OAuth 2.0 Modifier

Client ID (iss)

Lasernet app credentials (ID) as registered with the service provider.

Client Secret

Lasernet app credentials (secret key) as registered with the service provider.

Resource

Specifies the target resource or API that the client intends to access. It can help the authorization server to understand which resources the client is requesting access to. The parameter value is typically a URI identifying the resource server or a specific endpoint.

Although Resource is optional according to the OAuth 2.0 specification, some authorization servers require Lasernet to supply a value for it.

Token Verb

Select the appropriate verb for the request to the token endpoint. Supported options are POST with URL encoded form parameters and GET using query parameters. To understand which option to select, refer to the endpoint API.

Token Endpoint

The token endpoint URL of the authorization server is used as a value for an "aud" element to identify the authorization server.

Auth. Verb

Select the appropriate verb for the request to the authorization endpoint. Supported options are POST with URL encoded form parameters and GET using query parameters. To understand which option to select, refer to the endpoint API.

Auth. Token Endpoint

The authorization URL that you will redirect the user to.

Scope

The request might have one or more scope values indicating additional access requested by the application. The authorization server will need to display the requested scopes to the user. This setting is optional.

State

The State parameter is used by the application to store request-specific data and/or prevent CSRF attacks. The authorization server must return the unmodified state value back to the application. The setting is optional but recommended.

Redirect URI

The redirect URI is the URL within your application that will receive OAuth 2.0 credentials, for example https://localhost

Prompt

Specifies the type of interaction that the authorization service will have with the user when they are taken to the Auth. Token Endpoint URL. To understand the specific interaction that each valid option (none, consent, select_account, and login) results in, refer to the endpoint API.

Client ID (iss)

Lasernet app credentials (ID) as registered with the service provider.

Client Secret

Lasernet app credentials (secret key) as registered with the service provider.

Token Verb

Select the appropriate verb for the request to the token endpoint. Supported options are POST with URL encoded form parameters and GET using query parameters. To understand which option to select, refer to the endpoint API.

Token Endpoint (aud)

The token endpoint URL of the authorization server is used as a value for an "aud" element to identify the authorization server as an intended audience of the JWT.

Auth. Verb

Not applicable.

Private Key

Generate an RSA keypair to sign and authenticate the JWT request made by your app. Download and save a copy of the private key (.pem) in a Lasernet Resource folder. Click Browse and insert the link to the file here.

Example of the format for a private key:

-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIN5gcZd3m0XwCAggA
MBQGCCqGSIb3DQMHBAiIEnj1jz73MASCBMjI3q8SDNKcEHpxywyv8tMwxHeovc2m
.
HYY=
-----END ENCRYPTED PRIVATE KEY-----

Private Key Password

Password for the private key.

Public Key ID (kid)

ID for the public key.

Algorithm (alg)

Supported algorithms: RS256, RS384, RS512, ES256, ES384, ES512.

Subject (aud)

The "sub" (subject) claim identifies the principal that is the subject of the JWT.  The claims in a JWT are normally statements about the subject. The subject value MUST either be scoped to be locally unique in the context of the issuer or be globally unique. The processing of this claim is generally application specific. The "sub" value is a case-sensitive string containing a StringOrURI value.

Audience (aud)

The "aud" (audience) claim identifies the recipients that the JWT is intended for.  Each principal intended to process the JWT MUST identify itself with a value in the audience claim. If the principal processing the claim does not identify itself with a value in the "aud" claim when this claim is present, then the JWT MUST be rejected.  In the general case, the "aud" value is an array of case-sensitive strings, each containing a StringOrURI value. In the special case when the JWT has one audience, the "aud" value MAY be a single case-sensitive string containing a StringOrURI value. The interpretation of audience values is generally application specific.

Customer parameters

Add the list of customer parameters required by the service provider.

Client ID (iss)

Lasernet app credentials (ID) as registered with the service provider.

Client Secret

Lasernet app credentials (secret key) as registered with the service provider.

Resource

Specifies the target resource or API that the client intends to access. It can help the authorization server to understand which resources the client is requesting access to. The parameter value is typically a URI identifying the resource server or a specific endpoint.

Although Resource is optional according to the OAuth 2.0 specification, some authorization servers require Lasernet to supply a value for it.

Token Verb

Select the appropriate verb for the request to the token endpoint. Supported options are POST with URL encoded form parameters and POST with URL encoded form parameters and Basic Authorization header. To understand which option to select, refer to the endpoint API.

Token Endpoint (aud)

The token endpoint URL of the authorization server.

Scope

The request may have one or more scope values indicating additional access requested by the application. The authorization server will need to display the requested scopes to the user. This setting is optional.