Configuration Reference
Version:4.10.0
Micronaut Security Config Properties
🔗Property | Type | Description |
---|---|---|
|
java.lang.String |
Where the user is redirected to after a successful login. Default value ("/"). |
|
java.lang.String |
Where the user is redirected to after a failed login. Default value ("/"). |
|
java.lang.String |
URL where the user is redirected after logout. Default value ("/"). |
|
boolean |
If true, the user should be redirected back to the unauthorized request that initiated the login flow. Supersedes the <code>login-success</code> configuration for those cases. Default value false. |
|
boolean |
Sets whether Redirection configuration enabled. Default value (true). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
Where the user is redirected to after trying to access a secured route which he is forbidden to access. Default value ("/"). |
|
boolean |
Whether it should redirect on forbidden rejections. Default value (true). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
|
|
java.lang.Boolean |
|
|
java.lang.Boolean |
|
|
java.time.Duration |
|
|
Sets the same-site setting of the cookie. Default value null. Value is case sensitive. Allowed values: |
|
|
boolean |
|
|
java.lang.String |
|
|
java.lang.String |
Property | Type | Description |
---|---|---|
|
java.lang.String |
Where the user is redirected to after trying to access a secured route. Default value ("/"). |
|
boolean |
Whether it should redirect on unauthorized rejections. Default value (true). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
Where the user is redirected to after trying to access a secured route which he is forbidden to access. Default value ("/"). |
|
boolean |
Whether it should redirect on forbidden rejections. Default value (true). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
Set the Subject DN regex. Default value "CN=(.*?)(?:, |
$)". |
|
boolean |
Property | Type | Description |
---|---|---|
|
boolean |
Set whether to enable bearer token authentication. Default value true. |
|
java.lang.String |
Sets the prefix to use for the auth token. Default value Bearer. |
|
java.lang.String |
Sets the header name to use. Default value Authorization. |
Property | Type | Description |
---|---|---|
|
boolean |
Sets whether the configuration is enabled. Default value true. |
|
java.lang.String |
|
|
java.lang.String |
|
|
java.lang.String |
If the entry used for the roles in the Authentication attributes map is a String, you can use the separator to split its value into multiple roles. Default value DEFAULT_ROLES_SEPARATOR. |
Property | Type | Description |
---|---|---|
|
java.lang.String |
|
|
java.lang.Boolean |
|
|
java.lang.Boolean |
|
|
java.time.Duration |
|
|
Sets the same-site setting of the cookie. Default value null. Value is case sensitive. Allowed values: |
|
|
boolean |
|
|
java.lang.String |
|
|
java.lang.String |
Property | Type | Description |
---|---|---|
|
boolean |
|
|
java.lang.String |
Path to the LogoutController. Default value "/logout". |
|
boolean |
Property | Type | Description |
---|---|---|
|
boolean |
|
|
java.lang.String |
Path to the LoginController. Default value "/login" |
Property | Type | Description |
---|---|---|
|
boolean |
Enables the {@link BasicAuthAuthenticationFetcher}. Default value true. |
Property | Type | Description |
---|---|---|
|
boolean |
|
|
java.lang.String |
Pattern the {@link SecurityFilter} should match. Default value |
Property | Type | Description |
---|---|---|
|
boolean |
|
|
java.lang.String |
Path to the IntrospectionController. Default value "/token_info" |
Property | Type | Description |
---|---|---|
|
boolean |
Enable HttpHeaderTokenPropagator. Default value (true). |
|
java.lang.String |
|
|
java.lang.String |
Property | Type | Description |
---|---|---|
|
boolean |
|
|
java.lang.String |
Sets the path to map the {@link OauthController} to. Default value ("/oauth/access_token"). |
|
boolean |
Property | Type | Description |
---|---|---|
|
Defines which authentication to use. Defaults to null. Possible values bearer, session, cookie, idtoken. Should only be supplied if the service handles login and logout requests. |
|
|
boolean |
If Security is enabled. Default value true |
|
java.util.List |
Map that defines the interception patterns. |
|
java.util.List |
Allowed IP patterns. Default value (["0.0.0.0"]) |
|
boolean |
Whether the intercept URL patterns should be prepended with context path if defined. Defaults to true. |
|
Determines how authentication providers should be processed. Default value ANY. Possible values: ANY or ALL. |
|
|
boolean |
Whether the server should respond with 401 for requests that do not match any routes on the server, if you set it to false, it will return 404 for requests that do not match any routes on the server. Default value (true). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
|
|
java.lang.String |
|
|
java.util.regex.Pattern |
|
|
java.util.regex.Pattern |
|
|
boolean |
Enables TokenPropagationHttpClientFilter. Default value false |
