Deploy/CDK Reference of GS2-Account
The template format used when creating stacks with GS2-Deploy, and implementation examples of template output in various languages using CDK
Entity
Resources operated in Deploy process
Namespace
Namespace
A namespace is a mechanism that allows multiple uses of the same service for different purposes within a single project. Each GS2 service is managed on a per namespace basis. Even when using the same service, if the namespace differs, the data is treated as a completely independent data space.
Therefore, you must create a namespace before you can start using each service.
Request
Resource generation request
| Type | Condition | Required | Default | Value Limits | Description | |
|---|---|---|---|---|---|---|
| name | string | ✓ | ~ 128 chars | Namespace name Namespace-specific name. Specified using alphanumeric characters, hyphens (-), underscores (_), and periods (.). | ||
| description | string | ~ 1024 chars | Description | |||
| transactionSetting | TransactionSetting | Transaction settings | ||||
| changePasswordIfTakeOver | bool | ✓ | false | Whether to change the password when taking over the account Specifies whether to change the password when taking over the account. This setting allows you to restrict logins from the device before the takeover after the takeover is performed. | ||
| differentUserIdForLoginAndDataRetention | bool | ✓ | false | Whether to use different user IDs for login and data retention Specifies whether to use different user IDs for login and data retention. This setting may allow the platform to meet the privacy requirements set by the platform with less effort. *This parameter can only be set when creating a namespace. | ||
| createAccountScript | ScriptSetting | Script to run when creating an account Used to implement custom logic for creating an account. | ||||
| authenticationScript | ScriptSetting | Script to run when authenticated Used to implement custom logic for authentication. | ||||
| createTakeOverScript | ScriptSetting | Script to run when creating a takeover If you want to give a reward when you register takeover information for the first time, you can use this to add custom logic to increase the GS2-Mission counter. | ||||
| doTakeOverScript | ScriptSetting | Script to run when taking over Used to implement custom logic for taking over. | ||||
| banScript | ScriptSetting | Script to run when adding account BAN information | ||||
| unBanScript | ScriptSetting | Script to run when removing account BAN information | ||||
| logSetting | LogSetting | Log output settings Manages log output settings. This type holds the GS2-Log namespace information used to output log data. |
GetAttr
Generation results of resources that can be obtained with the !GetAttr tag
| Type | Description | |
|---|---|---|
| Item | Namespace | Namespace created |
Implementation Example
Type: GS2::Account::Namespace
Properties:
Name: namespace-0001
Description: null
TransactionSetting: null
ChangePasswordIfTakeOver: false
DifferentUserIdForLoginAndDataRetention: null
CreateAccountScript: null
AuthenticationScript: null
CreateTakeOverScript: null
DoTakeOverScript: null
BanScript: null
UnBanScript: null
LogSetting:
LoggingNamespaceId: grn:gs2:ap-northeast-1:YourOwnerId:log:namespace-0001import (
"github.com/gs2io/gs2-golang-cdk/core"
"github.com/gs2io/gs2-golang-cdk/account"
"github.com/openlyinc/pointy"
)
SampleStack := core.NewStack()
account.NewNamespace(
&SampleStack,
"namespace-0001",
account.NamespaceOptions{
ChangePasswordIfTakeOver: false,
LogSetting: &core.LogSetting{
LoggingNamespaceId: "grn:gs2:ap-northeast-1:YourOwnerId:log:namespace-0001",
},
},
)
println(SampleStack.Yaml()) // Generate Template
class SampleStack extends \Gs2Cdk\Core\Model\Stack
{
function __construct() {
parent::__construct();
new \Gs2Cdk\Account\Model\Namespace_(
