integration</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/service-providers.html#example">Example</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/service-providers.html#example-oauth-client">Example OAuth Client</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/service-providers.html#third-party-cookies-1">Third Party Cookies</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/service-providers.html#steps-to-integrate-preflighting-1">Steps to Integrate Preflighting</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/service-providers.html#advanced-preflight-behaviour">Advanced Preflight behaviour</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/service-providers.html#disabling-the-preflight-resource">Disabling the Preflight Resource</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../authentication-service-admin-guide/authenticator-filters.html">Authenticator Filters</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticator-filters.html#user-agent-authenticator-filter">User-Agent Authenticator Filter</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticator-filters.html#cidr-authenticator-filter">CIDR Authenticator Filter</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticator-filters.html#script-authenticator-filter">Script Authenticator Filter</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/authenticator-filters.html#geolocation-authenticator-filter">Geolocation Authenticator Filter</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../authentication-service-admin-guide/single-sign-on.html">Single Sign-On</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/single-sign-on.html#requirements-for-sso">Requirements for SSO</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/single-sign-on.html#session-duration">Session Duration</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/single-sign-on.html#session-cookies-vs-persisted-cookies">Session cookies vs Persisted Cookies</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/single-sign-on.html#database-persisted-session">Database persisted session</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/single-sign-on.html#expiration">Expiration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/single-sign-on.html#example">Example</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/single-sign-on.html#overriding-sso">Overriding SSO</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/single-sign-on.html#freshness">Freshness</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/single-sign-on.html#forcing-authentication">Forcing authentication</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../authentication-service-admin-guide/auto-login.html">Automatic Login</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/auto-login.html#authenticator-availability">Authenticator Availability</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../authentication-service-admin-guide/logout.html">Logout</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/logout.html#endpoint">Endpoint</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/logout.html#redirect-after-logout">Redirect After Logout</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/logout.html#using-configuration">Using configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/logout.html#using-query-parameter">Using query parameter</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/logout.html#configuration">Configuration</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../authentication-service-admin-guide/geolocation.html">Geolocation</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/geolocation.html#geolocation-database-file">Geolocation Database File</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/geolocation.html#geolocation-actions">Geolocation Actions</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/geolocation.html#geolocation-allow-or-deny-country-action">Geolocation Allow or Deny Country Action</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/geolocation.html#geolocation-changed-country-action">Geolocation Changed Country Action</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/geolocation.html#geolocation-impossible-journey-action">Geolocation Impossible Journey Action</a></li> <li class="toctree-l4"><a class="reference internal" href="../../authentication-service-admin-guide/geolocation.html#geolocation-new-country-action">Geolocation New Country Action</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/geolocation.html#geolocation-authenticator-filter">Geolocation authenticator filter</a></li> <li class="toctree-l3"><a class="reference internal" href="../../authentication-service-admin-guide/geolocation.html#geolocation-authenticator-settings">Geolocation authenticator settings</a></li> </ul> </li> </ul> </li> <li class="toctree-l1"><a class="reference internal" href="../../token-service-admin-guide/index.html">Token Service Admin Guide</a><ul> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/introduction.html">Introduction to the Token Service</a></li> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/defining-oauth-profile.html">Defining an OAuth Profile</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/defining-oauth-profile.html#preparing-the-oauth-profile">Preparing the OAuth Profile</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/defining-oauth-profile.html#openid-connect">OpenID Connect</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/defining-oauth-profile.html#pre-requisite-configuration">Pre-requisite configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/defining-oauth-profile.html#base-configuration-of-an-oauth-profile">Base Configuration of an OAuth Profile</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/defining-oauth-profile.html#example-create-request">Example create request</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/index.html">OAuth Flows</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/index.html#code">Code</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/index.html#proof-key-for-code-exchange">Proof Key for Code Exchange</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/index.html#implicit">Implicit</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/index.html#client-credentials">Client Credentials</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/index.html#resource-owner-password-credentials">Resource Owner Password Credentials</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/index.html#openid-connect-hybrid-flows">OpenID Connect Hybrid Flows</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/index.html#openid-connect-ciba-flow">OpenID Connect CIBA Flow</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/index.html#signed-authentication-request">Signed Authentication Request</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/index.html#oauth-2-0-token-exchange">OAuth 2.0 Token Exchange</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/index.html#default-oauth-2-0-token-exchange-behaviour">Default OAuth 2.0 Token Exchange Behaviour</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/index.html#token-exchange">Token Exchange</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/index.html#assisted-token">Assisted Token</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/index.html#refresh">Refresh</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/index.html#revoke">Revoke</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/index.html#introspect">Introspect</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/index.html#introspect-with-application-jwt-as-accept-header">Introspect with application/jwt as accept header</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/index.html#json-web-key-set-jwks">Json Web Key Set (JWKS)</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/index.html#device-authorization-flow">Device Authorization Flow</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/index.html#assertion-flow">Assertion Flow</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/index.html#token-reuse">Token reuse</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/index.html#logout-flow">Logout Flow</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/device-flow.html">Using the device flow</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/device-flow.html#configuration">Configuration</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/device-flow.html#endpoints">Endpoints</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/device-flow.html#device-authorization">Device Authorization</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/device-flow.html#usercode-verification">UserCode Verification</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/device-flow.html#token-endpoint">Token Endpoint</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/device-flow.html#token-procedures">Token Procedures</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/oauth-flows/device-flow.html#templates">Templates</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/scopes.html">Scopes and Claims</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/scopes.html#adding-a-scope-to-the-profile">Adding a scope to the profile</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/scopes.html#adding-a-scope-to-a-client">Adding a scope to a client</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/scopes.html#scope-lifetime">Scope Lifetime</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/scopes.html#required-scopes">Required scopes</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/scopes.html#prefix-scopes">Prefix scopes</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/scopes.html#customizing-prefix-scope-templates-and-messages">Customizing prefix scope templates and messages</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/scopes.html#claims-of-a-scope">Claims of a scope</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/scopes.html#claims-i-o">Claims I/O</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/scopes.html#claim-configuration">Claim configuration</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/scopes.html#claim-mappers">Claim mappers</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/scopes.html#claim-value-providers">Claim value providers</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/scopes.html#configuring-a-claim">Configuring a claim</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/user-authentication.html">Configuring