MarkLogic Server 11.0 Product Documentation
sec.oauthServer

sec.oauthServer(
   oauth-vendor as String,
   oauth-flow-type as String,
   oauth-client-id as String,
   oauth-token-type as String,
   oauth-username-attribute as String,
   oauth-role-attribute as String,
   [oauth-privilege-attribute as String],
   [oauth-jwt-issuer-uri as String],
   [oauth-jwt-alg as String],
   [oauth-jwt-key-ids as String[]],
   [oauth-jwt-secret-values as String[]],
   [oauth-jwks-uri as String]
) as element(sec.oauthServer)

Summary

This function configures an OAuth server for use by the sec:create-external-security function.

Parameters
oauth-vendor Third-party OAuth 2.0 vendor.
oauth-flow-type OAuth 2.0 flow type.
oauth-client-id Required. OAuth 2.0 Client ID.
oauth-token-type OAuth 2.0 access token format.
oauth-username-attribute Required. The JSON claim name containing username information.
oauth-role-attribute Required. The JSON claim name containing role information.
oauth-privilege-attribute The JSON claim name containing privilege information. Optional.
oauth-jwt-issuer-uri OAuth 2.0 JWT Issuer URI. Required if "OAuth Vendor" is "Microsoft Entra" or "Amazon Cognito".
oauth-jwt-alg Signature algorithm for JWT access tokens. Required if "OAuth Token Type" is "JSON Web Tokens".
oauth-jwt-key-ids List of JWT key-IDs.
oauth-jwt-secret-values List of JWT keys.
oauth-jwks-uri JSON Web Key Sets Endpoint URI.

Usage Notes

This function must be executed against the security database.

Example



// execute this against the security database

const sec = require('/MarkLogic/security');

sec.oauthServer("Ping Identity", 
                "Resource server", 
                "test", 
                "JSON Web Tokens", 
                "username", 
                "roles", 
                "privileges",
                "",
                "HS256",
                ("test1"),
                ("testsecret1"),
                "");
    
Powered by MarkLogic Server | Terms of Use | Privacy Policy