Experimental Single Sign On server, OAuth2, Openid Connect, multiple factor authentication with, HOTP/TOTP, FIDO2, TLS Certificates, etc. extensible via plugins
identify
action to authenticate via schemes oauth2 or certificate without giving the usernamerestrict-scope-client-property
to restrict a client to certain scopes if neededThe "Recontainment Release"
aud
property to fit JWT access token specgzip
or deflate
when relevantThe "Second Wave Release"
client_id
and redirect_uri
on grant scopeparameters
object on *_load()
functions resultnone
by defaultid_token
and /userinfo
/mod/reload/
to reload modules listsreaddir()
, closes #150The "Saint-Jean-Baptiste Release"
redirect_uri
check to make Glewlwyd OIDC plugin conform to OAuth 2.0 for Native Apps specificationid_token
in response type password
when the scope openid
is addedpassword
by default for OIDC plugin configopenid
is assumed to be always granted to clients for OIDC pluginone-time-use
refresh token option