Convert SSO Tokens Into OIDC JWTs
For each incoming request, the agent looks for an OIDC JWT in the cookie named by JWT Cookie Name. Set this property as follows:
-
true
: Use this value to allow users to access resources protected with systems that continue to use SSO tokens, and to use the default login redirection mode.-
If the agent does not find a JWT in the cookie, the agent looks for an SSO token in the iPDP cookie defined during AM installation. During agent startup, the agent retrieves the name of this cookie from AM.
-
If the agent finds an SSO token in the iPDP cookie, it makes a request to AM to convert the SSO token into an OIDC JWT.
-
The agent caches the SSO token, so that if it is presented in another incoming request, the agent substitutes the JWT without making a request to AM.
-
If the agent does not find either token, authentication fails. The user can only access resources that are available through not-enforced rules.
-
-
false
: Do not convert SSO tokens into OIDC JWTs.
Property name |
|
Aliases |
|
Function |
SSO cookie handling |
Type |
Boolean: |
Default |
|
Bootstrap property |
No |
Required property |
No |
Restart required |
No |
Local configuration file |
|
AM console |
Tab: Title: Legacy title: |