OAuth 2.0 provider system properties
When configuring Bitbucket as an OAuth 2.0 provider (incoming link), you can use these system properties.
atlassian.oauth2.provider.enable.access.tokens | |
---|---|
Default | true |
Description | Disables the ability to authenticate using access tokens for that node. |
atlassian.oauth2.provider.skip.base.url.https.requirement | |
Default | false |
Description | Disables the HTTPS requirement for the base URL. If this is disabled, the OAuth 2.0 provider will be enabled even if the product is using HTTP. |
atlassian.oauth2.provider.skip.redirect.url.https.requirement | |
Default | false |
Description | Disables the HTTPS requirement for the Redirect URL. If this is disabled, the OAuth 2.0 provider will allow Redirect URLs using HTTP. |
atlassian.oauth2.provider.max.lock.timeout.seconds | |
Default | 10 |
Description | Number of seconds a request will await lock access before timing out. |
atlassian.oauth2.provider.max.client.delay.seconds | |
Default | 10 |
Description | Max lifetime of authorization codes (seconds). The limit is 600 seconds. |
atlassian.oauth2.provider.prune.expired.authorizations.schedule | |
Default | * * * * * ? |
Description | Cron expression for a job that removes expired authorization codes. Default is 1 minute. |
atlassian.oauth2.provider.access.token.expiration.seconds | |
Default | 3600 (1 hour) |
Description | Max lifetime of access tokens (seconds). |
atlassian.oauth2.provider.prune.expired.tokens.schedule | |
Default | * * * * * ? |
Description | Cron expression for a job that removes expired access tokens. Default is 1 minute. |
atlassian.oauth2.provider.access.token.expiration.seconds | |
Default | 7776000 (90 days) |
Description | Max lifetime of refresh tokens (seconds). |
atlassian.oauth2.provider.invalidate.session.enabled | |
Default | true |
Description | Invalidates a session after a successful authentication using an OAuth token. |
atlassian.oauth2.provider.validate.client.secret | |
Default | true |
Description | Validates the client ID and client secret when revoking and creating tokens. |
atlassian.oauth2.provider.use.quotes.in.sql | |
Default | false |
Description | Controls whether to add quotes to SQL statements. This is a sanity system property used for database requirements. PostgreSQL will always use quotes unless the |
atlassian.oauth2.provider.do.not.use.quotes.in.sql | |
Default | false |
Description | Controls whether to add quotes to SQL statements. This is a sanity system property used for database requirements. |
atlassian.oauth2.provider.token.via.basic.authentication | |
Default | true |
Description | Enables extracting tokens through the basic authentication password field for access token authentication. |
Last modified on Mar 7, 2023
Powered by Confluence and Scroll Viewport.