argos/dmp-backend/web/target/classes/config/security.yml

15 lines
542 B
YAML
Raw Normal View History

web:
security:
enabled: true
authorized-endpoints: [ api ]
allowed-endpoints: [ api/public, api/dmp/public, api/description/public, /api/supportive-material/public, api/language/public, api/contact-support/public, api/dashboard/public, prometheus, health, metrics ]
idp:
api-key:
enabled: false
resource:
token-type: JWT #| opaque
jwt:
claims: [ role, x-role ]
issuer-uri: ${IDP_ISSUER_URI:}
audiences: [ "dmp_web" ]
validIssuer: ${IDP_ISSUER_URI:}