Page History
Subject | JAVA Property | Explanation | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
blueriq.security.jwt-claims.roles-path | The comma-separated path A JsonPath expression to the roles claim in the JWT body. For example, if the JWT body contains the following claims:below claims, this property should be set to
then this property should be set to "realm_access,roles" in order to indicate that the roles claim nested within the realm_access claim represents the user's roles. |
| |||||||||
blueriq.security.jwt-claims.teams-path | The comma-separated path A JsonPath expression to the teams claim in the JWT body. See roles-path above for an examplemore information. |
| |||||||||
blueriq.security.jwt-claims.role-mapping.<role-claim> | Maps a role claim to zero, one or multiple Blueriq roles. If a role claim does not have a mapping, it is considered to have an implicit identity mapping. Example: blueriq.security.jwt-claims.role-mapping.employee=authenticated_user,vu_employee (all users which have the employee role at the identity provider will have the authenticated_user and vu_employee roles in Blueriq) |
| |||||||||
blueriq.security.jwt-claims.team-mapping.<team-claim> | Maps a team claim to zero, one or multiple Blueriq teams. If a team claim does not have a mapping, it is considered to have an implicit identity mapping. Example: blueriq.security.jwt-claims.team-mapping.amsterdam=europe,netherlands (all users which have the amsterdam team at the identity provider will have the europe and netherlands teams in Blueriq) |
| |||||||||
blueriq.security.jwt-claims.username-path | The comma-separated path A JsonPath expression to the username claim usernameclaim in the JWT body. For example if the JWT body contains the following claims:
then this property should be set to "realm_access,nickname" in order to indicate that the
See roles-path above for more information.Auth0 will include the claim If no value is specified, the default value is used: |
| |||||||||
blueriq.security.jwt-claims.claim-mapping.<key-id>=<value> | Additional optional custom parameter to retrieve a claim from the openid-connect JWT token en and place it in the Authentication under the specified key. For more information see the openid connect configuration pageThe value should be a JsonPath expression to the claim in the JWT body. Only (lists of) strings, numbers and booleans are supported. These values will all be converted to strings. See roles-path above for more information. These claims can be retrieved to the profile using the GetAuthenticationClaims service. |
|