Newer
Older
# The issuer url to be used. MUST point to this server
# Configuration for the mytoken server
# port: 443
# Configuration for the database
# Configuration for token signing
# If an RSA-based algorithm is used, this is the key len. Only needed when generating a new rsa key.
# rsa_key_len: 2048
# Configuration for logging
# The directory where the log file should be placed
# Indicates if mytoken should log additionally to stderr
# The directory where the log file should be placed
# Indicates if mytoken should log additionally to stderr
# The minimal log level that should be logged
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
# URL with documentation about the service
service_documentation: "https://github.com/zachmann/mytoken"
# Configuration and enabling/disabling for different features
features:
# The supported oidc flows
oidc_flows:
- "authorization_code" # Always enabled
- "device" # Requires polling_codes to be enabled
# Revocation for tokens issued by mytoken. Only disable this if you have good reasons for it.
token_revocation:
enabled: true
# Support for short super tokens
short_tokens:
enabled: true
# Support for transfer codes for super tokens
transfer_codes:
enabled: true
# Support for polling codes that are used by native applications. Only disable this if you have good reasons for it.
polling_codes:
enabled: true
expires_after: 300 # The time in seconds how long a polling code can be used
polling_interval: 5 # The interval in seconds the native application should wait between two polling attempts
# Support for the access_token grant, i.e. a user can use an AT to obtain an ST.
access_token_grant:
enabled: true
# Support for the private_key_jwt grant, i.e. a user can use an signed jwt to obtain an ST.
signed_jwt_grant:
enabled: true
# The list of supported providers
providers:
- issuer: "https://example.provider.com/"
client_id: "clientid"
client_secret: "clientsecret"
scopes:
- openid
- profile