RPBasicAuthentictionValve
Warning
This valve is usually used with the legacy OIDC authenticators. If that is the case, it is recommended to plan for migrating the authenticator to the new protocol agnostic authenticator architecture, where this valve won't be needed anymore since it's already builtin. More information about the legacy authenticators can be found here.
Note
Authenticates the the calling relying party client. Uses the internal RP configuration to validate client id and password.
Properties
| Name | Description | Default value | Mandatory | Supports property expansion |
|---|---|---|---|---|
| api_username | The request parameter the containing client_id | api_username | No | No |
| api_password | The request parameter containing the client_secret | api_password | No | No |
Example Configuration
{
"name": "RPBasicAuthentictionValve",
"enabled": "true",
"config": {
"api_username": "client_id",
"api_password": "client_secret",
}
}
Requirements
Validation is made against password & id stored on the RP object in the internal configuration database.