OAuth User Authentication</a></li> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/openid-connect.html">OpenID Connect</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/openid-connect.html#metadata">Metadata</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/openid-connect.html#the-claims-request-parameter">The “claims” request parameter</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/openid-connect.html#issuing-pseudonymous-subject-identifiers">Issuing pseudonymous subject identifiers</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/openid-connect.html#client-settings">Client settings</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/openid-connect.html#profile-settings">Profile settings</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/openid-connect.html#sector-identifier-for-dynamic-client-registration">Sector Identifier for Dynamic Client Registration</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/metadata.html">OAuth Metadata</a></li> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/metadata.html#openid-connect-metadata">OpenID Connect Metadata</a></li> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/dcr/index.html">Dynamic Client Registration</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/dcr/dcr.html">Architectural Overview of Dynamic Client Registration</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/dcr/dcr.html#deployments-and-configurations">Deployments and Configurations</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/dcr/dcr.html#initial-access-token">Initial Access Token</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/dcr/dcr.html#registration">Registration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/dcr/dcr.html#registration-based-on-a-template-client">Registration Based on a Template Client</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/dcr/dcr.html#registration-based-on-a-non-templatized-client">Registration Based on a Non-templatized Client</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/dcr/dcr.html#enabling-dcr">Enabling Dynamic Client Registration</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/dcr/dcr.html#dynamic-client-registration-management-dcrm">Dynamic Client Registration Management (DCRM)</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/dcr/dcr.html#client-certificates-and-dcrm">Client Certificates and DCRM</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/dcr/dcr.html#dcrm-management-clients">DCRM Management Clients</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/dcr/dcr.html#dynamic-client-management-with-graphql">Dynamic Client Management With GraphQL</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/dcr/dcr-api.html">Dynamic Client Registration API</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/dcr/dcr-api.html#templatized-dcr">Templatized Dynamic Client Registration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/dcr/dcr-api.html#non-templatized-dcr">Non-Templatized Dynamic Client Registration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/dcr/dcr-api.html#custom-client-properties">Custom Client Properties</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/database_clients/index.html">Database Client Management</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/database_clients/index.html#database-client-vs-dcr">Database Client VS DCR</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/database_clients/index.html#enabling-database-clients">Enabling Database Clients</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/database_clients/index.html#configuring-a-data-source">Configuring a Data Source</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/database_clients/index.html#create-a-database-client-endpoint">Create a Database Client Endpoint</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/database_clients/index.html#authorization-access">Authorization Access</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/database_clients/index.html#managing-database-clients-in-the-dd">Managing Database Clients in the DevOps Dashboard</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/database_clients/index.html#configuring-clients">Configuring Clients</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/database_clients/index.html#warnings">Warnings</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/database_clients/index.html#database-client-limitations">Database Client Limitations</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/clients.html">OAuth Client Configuration</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/clients.html#client-capabilities">Client Capabilities</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/clients.html#hybrid-capabilities">Hybrid Capabilities</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/clients.html#user-authentication">User Authentication</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/clients.html#client-authentication-1">Client Authentication</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/clients.html#client-secret-1">Client Secret</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/clients.html#client-assertion-1">Client Assertion</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/clients.html#secondary-authentication">Secondary authentication</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/clients.html#client-framability-1">Client Framability</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/clients.html#examples">Examples</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/clients.html#redirect-uri-validation-1">Redirect URI validation</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/clients.html#validation-policies">Validation policies</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/clients.html#using-validate-port-on-loopback-interfaces-and-allow-per-request-redirect-uris-deprecated">Using Validate Port on Loopback Interfaces and Allow Per Request Redirect URIs (deprecated)</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/token-issuance/index.html">Issuing OAuth and OpenId Connect Tokens</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/token-issuance/index.html#default-token-issuers">Default Token Issuers</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/token-issuance/index.html#custom-token-issuers">Custom Token Issuers</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/token-issuance/index.html#more-on-wrapped-opaque-tokens">More on Wrapped Opaque Tokens</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/token-issuance/index.html#encrypted-id-tokens">Encrypted ID Tokens</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/endpoints.html">OAuth Endpoint Reference</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/endpoints.html#anonymous">Anonymous</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/endpoints.html#authorize">Authorize</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/endpoints.html#assisted-token">Assisted Token</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/endpoints.html#introspect">Introspect</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/endpoints.html#revoke">Revoke</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/endpoints.html#token">Token</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/endpoints.html#user-info">User Info</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/endpoints.html#dynamic-client-registration">Dynamic Client Registration</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/endpoints.html#database-client-management">Database Client Management</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/endpoints.html#device-authorization">Device Authorization</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/endpoints.html#openid-connect-sessions">OpenID Connect Sessions</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/endpoints.html#backchannel-authentication">Backchannel Authentication</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/endpoints.html#verifiable-credentials">Verifiable Credentials</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/user-consent.html">User Consent</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/user-consent.html#consenting-to-requested-claims">Consenting to requested claims</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/user-consent.html#example">Example</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/user-consent.html#asking-for-consent">Asking for consent</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/user-consent.html#example-user-consent-gathering">Example user consent gathering</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/user-consent.html#example-with-prompt">Example with <code class="docutils literal notranslate"><span class="pre">prompt</span></code></a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/user-consent.html#enabling-user-consent">Enabling user consent</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/user-consent.html#the-user-consent-template">The user consent template</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/user-consent.html#example-claim-localization">Example claim localization</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/user-consent.html#showing-prefix-scopes">Showing prefix scopes</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/user-consent.html#consentors">Consentors</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/consentors/index.html">Consentors</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/consentors/bankid.html">BankID</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/consentors/bankid.html#integrating-with-bankid">Integrating with BankID</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/consentors/bankid.html#signing-consent-data">Signing Consent Data</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/consentors/bankid.html#qr-code">QR Code</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/consentors/bankid.html#asking-user-for-personal-number">Asking user for personal number</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/consentors/bankid.html#signing-cancellation">Signing cancellation</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/consentors/bankid.html#configuration-settings">Configuration settings</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/consentors/bankid.html#bankid-consentor-response">BankID Consentor