argos/dmp-backend/web/src/main/resources/config/security.yml

web:
  security:
    enabled: true
    authorized-endpoints: [ api ]
    allowed-endpoints: [ api/public ]
    idp:
      api-key:
        enabled: true
        authorization-header: Authorization
        client-id: ${IDP_APIKEY_CLIENT_ID:}
        client-secret: ${IDP_APIKEY_CLIENT_SECRET:}
        scope: ${IDP_APIKEY_SCOPE:}
      resource:
        token-type: JWT #| opaque
        opaque:
          client-id: ${IDP_OPAQUE_CLIENT_ID:}
          client-secret: ${IDP_OPAQUE_CLIENT_SECRET:}
        jwt:
          claims: [ role, x-role ]
          issuer-uri: ${IDP_ISSUER_URI:}

zenodo:
  affiliation: ARGOS
  community: argos
  login:
    access_token_url: ${ZENODO_ACCESS_TOKEN_URL:}
    client_id: ${ZENODO_CLIENT_ID:}
    client_secret: ${ZENODO_CLIENT_SECRET:}
    redirect_uri: http://localhost:4200/login/external/zenodo