|
java.lang.String |
Property | Type | Description |
---|---|---|
|
java.lang.Integer |
Access token expiration. Default value (3600). |
Micronaut Security Jwt Config Properties
🔗Property | Type | Description |
---|---|---|
|
java.lang.String |
A path either starting with |
Property | Type | Description |
---|---|---|
|
boolean |
|
|
java.lang.String |
Path to the KeysController. Default value "/keys". |
Property | Type | Description |
---|---|---|
|
java.lang.String |
|
|
com.nimbusds.jose.JWEAlgorithm |
|
|
com.nimbusds.jose.EncryptionMethod |
Property | Type | Description |
---|---|---|
|
boolean |
Sets whether JWT security is enabled. Default value (true). |
Property | Type | Description |
---|---|---|
|
boolean |
Sets whether SignedRefreshTokenGenerator is enabled. Default value (true). |
|
com.nimbusds.jose.JWSAlgorithm |
{@link com.nimbusds.jose.JWSAlgorithm}. Defaults to HS256 |
|
java.lang.String |
shared secret. For HS256 must be at least 256 bits. |
|
boolean |
Indicates whether the supplied secret is base64 encoded. Default value false. |
Property | Type | Description |
---|---|---|
|
java.lang.Integer |
JWKS cache expiration. Default value 60 seconds. |
|
java.lang.String |
|
|
com.nimbusds.jose.jwk.KeyType |
Property | Type | Description |
---|---|---|
|
com.nimbusds.jose.JWSAlgorithm |
|
|
java.lang.String |
|
|
boolean |
Property | Type | Description |
---|---|---|
|
java.lang.String |
Whether the iss claim should be validated to ensure it matches this value. It defaults to null, thus it is not validated. |
|
java.lang.String |
Whether the aud claim should be validated to ensure it matches this value. It defaults to null, thus it is not validated. |
|
boolean |
Whether the JWT subject claim should be validated to ensure it is not null. Default value true. |
|
boolean |
|
|
boolean |
Whether the expiration date of the JWT should be validated. Default value true. |
|
boolean |
Whether the nonce claim should be validated when a nonce was present. Default value true. |
|
boolean |
Whether |
Micronaut Security Ldap Config Properties
🔗Property | Type | Description |
---|---|---|
|
java.lang.String |
|
|
java.lang.String |
|
|
java.lang.String |
|
|
java.lang.String |
|
|
java.util.Map |
Property | Type | Description |
---|---|---|
|
boolean |
|
|
java.lang.String |
|
|
java.lang.String |
|
|
java.lang.String |
Property | Type | Description |
---|---|---|
|
boolean |
Sets whether this configuration is enabled. Default true. |
Property | Type | Description |
---|---|---|
|
boolean |
|
|
java.lang.String |
|
|
java.lang.String |
|
|
java.lang.String |
|
|
boolean |
Sets if group search is enabled. Default false |
|
java.lang.String |
The argument to pass to the search filter. |
Micronaut Security Oauth2 Config Properties
🔗Property | Type | Description |
---|---|---|
|
boolean |
Sets whether the OAuth 2.0 support is enabled. Default value (true). |
|
java.lang.String |
The URI template that is used to initiate an OAuth 2.0 authorization code grant flow. Default value ("/oauth/login{/provider}"). |
|
java.lang.String |
The URI template that OAuth 2.0 providers can use to submit an authorization callback request. Default value ("/oauth/callback{/provider}"). |
|
java.lang.String |
The default authentication provider for an OAuth 2.0 authorization code grant flow. |
Property | Type | Description |
---|---|---|
|
java.lang.String |
The endpoint URL |
|
java.lang.String |
Code Challenge Method to use for PKCE. |
Property | Type | Description |
---|---|---|
|
java.lang.String |
The URI the OpenID provider should redirect to after logging out. Default value ("/logout"). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
|
|
java.lang.String |
|
|
java.time.Duration |
Number of seconds for a token obtained via client credentials grant to be considered expired prior to its expiration date. Default value (30 seconds). |
|
java.lang.String |
Scope to be requested in the client credentials request. Defaults to none. |
|
boolean |
Enables ClientCredentialsClient. Default value true |
|
java.util.Map |
Property | Type | Description |
---|---|---|
|
java.lang.String |
Sets the mechanism to persist the nonce for later retrieval for validation. Supported values ("session", "cookie"). Default value ("cookie"). |
|
boolean |
Sets whether a nonce parameter will be sent. Default (true). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
The URI used to log out of an OpenID provider. Default value ("/oauth/logout"). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
Sets the domain name of this Cookie. Default value (null). |
|
java.lang.Boolean |
Sets whether the cookie is secured. Defaults to the secure status of the request. |
|
java.lang.String |
Cookie Name. Default value |
|
java.lang.String |
Sets the path of the cookie. Default value ("/"). |
|
java.lang.Boolean |
Whether the Cookie can only be accessed via HTTP. Default value (true). |
|
java.time.Duration |