stack: $this,
name: "namespace-0001",
options: new \Gs2Cdk\Account\Model\Options\NamespaceOptions(
changePasswordIfTakeOver: False,
logSetting: new \Gs2Cdk\Core\Model\LogSetting(
loggingNamespaceId: "grn:gs2:ap-northeast-1:YourOwnerId:log:namespace-0001"
)
)
);
}
}
print((new SampleStack())->yaml()); // Generate Template
class SampleStack extends io.gs2.cdk.core.model.Stack
{
public SampleStack() {
super();
new io.gs2.cdk.account.model.Namespace(
this,
"namespace-0001",
new io.gs2.cdk.account.model.options.NamespaceOptions()
.withChangePasswordIfTakeOver(false)
.withLogSetting(new io.gs2.cdk.core.model.LogSetting(
"grn:gs2:ap-northeast-1:YourOwnerId:log:namespace-0001"
))
);
}
}
System.out.println(new SampleStack().yaml()); // Generate Templatepublic class SampleStack : Gs2Cdk.Core.Model.Stack
{
public SampleStack() {
new Gs2Cdk.Gs2Account.Model.Namespace(
stack: this,
name: "namespace-0001",
options: new Gs2Cdk.Gs2Account.Model.Options.NamespaceOptions
{
changePasswordIfTakeOver = false,
logSetting = new Gs2Cdk.Core.Model.LogSetting(
loggingNamespaceId: "grn:gs2:ap-northeast-1:YourOwnerId:log:namespace-0001"
)
}
);
}
}
Debug.Log(new SampleStack().Yaml()); // Generate Templateimport core from "@/gs2cdk/core";
import account from "@/gs2cdk/account";
class SampleStack extends core.Stack
{
public constructor() {
super();
new account.model.Namespace(
this,
"namespace-0001",
{
changePasswordIfTakeOver: false,
logSetting: new core.LogSetting(
"grn:gs2:ap-northeast-1:YourOwnerId:log:namespace-0001"
)
}
);
}
}
console.log(new SampleStack().yaml()); // Generate Template
from gs2_cdk import Stack, core, account
class SampleStack(Stack):
def __init__(self):
super().__init__()
account.Namespace(
stack=self,
name='namespace-0001',
options=account.NamespaceOptions(
change_password_if_take_over=False,
log_setting=core.LogSetting(
logging_namespace_id='grn:gs2:ap-northeast-1:YourOwnerId:log:namespace-0001',
),
),
)
print(SampleStack().yaml()) # Generate TemplateTransactionSetting
Transaction settings
Transaction settings control how transactions are executed, their consistency, asynchronous processing, and conflict avoidance mechanisms. Combining features like AutoRun, AtomicCommit, asynchronous execution using GS2-Distributor, batch application of script results, and asynchronous acquisition actions via GS2-JobQueue enables robust transaction management tailored to game logic.
| Type | Condition | Required | Default | Value Limits | Description | |
|---|---|---|---|---|---|---|
| enableAutoRun | bool | ✓ | false | Whether to automatically execute issued transactions on the server side | ||
| enableAtomicCommit | bool | {enableAutoRun} == true | ✓* | false | Whether to commit the execution of transactions atomically * Required if enableAutoRun is true | |
| transactionUseDistributor | bool | {enableAtomicCommit} == true | ✓* | false | Whether to execute transactions asynchronously * Required if enableAtomicCommit is true | |
| commitScriptResultInUseDistributor | bool | {transactionUseDistributor} == true | ✓* | false | Whether to execute the commit processing of the script result asynchronously * Required if transactionUseDistributor is true | |
| acquireActionUseJobQueue | bool | {enableAtomicCommit} == true | ✓* | false | Whether to use GS2-JobQueue to execute the acquire action * Required if enableAtomicCommit is true | |
| distributorNamespaceId | string | ✓ | “grn:gs2:{region}:{ownerId}:distributor:default” | ~ 1024 chars | GS2-Distributor namespace GRN used for transaction execution | |
| queueNamespaceId | string | ✓ | “grn:gs2:{region}:{ownerId}:queue:default” | ~ 1024 chars | Namespace GRN in GS2-JobQueue used to run the transaction |
ScriptSetting
Script settings
In GS2, you can associate custom scripts with microservice events and execute them. This model holds the settings for triggering script execution.
