CLIENT_SECRET_ID

Specifies the OAuth2 secret ID provided by the the Identity Provider providing Single sign-on authentication.

Syntax

<CLIENT_SECRET_ID>id</CLIENT_SECRET_ID>
  1. id specifies a secret shared by the registered application and the Identity Provider for the client.

The CLIENT_SECRET_ID element is mandatory and it does not support any attributes.

Child elements

There are no child elements.

Usage

The CLIENT_SECRET_ID is the equivalent of the application's password provided by the Identity Provider when the application is registered. It is used in tandem with the CLIENT_PUBLIC_ID in the application configuration DELEGATE element.

The CLIENT_SECRET_ID must be handled with care. Make sure that it is never made public in mobile or browser-based clients.

Usage example in an application xcf file

# ...
  <EXECUTION>
    <PATH>$(res.path.qa)/applications/myapp</PATH>
    <MODULE>App.42r</MODULE>
    <DELEGATE service="services/OpenIDConnectServiceProvider"> 
       <IDP>https://accounts.myOIDCIdp.com</IDP>    
       <CLIENT_PUBLIC_ID>XXXXXXXX.apps.myOIDCIdpusercontent.com</CLIENT_PUBLIC_ID>
       <CLIENT_SECRET_ID>XXXXXX-XXXXXX</CLIENT_SECRET_ID>        
    </DELEGATE>
  </EXECUTION>
 # ...

Parent elements

This element is a child of DELEGATE.