Configuration (oxd-server.yml)#

oxd configuration is located at /opt/oxd-server/conf/oxd-server.yml. It consists of three major parts:

Here we will explain server configuration and defaultSiteConfig. Dropwizard configuration parameters can be checked in the Dropwizard configuration documentation.

The content of the /opt/oxd-server/conf/oxd-server.yml file is as follows:

oxd-server.yml

# server configuration
use_client_authentication_for_pat: true
trust_all_certs: true
trust_store_path: ''
trust_store_password: ''
crypt_provider_key_store_path: ''
crypt_provider_key_store_password: ''
crypt_provider_dn_name: ''
support-google-logout: true
state_expiration_in_minutes: 5
nonce_expiration_in_minutes: 5
public_op_key_cache_expiration_in_minutes: 60
protect_commands_with_access_token: true
uma2_auto_register_claims_gathering_endpoint_as_redirect_uri_of_client: true
add_client_credentials_grant_type_automatically_during_client_registration: true
migration_source_folder_path: ''
allowed_op_hosts: []
storage: h2
storage_configuration:
  dbFileLocation: /opt/oxd-server/data/oxd_db

# Dropwizard configurations
# Connectors
server:
  applicationConnectors:
    - type: https
      port: 8443
      keyStorePath: /opt/oxd-server/conf/oxd-server.keystore
      keyStorePassword: example
      validateCerts: false
  adminConnectors:
    - type: https
      port: 8444
      keyStorePath: /opt/oxd-server/conf/oxd-server.keystore
      keyStorePassword: example
      validateCerts: false

# Logging settings.
logging:

  # The default level of all loggers. Can be OFF, ERROR, WARN, INFO, DEBUG, TRACE, or ALL.
  level: INFO

  # Logger-specific levels.
  loggers:
    org.gluu: TRACE
    org.xdi: TRACE

# Logback's Time Based Rolling Policy - archivedLogFilenamePattern: /tmp/application-%d{yyyy-MM-dd}.log.gz
# Logback's Size and Time Based Rolling Policy -  archivedLogFilenamePattern: /tmp/application-%d{yyyy-MM-dd}-%i.log.gz
# Logback's Fixed Window Rolling Policy -  archivedLogFilenamePattern: /tmp/application-%i.log.gz

  appenders:
    - type: console
    - type: file
      threshold: INFO
      logFormat: "%-6level [%d{HH:mm:ss.SSS}] [%t] %logger{5} - %X{code} %msg %n"
      currentLogFilename: /var/log/oxd-server/oxd-server.log
      archivedLogFilenamePattern: /var/log/oxd-server/oxd-server-%d{yyyy-MM-dd}-%i.log.gz
      archivedFileCount: 7
      timeZone: UTC
      maxFileSize: 10MB

defaultSiteConfig:
  op_host: ''
  op_discovery_path: ''
  response_types: ['code']
  grant_type: ['authorization_code']
  acr_values: ['']
  scope: ['openid', 'profile', 'email']
  ui_locales: ['en']
  claims_locales: ['en']
  contacts: []
  redirect_uris: []
  logout_redirect_uris: []
  client_name: ''
  client_jwks_uri: ''
  token_endpoint_auth_method: ''
  token_endpoint_auth_signing_alg: ''
  request_uris: []
  front_channel_logout_uris: []
  sector_identifier_uri: ''
  claims_redirect_uri: []
  client_id: ''
  client_secret: ''
  trusted_client: false
  access_token_as_jwt: false
  access_token_signing_alg: ''
  rpt_as_jwt: false
  logo_uri: ''
  client_uri: ''
  policy_uri: ''
  front_channel_logout_session_required: false
  tos_uri: ''
  jwks: ''
  id_token_binding_cnf: ''
  tls_client_auth_subject_dn: ''
  run_introspection_script_beforeaccess_token_as_jwt_creation_and_include_claims: false
  id_token_signed_response_alg: ''
  id_token_encrypted_response_alg: ''
  id_token_encrypted_response_enc: ''
  user_info_signed_response_alg: ''
  user_info_encrypted_response_alg: ''
  user_info_encrypted_response_enc: ''
  request_object_signing_alg: ''
  request_object_encryption_alg: ''
  request_object_encryption_enc: ''
  default_max_age: null
  require_auth_time: false
  initiate_login_uri: ''
  authorized_origins: []
  access_token_lifetime: null
  software_id: ''
  software_version: ''
  software_statement: ''
  custom_attributes: {}

Server configuration fields descriptions#

Redis storage configuration sample:

  storage_configuration
    host: localhost
    port: 6379  

H2 storage configuration sample:

    storage_configuration
      dbFileLocation: /opt/oxd-server/data/oxd_db    

defaultSiteConfig Field Descriptions#