There are two main ways to execute a script: synchronous execution and asynchronous execution. Synchronous execution blocks processing until the script has finished executing. Instead, you can use the script execution result to stop the execution of the API or to tamper with the result of the API.
In contrast, asynchronous execution does not block processing until the script has finished executing. Since the script result cannot be used to stop the API execution or modify the API response, asynchronous execution does not affect the API’s response flow. For this reason, asynchronous execution is generally recommended.
There are two types of asynchronous execution methods: GS2-Script and Amazon EventBridge. By using Amazon EventBridge, you can write processing in languages other than Lua.
| Type | Condition | Required | Default | Value Limits | Description | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| triggerScriptId | string | ~ 1024 chars | GS2-Script script GRN
for synchronous execution Must be specified in GRN format starting with “grn:gs2:”. | |||||||||||
| doneTriggerTargetType | String Enum enum { “none”, “gs2_script”, “aws” } | ✓ | “none” | How to execute asynchronous scripts Specifies the type of script to use for asynchronous execution. You can choose from “Do not use asynchronous execution scripts (none)”, “Use GS2-Script (gs2_script)”, and “Use Amazon EventBridge (aws)”.
| ||||||||||
| doneTriggerScriptId | string | {doneTriggerTargetType} == “gs2_script” | ~ 1024 chars | GS2-Script script GRN
for Asynchronous Execution Must be specified in GRN format starting with “grn:gs2:”. * Enabled if doneTriggerTargetType is “gs2_script” | ||||||||||
| doneTriggerQueueNamespaceId | string | {doneTriggerTargetType} == “gs2_script” | ~ 1024 chars | GS2-JobQueue namespace GRN
to execute asynchronous execution scripts If you want to execute asynchronous execution scripts via GS2-JobQueue instead of executing them directly, specify the GS2-JobQueue namespace GRN. There is little reason to use GS2-JobQueue, so you don’t need to specify it unless you have a specific reason. * Enabled if doneTriggerTargetType is “gs2_script” |
LogSetting
Log Export Settings
Manages log data export settings. This type holds the GS2-Log namespace identifier (Namespace ID) used to export log data. Specify the GS2-Log namespace where log data is collected and stored in the GRN format for the Log Namespace ID (loggingNamespaceId). Configuring this setting ensures that log data for API requests and responses occurring within the specified namespace is output to the target GS2-Log namespace. GS2-Log provides real-time logs that can be used for system monitoring, analysis, and debugging.
| Type | Condition | Required | Default | Value Limits | Description | |
|---|---|---|---|---|---|---|
| loggingNamespaceId | string | ✓ | ~ 1024 chars | GS2-Log namespace GRN
to output logs Must be specified in GRN format starting with “grn:gs2:”. |
CurrentModelMaster
Currently Active Takeover Type Model Master Data
Currently active master data describing the model definitions within the namespace. GS2 uses JSON format files for managing master data. By uploading these files, the master data settings are updated on the server.
To create JSON files, GS2 provides a master data editor within the management console. Additionally, you can create tools better suited for operating your game and export JSON files in the appropriate format.