Response</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/consentors/bankid.html#testing-the-integration-and-configuration">Testing the Integration and Configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/consentors/bankid.html#persisting-the-bankid-responses">Persisting the BankID Responses</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/consentors/index.html#profile-configuration">Profile configuration</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/consentors/index.html#client-configuration">Client configuration</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/consentors/index.html#consentor-selection">Consentor selection</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/consentors/index.html#consentor-templates">Consentor templates</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/consentors/index.html#consentor-result">Consentor result</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/mutual-tls.html">Mutual TLS Authentication</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/mutual-tls.html#tls-termination">TLS termination</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/mutual-tls.html#binding-certificates-to-tokens">Binding certificates to tokens</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/mutual-tls.html#trusted-certificates">Trusted certificates</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/mutual-tls.html#trust-by-pki">Trust by PKI</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/mutual-tls.html#trust-by-a-pinned-certificate">Trust by a pinned certificate</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/mutual-tls.html#dn-comparison">DN comparison</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/mutual-tls.html#subject-alternative-name">Subject Alternative Name</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/mutual-tls.html#configuring-mutual-tls">Configuring Mutual TLS</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/mutual-tls.html#proxy-terminated-mutual-tls">Proxy terminated Mutual TLS</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/mutual-tls.html#direct-terminated-mutual-tls">Direct terminated Mutual TLS</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/mutual-tls.html#configuring-trust">Configuring trust</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/mutual-tls.html#reverse-proxy-server-setup">Reverse Proxy Server Setup</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/mutual-tls.html#generic-reverse-proxy-server-setup">Generic Reverse Proxy Server Setup</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/mutual-tls.html#setting-up-nginx-as-a-reverse-proxy-server">Setting Up NGINX As a Reverse Proxy Server</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/mutual-tls.html#setting-up-haproxy-as-a-reverse-proxy-server">Setting Up HAProxy As a Reverse Proxy Server</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/mutual-tls.html#setting-up-apache-httpd-2-x-as-a-reverse-proxy">Setting Up Apache HTTPD 2.x As a Reverse Proxy</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/mutual-tls.html#non-templatized-dynamic-client-registration-using-mutual-tls">Non-Templatized Dynamic Client Registration using Mutual TLS</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/mutual-tls.html#organizationidentifier">OrganizationIdentifier</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/mutual-tls.html#match-only-organizationidentifier">Match only organizationIdentifier</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/mutual-tls.html#database-clients-upload-client-certificate-pem">Database Clients upload client certificate PEM</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/issuer-discovery.html">OpenID Connect Issuer Discovery</a></li> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/financial-grade.html">Financial-grade Security</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/financial-grade.html#jwt-secured-authorization-request-jar">JWT Secured Authorization Request (JAR)</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/financial-grade.html#pushed-authorization-requests-1">Pushed Authorization Requests</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/financial-grade.html#request-object-handling">Request Object Handling</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/financial-grade.html#jwt-security-authorization-response-mode-jarm">JWT Security Authorization Response Mode (JARM)</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/financial-grade.html#encrypted-id-tokens">Encrypted ID Tokens</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/session-logout.html">Session Management and Logout</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/session-logout.html#session-endpoint">Session Endpoint</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/session-logout.html#logout">Logout</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/session-logout.html#logout-notification">Logout Notification</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/session-logout.html#openid-connect-specifications-for-session-management-and-logout">OpenId Connect specifications for Session Management and Logout</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/token-procedure-plugins.html">Token Procedure Plugins</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/token-procedure-plugins.html#configuring-and-using-token-procedure-plugins">Configuring and using Token Procedure Plugins</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/token-procedure-plugins.html#developing-token-procedure-plugins">Developing Token Procedure Plugins</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/token-procedure-plugins.html#using-custom-token-issuers">Using Custom Token Issuers</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/token-procedure-plugins.html#using-custom-token-introspecters">Using Custom Token Introspecters</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/verifiable-credentials/index.html">Verifiable Credential Issuance</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/verifiable-credentials/pre-authorized-code.html">Pre-authorized Code Flow</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/verifiable-credentials/pre-authorized-code.html#pre-authorized-code-and-user-pin-issuance">Pre-authorized Code and User PIN Issuance</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/verifiable-credentials/rar-for-vci.html">Rich Authorization Requests (RAR) support</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/verifiable-credentials/index.html#formats-and-data-models">Formats and data models</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/verifiable-credentials/index.html#w3c-data-model">W3C data model</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/verifiable-credentials/index.html#sd-jwt-vc-data-model">SD-JWT VC data model</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/verifiable-credentials/index.html#endpoints">Endpoints</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/verifiable-credentials/index.html#token-procedures">Token procedures</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/verifiable-credentials/index.html#credential-request-handling">Credential Request Handling</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/verifiable-credentials/index.html#jwt-vc-json-format-w3c-data-model"><code class="docutils literal notranslate"><span class="pre">jwt_vc_json</span></code> format - W3C data model</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/verifiable-credentials/index.html#vc-sd-jwt-format-sd-jwt-vc-data-model"><code class="docutils literal notranslate"><span class="pre">vc+sd-jwt</span></code> format - SD-JWT VC data model</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/verifiable-credentials/index.html#token-issuers">Token Issuers</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/verifiable-credentials/index.html#authorization-requests">Authorization Requests</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/verifiable-credentials/index.html#configuration-model-summary">Configuration Model Summary</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/verifiable-credentials/index.html#configuration-example">Configuration Example</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../token-service-admin-guide/granted-authorization-graphql-api.html">Granted Authorization GraphQL API</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/granted-authorization-graphql-api.html#endpoint">Endpoint</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/granted-authorization-graphql-api.html#access-control">Access Control</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/granted-authorization-graphql-api.html#licensing">Licensing</a></li> <li class="toctree-l3"><a class="reference internal" href="../../token-service-admin-guide/granted-authorization-graphql-api.html#limitations">Limitations</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/granted-authorization-graphql-api.html#granted-authorization-queries">Granted Authorization Queries</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/granted-authorization-graphql-api.html#granted-authorization-mutations">Granted Authorization Mutations</a></li> <li class="toctree-l4"><a class="reference internal" href="../../token-service-admin-guide/granted-authorization-graphql-api.html#graphqlobligation-candeleteattributes-obligation"><code class="docutils literal notranslate"><span class="pre">GraphQLObligation.CanDeleteAttributes</span></code> obligation</a></li> </ul> </li> </ul> </li> </ul> </li> <li class="toctree-l1"><a class="reference internal" href="../../user-management-admin-guide/index.html">User Management Admin Guide</a><ul> <li class="toctree-l2"><a class="reference internal" href="../../user-management-admin-guide/protocols/index.html">Overview</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../user-management-admin-guide/protocols/scim.html">SCIM 2.0</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../user-management-admin-guide/protocols/scim.html#users">Users</a></li> <li class="toctree-l4"><a class="reference internal" href="../../user-management-admin-guide/protocols/scim.html#devices">Devices</a></li> <li class="toctree-l4"><a class="reference internal" href="../../user-management-admin-guide/protocols/scim.html#delegations">Delegations</a></li> <li class="toctree-l4"><a class="reference internal" href="../../user-management-admin-guide/protocols/scim.html#external-id">External ID</a></li> <li class="toctree-l4"><a