Supports Expression Language: true (will be evaluated using variable registry only)Client Authentication Strategy | client-authentication-strategy | REQUEST_BODY | - REQUEST_BODY
![Send client authentication in request body. RFC 6749 Section 2.3.1 recommends Basic Authentication instead of request body. Send client authentication in request body. RFC 6749 Section 2.3.1 recommends Basic Authentication instead of request body.](../../../../../html/images/iconInfo.png) - BASIC_AUTHENTICATION
![Send client authentication using HTTP Basic authentication. Send client authentication using HTTP Basic authentication.](../../../../../html/images/iconInfo.png)
| Strategy for authenticating the client against the OAuth2 token provider service. |
Grant Type | grant-type | User Password | - User Password
![Resource Owner Password Credentials Grant. Used to access resources available to users. Requires username and password and usually Client ID and Client Secret. Resource Owner Password Credentials Grant. Used to access resources available to users. Requires username and password and usually Client ID and Client Secret.](../../../../../html/images/iconInfo.png) - Client Credentials
![Client Credentials Grant. Used to access resources available to clients. Requires Client ID and Client Secret. Client Credentials Grant. Used to access resources available to clients. Requires Client ID and Client Secret.](../../../../../html/images/iconInfo.png) - Refresh Token
![Refresh Token Grant. Used to get fresh access tokens based on a previously acquired refresh token. Requires Client ID and Client Secret (apart from Refresh Token). Refresh Token Grant. Used to get fresh access tokens based on a previously acquired refresh token. Requires Client ID and Client Secret (apart from Refresh Token).](../../../../../html/images/iconInfo.png)
| The OAuth2 Grant Type to be used when acquiring an access token. |
Username | service-user-name | | | Username on the service that is being accessed. Supports Expression Language: true (will be evaluated using variable registry only)
This Property is only considered if the [Grant Type] Property has a value of "User Password". |
Password | service-password | | | Password for the username on the service that is being accessed. Sensitive Property: true
This Property is only considered if the [Grant Type] Property has a value of "User Password". |
Refresh Token | refresh-token | | | Refresh Token. Sensitive Property: true Supports Expression Language: true (will be evaluated using variable registry only)
This Property is only considered if the [Grant Type] Property has a value of "Refresh Token". |
Client ID | client-id | | | No Description Provided. Supports Expression Language: true (will be evaluated using variable registry only) |
Client secret | client-secret | | | No Description Provided. Sensitive Property: true
This Property is only considered if the [Client ID] Property has a value specified. |
Scope | scope | | | Space-delimited, case-sensitive list of scopes of the access request (as per the OAuth 2.0 specification) |
Resource | resource | | | Resource URI for the access token request defined in RFC 8707 Section 2 |
Audience | audience | | | Audience for the access token request defined in RFC 8693 Section 2.1 |
Refresh Window | refresh-window | 0 s | | The service will attempt to refresh tokens expiring within the refresh window, subtracting the configured duration from the token expiration. |
SSL Context Service | ssl-context-service | | Controller Service API: SSLContextService Implementations: StandardSSLContextService StandardRestrictedSSLContextService | No Description Provided. |
HTTP Protocols | HTTP Protocols | h2 http/1.1 | | HTTP Protocols supported for Application Layer Protocol Negotiation with TLS
This Property is only considered if the [SSL Context Service] Property has a value specified. |
Proxy Configuration Service | proxy-configuration-service | | Controller Service API: ProxyConfigurationService Implementation: StandardProxyConfigurationService | Specifies the Proxy Configuration Controller Service to proxy network requests. Supported proxies: HTTP + AuthN |
State management:
This component does not store state.Restricted:
This component is not restricted.System Resource Considerations:
None specified.