Note
Please refer to Master Data Reference of GS2-Account for the JSON file format.Request
Resource generation request
| Type | Condition | Required | Default | Value Limits | Description | |||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| namespaceName | string | ✓ | ~ 128 chars | Namespace name Namespace-specific name. Specified using alphanumeric characters, hyphens (-), underscores (_), and periods (.). | ||||||||
| mode | String Enum enum { “direct”, “preUpload” } | ✓ | “direct” | Update mode
| ||||||||
| settings | string | {mode} == “direct” | ✓* | ~ 5242880 chars | Master Data * Required if mode is “direct” | |||||||
| uploadToken | string | {mode} == “preUpload” | ✓* | ~ 1024 chars | Token used to reflect results after upload * Required if mode is “preUpload” |
GetAttr
Generation results of resources that can be obtained with the !GetAttr tag
| Type | Description | |
|---|---|---|
| Item | CurrentModelMaster | Updated Currently Active Takeover Type Model Master Data |
Implementation Example
Type: GS2::Account::CurrentModelMaster
Properties:
NamespaceName: namespace-0001
Mode: direct
Settings: {
"version": "2024-07-30",
"takeOverTypeModels": [
{
"type": 0,
"openIdConnectSetting":
{
"configurationPath": "https://accounts.google.com/.well-known/openid-configuration",
"clientId": "695893071400-qelt0dsu8tkotl13psnq5d1ko7kki4sl.apps.googleusercontent.com",
"clientSecret": "secret"
},
"metadata": "Google"
},
{
"type": 1,
"openIdConnectSetting":
{
"configurationPath": "https://appleid.apple.com/.well-known/openid-configuration",
"clientId": "io.gs2.sample.auth",
"appleTeamId": "9LX9LA85H8",
"appleKeyId": "P937MLY6Z7",
"applePrivateKeyPem": "-----BEGIN PRIVATE KEY-----\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n-----END PRIVATE KEY-----"
},
"metadata": "Apple"
}
]
}
UploadToken: nullimport (
"github.com/gs2io/gs2-golang-cdk/core"
"github.com/gs2io/gs2-golang-cdk/account"
"github.com/openlyinc/pointy"
)
SampleStack := core.NewStack()
account.NewNamespace(
&SampleStack,
"namespace-0001",
account.NamespaceOptions{},
).MasterData(
[]account.TakeOverTypeModel{
account.NewTakeOverTypeModel(
0,
account.NewOpenIdConnectSetting(
"https://accounts.google.com/.well-known/openid-configuration",
"695893071400-qelt0dsu8tkotl13psnq5d1ko7kki4sl.apps.googleusercontent.com",
account.OpenIdConnectSettingOptions{
ClientSecret: pointy.String("secret"),
},
),
account.TakeOverTypeModelOptions{
Metadata: pointy.String("Google"),
},
),
account.NewTakeOverTypeModel(
1,
account.NewOpenIdConnectSetting(
"https://appleid.apple.com/.well-known/openid-configuration",
"io.gs2.sample.auth",
account.OpenIdConnectSettingOptions{
AppleTeamId: pointy.String("9LX9LA85H8"),
AppleKeyId: pointy.String("P937MLY6Z7"),
ApplePrivateKeyPem: pointy.String("-----BEGIN PRIVATE KEY-----\\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\\n-----END PRIVATE KEY-----"),
},
),
account.TakeOverTypeModelOptions{
Metadata: pointy.String("Apple"),
},
),
},
)
println(SampleStack.Yaml()) // Generate Template
class SampleStack extends \Gs2Cdk\Core\Model\Stack
{
function __construct() {
parent::__construct();
(new \Gs2Cdk\Account\Model\Namespace_(
stack: $this,
name: "namespace-0001"
))->masterData(
[
new \Gs2Cdk\Account\Model\TakeOverTypeModel(
type:0,
openIdConnectSetting:new \Gs2Cdk\Account\Model\OpenIdConnectSetting(
configurationPath: "https://accounts.google.com/.well-known/openid-configuration",
clientId: "695893071400-qelt0dsu8tkotl13psnq5d1ko7kki4sl.apps.googleusercontent.com",
options: new \Gs2Cdk\Account\Model\Options\OpenIdConnectSettingOptions(
clientSecret: "secret",
)
),
options: new \Gs2Cdk\Account\Model\Options\TakeOverTypeModelOptions(
