KOBIL - Store AST Headers to Session
Overview
The main task of this execution is to retrieve the AST Client ID and Client Data from the header, store them in the session.
Type
| Protocol | OpenID Connect 1.0 |
|---|---|
| HTTP method | GET |
| Type | Browser Flow |
| Endpoint | Authorization Endpoint |
| Flow Supported | Authorization code flow Implicit flow Hybrid flow |
| Response | ID Token, Access Token, Refresh Token |
| Response Mode | query, form_post, fragment |
How to configure
To configure the authenticator, follow these steps
- Click on
Add step - Select KOBIL - Store AST Headers to Session authenticator from the list
- Mark the authenticator as Required
- Save the configuration.
Configuration
Parameters involved in Kobil-Store AST Headers to Session execution
| Parameter | Description |
|---|---|
| Alias | Name for the overall configured configurations which occurs in particular authenticator |
| Authenticator Reference | Authenticator Reference assigns a custom name to the authenticator, which is used in the AMR claim of the token when authentication is successful, provided the AMR protocol is enabled for the client. |
| Authenticator Reference Max Age | Authenticator Reference Max Age defines how long an authenticator's result remains valid in an SSO session, ensuring the AMR is only included in the token if authentication occurred within that time limit. |
| AST Client ID Optional | - Enable to make AST Client ID Optional for AST activation. - When the AST Client ID Optional setting is enabled, the AST Client ID header can be skipped during the flow invocation, as the IDP will automatically set a null ID if no header is passed before invoking the activation call. |
User Flow
This execution contains the following step:
- When the user executes the flow, the AST Client ID and Client Data from the header are saved in the session.