A virtual security domain definition.
| Name | Dynamic | Other provider points |
|---|---|---|
| org.wildfly.security.virtual-security-domain | true | none |
| Attribute | Value |
|---|---|
| Default Value | OIDC |
| Type | STRING |
| Nillable | true |
| Expressions Allowed | false |
| Storage | configuration |
| Access Type | read-write |
| Restart Required | no-services |
| Allowed Values | OIDC MP-JWT |
| Attribute | Value |
|---|---|
| Default Value | false |
| Type | BOOLEAN |
| Nillable | true |
| Expressions Allowed | true |
| Storage | configuration |
| Access Type | read-write |
| Restart Required | resource-services |
| Attribute | Value |
|---|---|
| Capability reference | |
| Type | LIST |
| Nillable | true |
| Expressions Allowed | false |
| Storage | configuration |
| Access Type | read-write |
| Restart Required | resource-services |
| Request Parameter | Type | Required | Expressions Allowed | Default value | Description |
|---|---|---|---|---|---|
| auth-method | STRING | false | false | OIDC | The authentication mechanism that will be used with the virtual security domain. Allowed values: 'OIDC', 'MP-JWT'. The default value is 'OIDC'. |
| outflow-anonymous | BOOLEAN | false | true | false | When outflowing to a security domain, if outflow is not possible, should the anonymous identity be used? Outflow to a security domain might not be possible if the domain does not trust this domain or if the identity being outflowed to a domain does not exist in that domain. Outflowing anonymous has the effect of clearing any identity already established for that domain. |
| outflow-security-domains | LIST | false | false | The list of security domains that the security identity from this virtual domain should automatically outflow to. |