class="reference internal" href="../../user-management-admin-guide/protocols/scim.html#custom-claims">Custom claims</a></li> <li class="toctree-l4"><a class="reference internal" href="../../user-management-admin-guide/protocols/scim.html#sorting">Sorting</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../user-management-admin-guide/protocols/graphql.html">GraphQL</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../user-management-admin-guide/protocols/graphql.html#queries-and-mutations">Queries and Mutations</a></li> <li class="toctree-l4"><a class="reference internal" href="../../user-management-admin-guide/protocols/graphql.html#introspection">Introspection</a></li> <li class="toctree-l4"><a class="reference internal" href="../../user-management-admin-guide/protocols/graphql.html#authorization">Authorization</a></li> <li class="toctree-l4"><a class="reference internal" href="../../user-management-admin-guide/protocols/graphql.html#custom-attributes">Custom Attributes</a></li> <li class="toctree-l4"><a class="reference internal" href="../../user-management-admin-guide/protocols/graphql.html#data-sources">Data Sources</a></li> <li class="toctree-l4"><a class="reference internal" href="../../user-management-admin-guide/protocols/graphql.html#more-details">More Details</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../user-management-admin-guide/protocols/oauth-protected.html">OAuth Protected</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../user-management-admin-guide/defining-user-management-profile.html">Defining a User Management Service Profile</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../user-management-admin-guide/defining-user-management-profile.html#preparing-the-user-management-service">Preparing the User Management Service</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../user-management-admin-guide/defining-user-management-profile.html#pre-requisite-configuration">Pre-requisite configuration</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../user-management-admin-guide/defining-user-management-profile.html#step-by-step-guide-to-setup-a-user-management-service">Step by step guide to setup a User Management Service</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../user-management-admin-guide/defining-user-management-profile.html#add-the-profile">1. Add the profile</a></li> <li class="toctree-l4"><a class="reference internal" href="../../user-management-admin-guide/defining-user-management-profile.html#select-oauth-service">2. Select OAuth Service</a></li> <li class="toctree-l4"><a class="reference internal" href="../../user-management-admin-guide/defining-user-management-profile.html#select-user-account-data-source">3. Select User Account Data Source</a></li> <li class="toctree-l4"><a class="reference internal" href="../../user-management-admin-guide/defining-user-management-profile.html#select-oauth-delegations-data-source">4. Select OAuth Delegations Data Source</a></li> <li class="toctree-l4"><a class="reference internal" href="../../user-management-admin-guide/defining-user-management-profile.html#setting-up-the-endpoints">5. Setting up the endpoints</a></li> <li class="toctree-l4"><a class="reference internal" href="../../user-management-admin-guide/defining-user-management-profile.html#exposing-the-endpoints-on-a-service-node">6. Exposing the Endpoints on a Service (node)</a></li> <li class="toctree-l4"><a class="reference internal" href="../../user-management-admin-guide/defining-user-management-profile.html#commit-the-changes">7. Commit the changes</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../user-management-admin-guide/defining-user-management-profile.html#user-credentials">User Credentials</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../user-management-admin-guide/defining-user-management-profile.html#password-validation">Password validation</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../user-management-admin-guide/defining-user-management-profile.html#username-updates">Username updates</a></li> </ul> </li> </ul> </li> <li class="toctree-l1"><a class="reference internal" href="../../developer-guide/index.html">Developer Guide</a><ul> <li class="toctree-l2"><a class="reference internal" href="../../developer-guide/authentication-service/index.html">Authentication Service</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/authentication-service/index.html#authenticators">Authenticators</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/authentication-service/authenticators/index.html">Authenticators</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/authentication-service/index.html#endpoints">Endpoints</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/authentication-service/authentication-endpoint.html">Authentication Endpoint</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/authentication-service/registration-endpoint.html">Registration Endpoint</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/authentication-service/anonymous-endpoint.html">Anonymous endpoint</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/authentication-service/authenticators/index.html">Authenticators</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../developer-guide/oauth-service/index.html">OAuth Service</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/oauth-service/web-clients/index.html">Web Clients</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/oauth-service/web-clients/assisted-token-javascript.html">Assisted Token JavaScript API</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/oauth-service/oauth-cors.html">CORS on the OAuth Server</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/oauth-service/oauth-cors.html#default-cors-enabled-endpoints">Default CORS Enabled Endpoints</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/oauth-service/oauth-cors.html#endpoints-that-can-be-cors-enabled">Endpoints that Can be CORS Enabled</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/oauth-service/oauth-token-exchange.html">OAuth 2.0 Token Exchange Customization</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/oauth-service/oauth-token-exchange.html#introspection-of-provided-tokens">Introspection of provided tokens</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../developer-guide/data-sources/index.html">Data Sources</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/data-sources/scim-1-1-backend.html">Using SCIM v1.1 as Data Source</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/data-sources/scim-1-1-backend.html#client-authentication">Client Authentication</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/data-sources/scim-1-1-backend.html#required-scim-operations">Required SCIM operations</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/data-sources/json-datasource.html">JSON Data Source</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/data-sources/json-datasource.html#credential-verification">Credential verification</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/data-sources/json-datasource.html#attribute-provider">Attribute Provider</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/data-sources/json-datasource.html#bucket-access">Bucket Access</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/data-sources/json-datasource.html#authentication">Authentication</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../developer-guide/sms/sms-rest-client.html">SMS REST Client</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/sms/sms-rest-client.html#sending-a-message">Sending a message</a></li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/sms/sms-rest-client.html#response-and-errors">Response and Errors</a></li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/sms/sms-rest-client.html#authentication">Authentication</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../developer-guide/email/email-provider.html">Email Provider Plugin</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/email/email-provider.html#smtp-plugin-s-message-contents-rendering">SMTP Plugin’s message contents rendering</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../developer-guide/front-end-development/index.html">Front-End Development</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/front-end-development/overview.html">Introduction</a></li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/front-end-development/overview.html#understanding-the-templating-system">Understanding the Templating System</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/overview.html#the-template-override-system">The Template Override System</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/overview.html#overrides">Overrides</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/overview.html#template-areas">Template Areas</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/overview.html#serving-templates-via-the-anonymous-endpoint">Serving templates via the anonymous endpoint</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/overview.html#error-templates">Error templates</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/overview.html#common-template-variables">Common Template Variables</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/overview.html#authentication-service-template-variables">Authentication Service Template Variables</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/overview.html#never-remove-csp">Never Remove CSP</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/front-end-development/ui-builder.html">Using the UI Builder</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/ui-builder.html#setting-up-the-environment">Setting up the environment</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/ui-builder.html#running-the-previewer">Running the previewer</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/ui-builder.html#working-with-velocity-variables">Working with Velocity variables</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/ui-builder.html#overriding-templates">Overriding templates</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/ui-builder.html#working-with-template-areas">Working with template areas</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/ui-builder.html#working-with-translations">Working with translations</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/ui-builder.html#building">Building</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/front-end-development/settings-and-theme.html">Customizing