Sets the maximum age of the cookie. Default value (5 minutes). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
The endpoint URL |
|
Authentication Method |
|
|
The content type of token endpoint requests. Default value (application/x-www-form-urlencoded). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
OAuth 2.0 client id. |
|
java.lang.String |
OAuth 2.0 client secret. |
|
boolean |
Sets whether the client is enabled. Default value (true). |
|
java.util.List |
Requested scopes. If not specified for OAuth 2.0 clients using OpenID Connect it defaults to |
|
OAuth 2.0 grant type. Default value (authorization_code). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
The endpoint URL |
|
Determines the authorization processing flow to be used. Default value (code). |
|
|
java.lang.String |
Mechanism to be used for returning authorization response parameters from the authorization endpoint. |
|
Controls how the authentication interface is displayed. |
|
|
Controls how the authentication server prompts the user. |
|
|
java.lang.Integer |
Maximum authentication age. |
|
java.util.List |
Preferred locales for authentication. |
|
java.util.List |
Authentication class reference values. |
|
java.lang.String |
Code Challenge Method to use for PKCE. |
Property | Type | Description |
---|---|---|
|
java.lang.String |
The endpoint URL |
|
Authentication Method |
Property | Type | Description |
---|---|---|
|
java.lang.String |
The endpoint URL |
Property | Type | Description |
---|---|---|
|
boolean |
Whether IssuerClaimValidator is enabled. Default value (true). |
|
boolean |
Whether AudienceClaimValidator is enabled. Default value (true). |
|
boolean |
Whether AuthorizedPartyClaimValidator is enabled. Default value (true). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
Sets the domain name of this Cookie. Default value (null). |
|
java.lang.Boolean |
Sets whether the cookie is secured. Defaults to the secure status of the request. |
|
java.lang.String |
Cookie Name. Default value |
|
java.lang.String |
Sets the path of the cookie. Default value ("/"). |
|
java.lang.Boolean |
Whether the Cookie can only be accessed via HTTP. Default value (true). |
|
java.time.Duration |
Sets the maximum age of the cookie. Default value (5 minutes). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
The endpoint URL |
Property | Type | Description |
---|---|---|
|
java.net.URL |
URL using the https scheme with no query or fragment component that the Open ID provider asserts as its issuer identifier. |
|
java.lang.String |
The configuration path to discover openid configuration. Default ("/.well-known/openid-configuration"). |
|
java.lang.String |
The JWKS signature URI. |
Property | Type | Description |
---|---|---|
|
java.lang.String |
The endpoint URL |
|
boolean |
The end session enabled flag. Default value (true). |
Property | Type | Description |
---|---|---|
|
int |
entropy (in bytes) used for the code verifier generation. Default value 64. |
|
java.lang.String |
Sets the mechanism to persist the state for later retrieval for validation. Supported values ("session", "cookie"). Default value (PERSISTENCE_COOKIE). |
|
boolean |
Sets whether a state parameter will be sent. Default (true). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
The endpoint URL |
|
Authentication Method |
Property | Type | Description |
---|---|---|
|
boolean |
Set to true if the original JWT from the provider should be included in the Micronaut JWT. Default value (false). |
|
boolean |
Set to true if the original access token from the provider should be included in the Micronaut JWT. Default value (false). |
|
boolean |
Set to true if the original refresh token from the provider should be included in the Micronaut JWT. Default value (false). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
Sets the domain name of this Cookie. Default value (null). |
|
java.lang.Boolean |
Sets whether the cookie is secured. Defaults to the secure status of the request. |
|
java.lang.String |
Cookie Name. Default value |
|
java.lang.String |
Sets the path of the cookie. Default value ("/"). |
|
java.lang.Boolean |
Whether the Cookie can only be accessed via HTTP. Default value (true). |
|
java.time.Duration |
Sets the maximum age of the cookie. Default value (5 minutes). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
Sets the mechanism to persist the state for later retrieval for validation. Supported values ("session", "cookie"). Default value ("cookie"). |
|
boolean |
Sets whether a state parameter will be sent. Default (true). |
Property | Type | Description |
---|---|---|
|
boolean |
Enable {@link ClientCredentialsHeaderTokenPropagatorConfiguration}. Default value (true). |
|
java.lang.String |
|
|
java.lang.String |
Property | Type | Description |
---|---|---|
|
java.lang.String |
The endpoint URL |
|
Authentication Method |
Micronaut Security Session Config Properties
🔗Property | Type | Description |
---|---|---|
|
boolean |
Sets whether the session config is enabled. Default value (true). |