Class Oauth2ProxyOidcOptions
Oauth2Proxy OIDC option model.
Namespace: Neon.Kube.Oauth2Proxy
Assembly: Neon.Kube.dll
Syntax
public class Oauth2ProxyOidcOptionsConstructors
Oauth2ProxyOidcOptions()
Constructor.
Declaration
public Oauth2ProxyOidcOptions()Properties
AudienceClaims
Allows to define any claim that is verified against the client id. By default aud claim is used for verification.
Declaration
[JsonProperty(PropertyName = "AudienceClaims", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.Ignore)]
[YamlMember(Alias = "audienceClaims", ApplyNamingConventions = false)]
public List<string> AudienceClaims { get; set; }Property Value
| Type | Description |
|---|---|
| List<string> |
EmailClaim
Indicates which claim contains the user email.
Declaration
[JsonProperty(PropertyName = "EmailClaim", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.Ignore)]
[YamlMember(Alias = "emailClaim", ApplyNamingConventions = false)]
public string EmailClaim { get; set; }Property Value
| Type | Description |
|---|---|
| string |
ExtraAudiences
A list of additional audiences that are allowed to pass verification in addition to the client id.
Declaration
[JsonProperty(PropertyName = "ExtraAudiences", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.Ignore)]
[YamlMember(Alias = "extraAudiences", ApplyNamingConventions = false)]
public List<string> ExtraAudiences { get; set; }Property Value
| Type | Description |
|---|---|
| List<string> |
GroupsClaim
Indicates which claim contains the user groups.
Declaration
[JsonProperty(PropertyName = "GroupsClaim", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.Ignore)]
[YamlMember(Alias = "groupsClaim", ApplyNamingConventions = false)]
public string GroupsClaim { get; set; }Property Value
| Type | Description |
|---|---|
| string |
InsecureAllowUnverifiedEmail
Prevents failures if an email address in an id_token is not verified.
Declaration
[JsonProperty(PropertyName = "InsecureAllowUnverifiedEmail", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.Ignore)]
[YamlMember(Alias = "insecureAllowUnverifiedEmail", ApplyNamingConventions = false)]
public bool InsecureAllowUnverifiedEmail { get; set; }Property Value
| Type | Description |
|---|---|
| bool |
InsecureSkipIssuerVerification
Skips verification of ID token issuers. When false, ID Token Issuers must match the OIDC discovery URL.
Declaration
[JsonProperty(PropertyName = "InsecureSkipIssuerVerification", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.Ignore)]
[YamlMember(Alias = "insecureSkipIssuerVerification", ApplyNamingConventions = false)]
public bool InsecureSkipIssuerVerification { get; set; }Property Value
| Type | Description |
|---|---|
| bool |
InsecureSkipNonce
Skips verifying the ID Token's nonce claim that must match the random nonce sent in the initial OAuth flow.Otherwise, the nonce is checked after the initial OAuth redeem and subsequent token refreshes.
Declaration
[JsonProperty(PropertyName = "InsecureSkipNonce", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.Ignore)]
[YamlMember(Alias = "insecureSkipNonce", ApplyNamingConventions = false)]
public bool InsecureSkipNonce { get; set; }Property Value
| Type | Description |
|---|---|
| bool |
IssuerUrl
The OpenID Connect issuer URL.
Declaration
[JsonProperty(PropertyName = "IssuerUrl", Required = Required.Always)]
[YamlMember(Alias = "issuerURL", ApplyNamingConventions = false)]
public string IssuerUrl { get; set; }Property Value
| Type | Description |
|---|---|
| string |
JwksUrl
JwksURL is the OpenID Connect JWKS URL
Declaration
[JsonProperty(PropertyName = "JwksUrl", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.Ignore)]
[YamlMember(Alias = "jwksURL", ApplyNamingConventions = false)]
public string JwksUrl { get; set; }Property Value
| Type | Description |
|---|---|
| string |
SkipDiscovery
Allows to skip OIDC discovery and use manually supplied Endpoints.
Declaration
[JsonProperty(PropertyName = "SkipDiscovery", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.Ignore)]
[YamlMember(Alias = "skipDiscovery", ApplyNamingConventions = false)]
public bool SkipDiscovery { get; set; }Property Value
| Type | Description |
|---|---|
| bool |
UserIdClaim
Indicates which claim contains the user ID.
Declaration
[JsonProperty(PropertyName = "UserIdClaim", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.Ignore)]
[YamlMember(Alias = "userIDClaim", ApplyNamingConventions = false)]
public string UserIdClaim { get; set; }Property Value
| Type | Description |
|---|---|
| string |