Advanced Settings

Hello there!

Need Help? We are right here!

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Your Contact E-mail

What are you looking for

How can we help you?

Advanced Settings

User Creation

Advanced Setting Tab

Allow User Creation

Enabling this will allow you to create new users through SSO.

Directory for New User

After a successful SSO, if the user is not found in JIRA , a new user account will be created in the selected user directory.

Remote Directory Sync

The user details will be synced from the remote directory on successful SSO only if the user exists in the remote directory.

Request Parameters

Authorization Request Parameters

ACR Value

The ACR value parameter is used to request OpenID (OIDC) Provider to send additional information, which will be needed to determine the Level of Assurance of the user authentication.

State Parameter

The state parameter is used to protect against CSRF attack. The way to prevent CSRF in OAuth is to include a unique and non-guessable value in the authorization request that the client can verify in the response but that an attacker could not know. This unique and non-guessable value is the State Parameter. For some providers, sending this field in the request is optional but some providers don’t approve the request if a state parameter is not included. For the OpenID Providers supported by the add-on, this field is enabled by default.

Add Custom Parameters

It is used to add extra parameters which will be included in the authentication request.

For example :

Nonce

Nonce is a string value used to verify if a response is coming back from the same server to which the request had been sent. It associates a Client session with an ID Token, and to prevent replay attacks. A random nonce value is sent in the authentication request. This value is passed unmodified from the authentication request to the ID Token. If present in the ID Token, clients must verify that the nonce Claim Value is equal to the value of the nonce parameter sent in the authentication request. If present in the authentication request, authorization servers must include a nonce Claim in the ID Token with the claim value being the nonce value sent in the Authentication Request. Authorization Servers should perform no other processing on nonce values used. The nonce value is a case sensitive string

Response Validation

Public Key

A public key is a part of asymmetric cryptography. It is used to encrypt data and decrypt the signed data. Here you can fill this field with a public key provided by your OpenID (OIDC) Provider. The OpenID (OIDC) Providers send all the tokens by digitally signing them. So the public key is used to decrypt the signed tokens. The public key is used to confirm the identity of the OpenID (OIDC) Provider and to confirm that the token that has been received is unchanged.

JWKS EndPoint URL

The JSON Web Key Set (JWKS) is a set of keys containing the public keys used to verify any JSON Web Token (JWT) issued by the authorization server. OIDC providers send a signed JWT in the authorization response with the user information and the public keys provided by the JWKS endpoint are used to validate the JWT and allow that user to get a login.

Advanced Settings