metadata:"Google"
)
),
new \Gs2Cdk\Account\Model\TakeOverTypeModel(
type:1,
openIdConnectSetting:new \Gs2Cdk\Account\Model\OpenIdConnectSetting(
configurationPath: "https://appleid.apple.com/.well-known/openid-configuration",
clientId: "io.gs2.sample.auth",
options: new \Gs2Cdk\Account\Model\Options\OpenIdConnectSettingOptions(
appleTeamId: "9LX9LA85H8",
appleKeyId: "P937MLY6Z7",
applePrivateKeyPem: "-----BEGIN PRIVATE KEY-----\\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\\n-----END PRIVATE KEY-----",
)
),
options: new \Gs2Cdk\Account\Model\Options\TakeOverTypeModelOptions(
metadata:"Apple"
)
)
]
);
}
}
print((new SampleStack())->yaml()); // Generate Template
class SampleStack extends io.gs2.cdk.core.model.Stack
{
public SampleStack() {
super();
new io.gs2.cdk.account.model.Namespace(
this,
"namespace-0001"
).masterData(
Arrays.asList(
new io.gs2.cdk.account.model.TakeOverTypeModel(
0,
new io.gs2.cdk.account.model.OpenIdConnectSetting(
"https://accounts.google.com/.well-known/openid-configuration",
"695893071400-qelt0dsu8tkotl13psnq5d1ko7kki4sl.apps.googleusercontent.com",
new io.gs2.cdk.account.model.options.OpenIdConnectSettingOptions()
.withClientSecret("secret")
),
new io.gs2.cdk.account.model.options.TakeOverTypeModelOptions()
.withMetadata("Google")
),
new io.gs2.cdk.account.model.TakeOverTypeModel(
1,
new io.gs2.cdk.account.model.OpenIdConnectSetting(
"https://appleid.apple.com/.well-known/openid-configuration",
"io.gs2.sample.auth",
new io.gs2.cdk.account.model.options.OpenIdConnectSettingOptions()
.withAppleTeamId("9LX9LA85H8")
.withAppleKeyId("P937MLY6Z7")
.withApplePrivateKeyPem("-----BEGIN PRIVATE KEY-----\\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\\n-----END PRIVATE KEY-----")
),
new io.gs2.cdk.account.model.options.TakeOverTypeModelOptions()
.withMetadata("Apple")
)
)
);
}
}
System.out.println(new SampleStack().yaml()); // Generate Templatepublic class SampleStack : Gs2Cdk.Core.Model.Stack
{
public SampleStack() {
new Gs2Cdk.Gs2Account.Model.Namespace(
stack: this,
name: "namespace-0001"
).MasterData(
new Gs2Cdk.Gs2Account.Model.TakeOverTypeModel[] {
new Gs2Cdk.Gs2Account.Model.TakeOverTypeModel(
type: 0,
openIdConnectSetting: new Gs2Cdk.Gs2Account.Model.OpenIdConnectSetting(
configurationPath: "https://accounts.google.com/.well-known/openid-configuration",
clientId: "695893071400-qelt0dsu8tkotl13psnq5d1ko7kki4sl.apps.googleusercontent.com",
options: new Gs2Cdk.Gs2Account.Model.Options.OpenIdConnectSettingOptions
{
clientSecret = "secret"
}
),
options: new Gs2Cdk.Gs2Account.Model.Options.TakeOverTypeModelOptions
{
metadata = "Google"
}
),
new Gs2Cdk.Gs2Account.Model.TakeOverTypeModel(
type: 1,
openIdConnectSetting: new Gs2Cdk.Gs2Account.Model.OpenIdConnectSetting(
configurationPath: "https://appleid.apple.com/.well-known/openid-configuration",
clientId: "io.gs2.sample.auth",
options: new Gs2Cdk.Gs2Account.Model.Options.OpenIdConnectSettingOptions
{
appleTeamId = "9LX9LA85H8",
appleKeyId = "P937MLY6Z7",
applePrivateKeyPem = "-----BEGIN PRIVATE KEY-----\\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\\n-----END PRIVATE KEY-----"
}
),
options: new Gs2Cdk.Gs2Account.Model.Options.TakeOverTypeModelOptions
{
metadata = "Apple"
}
)
}
);
}
}
Debug.Log(new SampleStack().Yaml()); // Generate Templateimport core from "@/gs2cdk/core";
import account from "@/gs2cdk/account";
class SampleStack extends core.Stack
{
public constructor() {
super();
new account.model.Namespace(
this,
"namespace-0001",
).masterData(
[
new account.model.TakeOverTypeModel(
0,
new account.model.OpenIdConnectSetting(
"https://accounts.google.com/.well-known/openid-configuration",