the Look and Feel</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/settings-and-theme.html#creating-custom-themes-in-the-admin-ui">Creating Custom Themes in the Admin UI</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/settings-and-theme.html#how-to-create-your-custom-theme-in-ui-builder">How to create your custom theme in UI Builder</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/settings-and-theme.html#how-to-work-with-sass">How to work with Sass</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/settings-and-theme.html#themes">Themes</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/settings-and-theme.html#using-external-web-fonts">Using External Web Fonts</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/settings-and-theme.html#compiling-assets">Compiling Assets</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/settings-and-theme.html#how-to-work-with-the-settings-file">How to work with the settings file</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/front-end-development/localization.html">Localizing Resources</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/localization.html#about-locales-1">About Locales</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/localization.html#using-localized-messages-in-templates">Using localized messages in templates</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/localization.html#message-keys-1">Message keys</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/localization.html#message-lookup">Message lookup</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/localization.html#message-files-format">Message Files Format</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/localization.html#using-plugin-specific-messages-in-re-usable-templates">Using plugin-specific messages in re-usable templates</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/front-end-development/right-to-left-languages.html">Right-to-left languages</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/right-to-left-languages.html#how-curity-supports-right-to-left-languages">How Curity supports Right-to-left languages</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/right-to-left-languages.html#set-up-the-language">Set up the language</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/right-to-left-languages.html#default-rtl-languages">Default RTL Languages</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/right-to-left-languages.html#message-files">Message Files</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/right-to-left-languages.html#css-logical-properties">CSS Logical Properties</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/right-to-left-languages.html#custom-styling">Custom Styling</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/front-end-development/framing.html">Secure Iframing</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/front-end-development/framing.html#pre-requisites">Pre-requisites</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/front-end-development/api-driven.html">API Driven UI</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../developer-guide/scripting/index.html">Scripting Guide</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/scripting/credential-transformation-procedures.html">Credential Transformation Procedures</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/credential-transformation-procedures.html#function">Function</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/credential-transformation-procedures.html#examples">Examples</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/scripting/event-listener-procedures.html">EventListener procedures</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/event-listener-procedures.html#configuring-eventlistener-procedures">Configuring EventListener Procedures</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/event-listener-procedures.html#common-api">Common API</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/event-listener-procedures.html#eventlistener-functions">EventListener functions</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/scripting/filter-procedures.html">Filter procedures</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/filter-procedures.html#function">Function</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/filter-procedures.html#common-api">Common API</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/filter-procedures.html#api">API</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/scripting/global-scripts.html">Global Scripts</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/global-scripts.html#common-api">Common API</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/global-scripts.html#global-constants">Global Constants</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/scripting/token-procedures.html">Token procedures</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/token-procedures.html#issuing-tokens">Issuing tokens</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/token-procedures.html#token-procedure-function-signature">Token Procedure Function Signature</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/token-procedures.html#including-request-parameters-values">Including Request Parameters Values</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/scripting/token-procedure-api.html">Token Procedure API</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/token-procedure-api.html#context">Context</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/scripting/token-procedure-examples.html">Token Procedure Examples</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/token-procedure-examples.html#overview">Overview</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/token-procedure-examples.html#assisted-token-endpoint">Assisted Token Endpoint</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/token-procedure-examples.html#authorize-endpoint">Authorize Endpoint</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/token-procedure-examples.html#introspection-endpoint">Introspection Endpoint</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/token-procedure-examples.html#token-endpoint">Token Endpoint</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/token-procedure-examples.html#userinfo-endpoint">UserInfo Endpoint</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/scripting/transformation-procedures.html">Transformation Procedures</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/transformation-procedures.html#common-api">Common API</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/transformation-procedures.html#function">Function</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/transformation-procedures.html#return-value">Return Value</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/transformation-procedures.html#examples">Examples</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/scripting/userinfo-procedures.html">Userinfo procedures</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/userinfo-procedures.html#common-api">Common API</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/userinfo-procedures.html#claims">Claims</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/userinfo-procedures.html#common-api-1">Common API</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/userinfo-procedures.html#function">Function</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/userinfo-procedures.html#return-value">Return Value</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/userinfo-procedures.html#examples">Examples</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/scripting/validation-procedures.html">Validation procedures</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/validation-procedures.html#common-api">Common API</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/validation-procedures.html#function">Function</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/validation-procedures.html#return-value">Return Value</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/validation-procedures.html#examples">Examples</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/scripting/pre-processing-procedures.html">Pre-Processing Procedures</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/pre-processing-procedures.html#function">Function</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/pre-processing-procedures.html#return-value">Return Value</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/pre-processing-procedures.html#examples">Examples</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/scripting/post-processing-procedures.html">Post-Processing Procedures</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/post-processing-procedures.html#function">Function</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/post-processing-procedures.html#return-value">Return Value</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/post-processing-procedures.html#examples">Examples</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/scripting/common-procedure-api.html">Common Procedure API</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/common-procedure-api.html#common-procedure-objects">Common Procedure Objects</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/common-procedure-api.html#procedure-context-object">Procedure Context object</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/common-procedure-api.html#common-operations-examples">Common Operations Examples</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/scripting/index.html#developing-procedures">Developing Procedures</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/index.html#logging-1">Logging</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/scripting/index.html#exceptions">Exceptions</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../developer-guide/plugins/index.html">Plugins</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/plugins/index.html#access-to-the-curity-release-repository">Access to the Curity Release Repository</a></li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/plugins/index.html#plugin-installation">Plugin Installation</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/plugins/index.html#classpath-considerations-1">Classpath considerations</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/plugins/index.html#basic-structure-of-a-plugin">Basic structure of a