Documentation

Configuration

system.config.yml

accessTokens

OAuth 2.0 related config.

This section controls Lifetime of Access Tokens issued by built in OAuth 2.0 server at during one of authorization flows as well as the type of token to be issued.

accessTokens:
  timeToExpiry: 7200000
  tokenType: 'jwt'
  issuer: 'express-gateway'
  audience: 'something'
  subject: 'somebody'
  secretOrPrivateKey: 'ssssst'

Parameters

  • timeToExpiry: Expiration time for the token
  • tokenType: Token type to be issued. It can be opaque or jwt
  • issuer: Ignored when tokenType isnt jwt. Defines the issuer to be sent in the token
  • audience: Ignored when tokenType isnt jwt. Defines the audience to be sent in the token
  • subject: Ignored when tokenType isnt jwt. Defines the subject to be sent in the token
  • secretOrPrivateKey: Ignored when tokenType is jwt. Defines the secret or private key used to sign the token
  • secretOrPrivateKeyFile: Ignored when tokenType is jwt. Defines the file where the secret or private key used to sign the token is stored