io.helidon.security.providers.jwt.JwtProvider
Description
JWT authentication provider
Configuration options
| Key | Type | Default | Description |
|---|---|---|---|
allow-impersonation | Boolean | false | Whether to allow impersonation by explicitly overriding username from outbound requests using io.helidon.security.EndpointConfig#PROPERTY_OUTBOUND_ID property |
allow-unsigned | Boolean | false | Configure support for unsigned JWT |
atn-token | Configuration for atn-token | ||
authenticate | Boolean | true | Whether to authenticate requests |
optional | Boolean | false | Whether authentication is required |
principal-type | SubjectType | USER | Principal type this provider extracts (and also propagates) |
propagate | Boolean | true | Whether to propagate identity |
sign-token | OutboundConfig | Configuration of outbound rules | |
use-jwt-groups | Boolean | true | Claim groups from JWT will be used to automatically add groups to current subject (may be used with jakarta.annotation.security.RolesAllowed annotation) |
Usages
See the manifest for all available types.