Early Preview
This is currently very much a preview. Please feel free to try things out,
but don't be upset if anything is not yet working. Feedback is welcome over on our
GitHub Dicussions page.
class Duende.IdentityServer.Configuration.MutualTlsOptions
Assembly: Duende.IdentityServer
Inheritance: object → MutualTlsOptions
Settings for Mutual TLS (mTLS) support, which enables certificate-bound tokens and X.509 client certificate authentication.
Properties
public
bool
Enabled
Gets or sets a value indicating whether Mutual TLS support is enabled. When disabled, mTLS endpoints and certificate-bound token
features are not available.
Remarks Defaults to <c>false</c> .
public
string
ClientCertificateAuthenticationScheme
Gets or sets the name of the ASP.NET Core authentication handler used to authenticate X.509 client
certificates.
Remarks Defaults to <c>"Certificate"</c> .
public
string
DomainName
Gets or sets a subdomain or full domain name on which the mTLS protocol endpoints are hosted.
When not set, mTLS endpoints use path-based routing under the main IdentityServer domain.
Remarks A value without dots (e.g., <c>"mtls"</c> ) is treated as a subdomain of the main
IdentityServer host. A value containing dots (e.g., <c>"identityserver-mtls.io"</c> ) is
treated as a fully qualified domain name. When a full domain name is used, the
<c>IssuerUri</c> must also be set to a fixed value.
public
bool
AlwaysEmitConfirmationClaim
Gets or sets a value indicating whether a <c>cnf</c> (confirmation) claim in access tokens is emitted whenever a client certificate
is present on the request, regardless of whether the certificate was used for client
authentication.
Remarks Defaults to <c>false</c> . When <c>false</c> , the <c>cnf</c> claim is only emitted when
the client authenticated using its certificate. Set to <c>true</c> to bind tokens to the
certificate even when another authentication method was used.
Methods
public
bool
Equals(object obj)
Inherited from object
protected
void
Finalize()
Inherited from object
public
int
GetHashCode()
Inherited from object
protected
object
MemberwiseClone()
Inherited from object
public
string
ToString()
Inherited from object