plugin</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/plugins/index.html#smssender-plugin-example">SmsSender Plugin Example</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/plugins/index.html#managed-objects-1">Managed Objects</a></li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/plugins/index.html#plugin-services-1">Plugin Services</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/plugins/index.html#service-restrictions-by-plugin-type">Service Restrictions by Plugin Type</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/plugins/index.html#service-restrictions-in-managedobject">Service Restrictions in <code class="docutils literal notranslate"><span class="pre">ManagedObject</span></code></a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/plugins/index.html#cross-site-plugin-handlers-1">Cross-site Plugin Handlers</a></li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/plugins/index.html#java-version">Java Version</a></li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/plugins/index.html#server-provided-dependencies-1">Server-Provided Dependencies</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/plugins/index.html#slf4j-logging-api">SLF4J Logging API</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/plugins/index.html#bean-validation-api">Bean Validation API</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/plugins/index.html#hibernate-validator-engine">Hibernate Validator Engine</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/plugins/index.html#kotlin-standard-library">Kotlin Standard Library</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/plugins/index.html#serialization">Serialization</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../developer-guide/haapi/index.html">Hypermedia Authentication API</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/haapi/index.html#introduction">Introduction</a></li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/haapi/index.html#access-control">Access control</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/haapi/index.html#client-attestation">Client attestation</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/haapi/index.html#android-client-attestation-configuration">Android client attestation configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/haapi/index.html#ios-client-attestation-configuration">iOS client attestation configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/haapi/index.html#browser-web-client-attestation-configuration">Browser (Web) client attestation configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/haapi/index.html#disabling-attestation-for-testing-purposes">Disabling attestation for testing purposes</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/haapi/index.html#debugging-web-cat-problems">Debugging Web CAT problems</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/haapi/index.html#attestation-fallback-and-dynamically-registered-clients">Attestation fallback and dynamically registered clients</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/haapi/index.html#authorization-code-and-refresh-token-binding">Authorization code and refresh token binding</a></li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/haapi/index.html#flow-state-management">Flow state management</a></li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/haapi/index.html#api-driven-ui">API Driven UI</a></li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/haapi/index.html#examples">Examples</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/haapi/example-username.html">Example - Username and password based authentication</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/haapi/example-encap.html">Example - Encap authentication with device registration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/haapi/example-external-browser.html">Example - Using an external browser</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/haapi/index.html#sdk">SDK</a><ul> <li class="toctree-l4"><a class="reference external" href="https://curity.io/docs/haapi-android-sdk/latest">HAAPI Android SDK</a></li> <li class="toctree-l4"><a class="reference external" href="https://curity.io/docs/haapi-ios-sdk/latest">HAAPI iOS SDK</a></li> <li class="toctree-l4"><a class="reference external" href="https://curity.io/docs/haapi-web-sdk/latest">HAAPI Web SDK</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../developer-guide/sdk/index.html">Curity SDKs</a><ul> <li class="toctree-l3"><a class="reference external" href="https://curity.io/docs/idsvr-java-plugin-sdk/latest">Java Plugin SDK</a></li> <li class="toctree-l3"><a class="reference external" href="https://curity.io/docs/haapi-android-sdk/latest">HAAPI Android SDK</a></li> <li class="toctree-l3"><a class="reference external" href="https://curity.io/docs/haapi-ios-sdk/latest">HAAPI iOS SDK</a></li> <li class="toctree-l3"><a class="reference external" href="https://curity.io/docs/haapi-web-sdk/latest">HAAPI Web SDK</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../developer-guide/graphql/index.html">GraphQL APIs</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/graphql/index.html#using-access-tokens">Using Access Tokens</a></li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/graphql/index.html#introspecting-the-schema">Introspecting the Schema</a></li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/graphql/index.html#using-queries">Using Queries</a></li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/graphql/index.html#mutation-errors">Mutation Errors</a></li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/graphql/index.html#dynamodb-limitations-1">DynamoDB limitations</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/graphql/index.html#user-management-service-limitations">User Management service limitations</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/graphql/index.html#dynamic-client-registration-service-limitations">Dynamic Client Registration service limitations</a></li> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/graphql/index.html#database-client-limitations">Database Client limitations</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/graphql/index.html#mongodb-limitations-1">MongoDB limitations</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../developer-guide/graphql/index.html#starts-with-filter-type">Starts With Filter Type</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../developer-guide/graphql/index.html#graphql-error-for-unsupported-features">GraphQL error for unsupported features</a></li> </ul> </li> </ul> </li> <li class="toctree-l1"><a class="reference internal" href="../../configuration-guide/index.html">Configuration Guide</a><ul> <li class="toctree-l2"><a class="reference internal" href="../../configuration-guide/overview.html">Overview</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/overview.html#transactional-configuration">Transactional configuration</a></li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/overview.html#rollbacks-and-history">Rollbacks and history</a></li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/overview.html#factory-default">Factory default</a></li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/overview.html#mandatory-optional-and-default-parameters">Mandatory, optional and default parameters</a></li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/overview.html#configuration-interfaces">Configuration interfaces</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/overview.html#service-roles">Service Roles</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/overview.html#profiles">Profiles</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/overview.html#endpoints">Endpoints</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/overview.html#using-endpoints-in-service-roles">Using Endpoints in Service Roles</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/overview.html#commit-hooks">Commit Hooks</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../configuration-guide/curity-web-ui.html">Curity Admin Web UI</a></li> <li class="toctree-l2"><a class="reference internal" href="../../configuration-guide/restconf.html">RESTCONF API</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/restconf.html#general-concepts">General Concepts</a></li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/restconf.html#restconf-endpoint">RESTCONF Endpoint</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/restconf.html#uris">URIs</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/restconf.html#restconf-operations">RESTCONF Operations</a></li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/restconf.html#querying-data">Querying Data</a></li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/restconf.html#rollback-using-restconf">Rollback using RESTCONF</a></li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/restconf.html#invoking-yang-actions-using-restconf">Invoking YANG Actions Using RESTCONF</a></li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/restconf.html#message-encoding">Message Encoding</a></li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/restconf.html#authentication">Authentication</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../configuration-guide/command-line-interface.html">Command Line Interface</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/command-line-interface.html#connect-to-the-cli">Connect to the CLI</a></li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/command-line-interface.html#modes-in-the-cli">Modes in the CLI</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/command-line-interface.html#view-mode">View mode</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/command-line-interface.html#configuration-mode">Configuration mode</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/command-line-interface.html#basic-usage">Basic Usage</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/command-line-interface.html#viewing-the-configuration">Viewing the configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/command-line-interface.html#changing-the-configuration">Changing the configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/command-line-interface.html#applying-the-configuration">Applying the configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/command-line-interface.html#rollback-changes">Rollback changes</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/command-line-interface.html#advanced-usage">Advanced