Class MutualTlsOptions

Namespace

Duende.IdentityServer.Configuration

Assembly

Duende.IdentityServer.dll

Options for Mutual TLS features

public class MutualTlsOptions

Inheritance

object

MutualTlsOptions

Inherited Members

object.GetType()

object.MemberwiseClone()

object.ToString()

object.Equals(object)

object.Equals(object, object)

object.ReferenceEquals(object, object)

object.GetHashCode()

Constructors

MutualTlsOptions()

public MutualTlsOptions()

Properties

AlwaysEmitConfirmationClaim

Specifies whether a cnf claim gets emitted for access tokens if a client certificate was present. Normally the cnf claims only gets emitted if the client used the client certificate for authentication, setting this to true, will set the claim regardless of the authentication method. (defaults to false).

public bool AlwaysEmitConfirmationClaim { get; set; }

Property Value

bool

ClientCertificateAuthenticationScheme

Specifies the name of the authentication handler for X.509 client certificates

public string ClientCertificateAuthenticationScheme { get; set; }

Property Value

string

DomainName

Specifies a separate domain to run the MTLS endpoints on. If the string does not contain any dots, a subdomain is assumed - e.g. main domain: identityserver.local, MTLS domain: mtls.identityserver.local If the string contains dots, a completely separate domain is assumend, e.g. main domain: identity.app.com, MTLS domain: mtls.app.com. In this case you must set a static issuer name on the options.

public string? DomainName { get; set; }

Property Value

string

Enabled

Specifies if MTLS support should be enabled

public bool Enabled { get; set; }

Property Value

bool