From 3770d85aae59700899dd20306034dd981bf6441a Mon Sep 17 00:00:00 2001 From: Ioannis Kakavas Date: Wed, 10 Mar 2021 12:34:01 +0200 Subject: [PATCH] Add doc reference for client_auth_method (#70124) Support for additional Client authentication methods was added in the OIDC realm in #58708. This change adds the `rp.client_auth_method` and `rp.client_auth_signature_algorithm` settings in the realm settings reference doc. --- .../settings/security-settings.asciidoc | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/docs/reference/settings/security-settings.asciidoc b/docs/reference/settings/security-settings.asciidoc index 72bf73c799bcb..88a38932df429 100644 --- a/docs/reference/settings/security-settings.asciidoc +++ b/docs/reference/settings/security-settings.asciidoc @@ -1629,6 +1629,23 @@ at the OpenID Connect Provider. The OAuth 2.0 Client Secret that was assigned to {es} during registration at the OpenID Connect Provider. +// tag::rp-client-auth-method-tag[] +`rp.client_auth_method` {ess-icon}:: +(<>) +The client authentication method used by {es} to authenticate +to the OpenID Connect Provider. Can be `client_secret_basic`, `client_secret_post`, +or `client_secret_jwt`. Defaults to `client_secret_basic`. +// end::rp-client-auth-method-tag[] + +// tag::rp-client-auth-jwt-signature-algorithm[] +`rp.client_auth_signature_algorithm` {ess-icon}:: +(<>) +The signature algorithm that {es} uses to sign the JWT with which it authenticates +as a client to the OpenID Connect Provider when `client_secret_jwt` is selected for +`rp.client_auth_method`. Can be either `HS256`, `HS384`, or `HS512`. Defaults to +`HS384`. +// end::rp-client-auth-jwt-signature-algorithm[] + // tag::rp-redirect-uri-tag[] `rp.redirect_uri` {ess-icon}:: (<>)