Usage</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/command-line-interface.html#moving-through-the-configuration-using-edit">Moving through the configuration using Edit</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/command-line-interface.html#showing-selected-values-only">Showing selected values only</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/command-line-interface.html#exporting-configuration">Exporting configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/command-line-interface.html#loading-configuration">Loading configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/command-line-interface.html#multiline-edit-mode">Multiline Edit Mode</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/command-line-interface.html#scripting-and-automation">Scripting and automation</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../configuration-guide/commit-hooks.html">Commit Hooks</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/commit-hooks.html#commit-hook-cli-scripts">Commit Hook CLI Scripts</a></li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/commit-hooks.html#commit-hook-scripts">Commit Hook Scripts</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../configuration-guide/encrypted-config.html">Encrypted Configuration</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/encrypted-config.html#setup-encryption">Setup Encryption</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/encrypted-config.html#defining-a-key-during-installation">Defining a key during installation</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/encrypted-config.html#defining-encryption-key-on-startup">Defining Encryption Key on Startup</a></li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/encrypted-config.html#change-encryption-key">Change Encryption Key</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/encrypted-config.html#re-encrypting-custom-plugin-configuration">Re-encrypting custom Plugin configuration</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../configuration-guide/backup.html">Backing Up the Configuration</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/backup.html#using-the-idsvr-command">Using the <strong class="command">idsvr</strong> Command</a></li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/backup.html#using-the-idsh-command">Using the <strong class="command">idsh</strong> Command</a></li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/backup.html#using-the-web-ui">Using the Web UI</a></li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/backup.html#using-the-restconf-api">Using the RESTCONF API</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../configuration-guide/backup.html#restoring-a-saved-configuration">Restoring a Saved Configuration</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/backup.html#using-the-idsvr-command-1">Using the <strong class="command">idsvr</strong> Command</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../configuration-guide/factory-reset.html">Restoring the Initial Configuration</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/factory-reset.html#preserving-the-configuration-database">Preserving the Configuration Database</a></li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/factory-reset.html#deleting-the-configuration-database">Deleting the Configuration Database</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/factory-reset.html#stop-the-admin-node">1. Stop the admin node</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/factory-reset.html#remove-the-running-datastore">2. Remove the running datastore</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/factory-reset.html#check-the-min-conf-xml-and-key-conf-xml">3. Check the min-conf.xml and key-conf.xml</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/factory-reset.html#making-sure-the-default-procedures-are-in-place">4. Making sure the default procedures are in place</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/factory-reset.html#make-sure-the-appropriate-certificates-are-initialized">5. Make sure the appropriate certificates are initialized</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/factory-reset.html#start-the-admin-node">6. Start the admin node</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../configuration-guide/parameterized-configuration.html">Parameterized XML Configuration</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/parameterized-configuration.html#example">Example:</a></li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/parameterized-configuration.html#default-values">Default Values</a></li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/parameterized-configuration.html#using-startup-properties">Using startup.properties</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../configuration-guide/access-control.html">Access Control</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/access-control.html#defining-rules-in-the-admin-ui">Defining Rules in the Admin UI</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/access-control.html#rules-for-the-dd">Rules for the DevOps Dashboard</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/access-control.html#enforcement-of-access-control-rules">Enforcement of Access Control Rules</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../configuration-guide/reference/index.html">Configuration Reference</a><ul> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/reference/config.html">Environment</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#localization">Localization</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#white-listed-proxies">White-listed-proxies</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#cluster">Cluster</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#admin-service">Admin-service</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#themes">Themes</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#zones">Zones</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#service-role">Service-role</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#runtime-service">Runtime-service</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#reporting">Reporting</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#alarms">Alarms</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#telemetry">Telemetry</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/reference/config.html#profile">Profile</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#authentication-service">Authentication-service</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#apps-service">Apps-service</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#authorization-server">Authorization-server</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#user-management-service">User-management-service</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#endpoints">Endpoints</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#token-issuers">Token-issuers</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/reference/config.html#facilities">Facilities</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#cache">Cache</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#client-2">Client</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#data-source-2">Data-source</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#email-provider-3">Email-provider</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#sms-provider">Sms-provider</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#crypto">Crypto</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#caching-services">Caching-services</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#client-attestation">Client-attestation</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/reference/config.html#processing">Processing</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#token-procedure">Token-procedure</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#global-script">Global-script</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#validation-procedure">Validation-procedure</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#transformation-procedure">Transformation-procedure</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#filter-procedure">Filter-procedure</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#event-listener-procedure">Event-listener-procedure</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#claims-provider-procedure">Claims-provider-procedure</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#credential-transformation-procedure">Credential-transformation-procedure</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#pre-processing-procedure">Pre-processing-procedure</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#post-processing-procedure">Post-processing-procedure</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#authorization-manager">Authorization-manager</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#event-listener">Event-listener</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#account-manager-15">Account-manager</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#credential-manager-1">Credential-manager</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#credential-policies">Credential-policies</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/reference/config.html#alarms-1">Alarms</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#control">Control</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#alarm-inventory">Alarm-inventory</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#summary">Summary</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#alarm-list">Alarm-list</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#shelved-alarms">Shelved-alarms</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/config.html#alarm-profile">Alarm-profile</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/reference/yang-types.html">Base Types</a></li> <li class="toctree-l3"><a class="reference internal" href="../../configuration-guide/reference/types.html">Type Reference</a><ul> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/types.html#types">Types</a></li> <li class="toctree-l4"><a class="reference internal" href="../../configuration-guide/reference/types.html#identities">Identities</a></li> </ul> </li> </ul> </li> </ul> </li> <li class="toctree-l1"><a class="reference internal" href="../../glossary.html">Glossary</a></li> </ul> </div> </div> </aside> <section class="article-content"> <div class="article-text article-text-with-toc "> <nav role="navigation" aria-label="breadcrumbs navigation" class="breadcrumbs sm-flex flex-center justify-between"> <ul class="list-reset m0"> <li><a href="../../index.html">Docs</a> <span>/</span></li> <li><a href="../index.html">System Admin Guide</a> <span>/</span></li> <li><a href="index.html">Deployment</a> <span>/</span></li> <li>Multi-region Deployments</li> <li class=""> </li> </ul> <div class="flex flex-center justify-between mt1 lg-mt0"> <div class="flex flex-center justify-between"> <div class="rst-footer-buttons rst-footer-buttons-nav flex justify-end" role="navigation" aria-label="footer navigation"> <a href="docker.html" class="btn inline-flex flex-center justify-between mr1" title="Deploying with Docker" accesskey="p"> <svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M15 18l-6-6 6-6"/></svg> </a> <a href="../email-providers/index.html" class="btn inline-flex flex-center justify-between" title="Email Providers" accesskey="n"> <svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M9 18l6-6-6-6"/></svg> </a> </div> <div> <button class="button button-primary button-tiny mobile-nav-trigger md-hide ml1"> <i class="icon ion-android-menu inlineicon"></i><span class="mobile-nav-trigger-text">Menu</span> </button> </div> </div> </div> </nav> <div class="container container-wide"> <div class="article-entry mt1 lg-mt2 py2 lg-py2"> <div itemprop="articleBody"> <div class="section" id="multi-region-deployments"> <h1>Multi-region Deployments<a class="headerlink" href="#multi-region-deployments" title="Permalink to this headline">¶</a></h1> <p>Multi-region deployments usually take into account factors such as scalability, availability and region-specific restrictions on systems and/or data. When region-specific restrictions such as storage of Personally Identifiable Information (PII) are applicable, the deployment strategy needs to consider some kind of <em>region affinity</em>, so that users are using infrastructure located in their geographic region.</p> <p>The Curity Identity Server includes components that can be used in such scenarios, namely:</p> <blockquote> <div><ul class="simple"> <li>Zones. Each service role in Curity is <a class="reference internal" href="../../configuration-guide/reference/config.html#configuration-environments-environment-services-service-role"><span class="std std-ref">bound to a zone</span></a>, which usually represents a geographic region.</li> <li>A <a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/zone-transfer.html#zone-transfer-action"><span class="std std-ref">zone transfer</span></a> mechanism that can be used to extract session data from one service role into another.</li> <li>A zone-aware <a class="reference internal" href="../data-sources/multizone.html#data-source-multizone"><span class="std std-ref">data source</span></a>, which delegates to different backing data sources based on the zone of the current service role.</li> <li><a class="reference internal" href="../../token-service-admin-guide/token-issuance/index.html#token-issuance"><span class="std std-ref">Wrapped tokens</span></a>, which allow non-sensitive data to be included in a JWT token string, but sensitive token data to only be available via introspection.</li> </ul> </div></blockquote> <p>The following sections detail how these features can be used together.</p> <div class="section" id="authorization-flows-front-channel"> <h2>Authorization flows - Front-channel<a class="headerlink" href="#authorization-flows-front-channel" title="Permalink to this headline">¶</a></h2> <p>When a user accesses Curity without any session context (e.g. first time access), mechanisms such as sticky sessions at load balancers can’t be used yet. This means that the user may be accessing a Curity service role that is not bound to the intended zone. The <a class="reference internal" href="../../authentication-service-admin-guide/authentication-actions/zone-transfer.html#zone-transfer-action"><span class="std std-ref">Zone Transfer</span></a> authentication action can be used to detect and recover from this situation. The process goes as follows:</p> <ol class="arabic"> <li><p class="first">A user navigates to the Curity Identity Server URL in the browser and is directed to a service role in the wrong zone.</p> </li> <li><p class="first">The authorization request triggers an authentication pipeline that includes the Zone Transfer action.</p> </li> <li><p class="first">The Zone Transfer action compares the <code class="docutils literal notranslate"><span class="pre">zone</span></code> attribute of the current authentication attributes with the Zone of the current service role. Since the values are different, the authentication action initiates a zone transfer:</p> <blockquote> <div><ul class="simple"> <li>The <code class="docutils literal notranslate"><span class="pre">zone</span></code> HTTP cookie is set with the value of the intended zone.</li> <li>The current session state is extracted.</li> <li>The browser is redirected back to the authentication endpoint in Curity.</li> </ul> </div></blockquote> </li> <li><p class="first">The redirect goes through an infrastructure component such as a load balancer or a reverse proxy which uses the <code class="docutils literal notranslate"><span class="pre">zone</span></code> cookie to direct the user to the correct Curity server.</p> </li> <li><p class="first">The session state is restored and the authorization flow is resumed.</p> <blockquote> <div><ul class="simple"> <li>Since the Zone of the current service role now is the intended one, the Zone Transfer authentication action allows the flow to proceed.</li> </ul> </div></blockquote> </li> <li><p class="first">The user authenticates and the authorization flow ends, returning control to the client application.</p> </li> </ol> </div> <div class="section" id="authorization-flows-back-channel"> <h2>Authorization flows - Back-channel<a class="headerlink" href="#authorization-flows-back-channel" title="Permalink to this headline">¶</a></h2> <p>When the front-channel leg of an authorization flow is done, the resulting artifacts are used by the client in back-channel requests, either to complete the flow in Curity (e.g. authorization code grant) or to access protected resources. In either case, the same <em>region affinity</em> concern arises. This is where <a class="reference internal" href="../../token-service-admin-guide/token-issuance/index.html#token-issuance"><span class="std std-ref">wrapped tokens</span></a> can be helpful. Using access tokens as an example, the process might go as follows:</p> <ol class="arabic simple"> <li>Wrapped tokens are enabled and Curity is configured to include the <code class="docutils literal notranslate"><span class="pre">zone</span></code> claim in the returned wrapper JWT.</li> <li>An authorization flow ends and the client gets an access token.</li> <li>The client does a request to a protected resource using that access token.</li> <li>The request goes through an infrastructure component such as a load balancer or a reverse proxy which inspects/validates the JWT and uses the <code class="docutils literal notranslate"><span class="pre">zone</span></code> claim to forward the request to the correct server. The reverse proxy may also introspect the token in Curity at this stage.</li> </ol> <div class="admonition note"> <p class="first admonition-title">Note</p> <p class="last">Wrapper JWTs don’t include any claims resulting from the authorization flow unless explicitly configured, even if other claim mappings are defined for the wrapped token (which is likely the case).</p> </div> </div> <div class="section" id="data-sources"> <h2>Data sources<a class="headerlink" href="#data-sources" title="Permalink to this headline">¶</a></h2> <p>When data needs to be kept in specific regions, the different data sources used by Curity need to be configured accordingly. Instead of defining different configurations for each region, the <a class="reference internal" href="../data-sources/multizone.html#data-source-multizone"><span class="std std-ref">multi-zone data source</span></a> can be used; at runtime, it delegates data access to other data sources, based on the zone of the current service role. Configuration for such a scenario may be done as follows:</p> <ol class="arabic simple"> <li>Define one data source for each region/zone using any of the types supported by Curity (e.g. JDBC).</li> <li>Define a multi-zone data source and configure it so that for each zone the corresponding data sources defined above is used.</li> <li>Use the multi-zone data source in the different configuration settings.</li> </ol> <p>This ensures that any data access (e.g. Sessions, Accounts) will be scoped to the correct zone, while keeping a single configuration for the different servers.</p> </div> </div> <section class="was-this-helpful"> <div id="was-this-helpful"></div> <button class="was-this-helpful-close button button-tiny button-transparent" aria-label="Close Form"> <svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="1" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="10"></circle><line x1="15" y1="9" x2="9" y2="15"></line><line x1="9" y1="9" x2="15" y2="15"></line></svg> </button> </section> </div> </div> </div> </div> <aside class="article-toc" role="navigation"> <div class="article-toc-panel"> <nav class="article-toc-links hide" role="navigation"> <h5 class="mt0"> Table of Contents </h5> <ol class="m0"> </ol> </nav> </div> </aside> </section> </main> <footer class="footer"> <div class="flex flex-center justify-between"> <div> <select name="color-scheme-switcher" id="color-scheme-switcher"> <option value="light">Light theme</option> <option value="dark">Dark theme</option> </select> </div> <div> <div class="py2 center"> Copyright &copy; 2015-2025 Curity AB. All rights reserved. </div> </div> </div> </footer> <script type="text/javascript"> var versions = [ ] var DOCUMENTATION_OPTIONS = { URL_ROOT:'../../', VERSION:'10.0.1', COLLAPSE_INDEX:false, FILE_SUFFIX:'.html', HAS_SOURCE: false }; </script> <script src="../../_static/js/jquery.js"></script> <script src="../../_static/underscore.js"></script> <script src="../../_static/doctools.js"></script> <script src="../../_static/language_data.js"></script> <script src="../../_static/js/versions.js"></script> <script src="../../_static/js/docs.js"></script> </body> </html>