"695893071400-qelt0dsu8tkotl13psnq5d1ko7kki4sl.apps.googleusercontent.com",
{
clientSecret: "secret"
}
),
{
metadata: "Google"
}
),
new account.model.TakeOverTypeModel(
1,
new account.model.OpenIdConnectSetting(
"https://appleid.apple.com/.well-known/openid-configuration",
"io.gs2.sample.auth",
{
appleTeamId: "9LX9LA85H8",
appleKeyId: "P937MLY6Z7",
applePrivateKeyPem: "-----BEGIN PRIVATE KEY-----\\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\\n-----END PRIVATE KEY-----"
}
),
{
metadata: "Apple"
}
)
]
);
}
}
console.log(new SampleStack().yaml()); // Generate Template
from gs2_cdk import Stack, core, account
class SampleStack(Stack):
def __init__(self):
super().__init__()
account.Namespace(
stack=self,
name="namespace-0001",
).master_data(
take_over_type_models=[
account.TakeOverTypeModel(
type=0,
open_id_connect_setting=account.OpenIdConnectSetting(
configuration_path='https://accounts.google.com/.well-known/openid-configuration',
client_id='695893071400-qelt0dsu8tkotl13psnq5d1ko7kki4sl.apps.googleusercontent.com',
options=account.OpenIdConnectSettingOptions(
client_secret='secret',
),
),
options=account.TakeOverTypeModelOptions(
metadata = 'Google'
),
),
account.TakeOverTypeModel(
type=1,
open_id_connect_setting=account.OpenIdConnectSetting(
configuration_path='https://appleid.apple.com/.well-known/openid-configuration',
client_id='io.gs2.sample.auth',
options=account.OpenIdConnectSettingOptions(
apple_team_id='9LX9LA85H8',
apple_key_id='P937MLY6Z7',
apple_private_key_pem='-----BEGIN PRIVATE KEY-----\\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\\n-----END PRIVATE KEY-----',
),
),
options=account.TakeOverTypeModelOptions(
metadata = 'Apple'
),
),
],
)
print(SampleStack().yaml()) # Generate TemplateTakeOverTypeModel
Takeover Type Model
This model defines takeover information.
Takeover Setting is information used when changing device models or moving/sharing accounts between platforms. It consists of a unique string of characters that identifies an individual and a password, the appropriate combination of which can be entered to obtain an Account (anonymous account).
Multiple takeover settings can be set up for one Account. To set up multiple takeover information, you must specify different slots for each. The number of slots can be from 0 to 1024, which means that a maximum of 1025 different takeover setting can be set.
For example, 0 can be used to store Twitter account information, 1 to store Sign in with Apple account information, and 2 to store Google account information. The following usage is assumed. This takeover setting is only a data holder, and the authentication mechanism with social accounts needs to be prepared separately.
| Type | Condition | Required | Default | Value Limits | Description | |
|---|---|---|---|---|---|---|
| takeOverTypeModelId | string | ✓* | ~ 1024 chars | Type of take-over model GRN * Automatically configured on the server | ||
| type | int | ✓ | 0 ~ 1024 | Slot Number | ||
| metadata | string | ~ 2048 chars | Metadata Arbitrary values can be set in the metadata. Since they do not affect GS2’s behavior, they can be used to store information used in the game. | |||
| openIdConnectSetting | OpenIdConnectSetting | ✓ | OpenID Connect Configuration |
OpenIdConnectSetting
OpenID Connect Configuration
By registering the settings of an OpenID Connect compliant IdP, you can use IdP integration as account transfer information.
| Type | Condition | Required | Default | Value Limits | Description | |
|---|---|---|---|---|---|---|
| configurationPath | string | ✓ | ~ 1024 chars | OpenID Connect Configuration URL | ||
| clientId | string | ✓ | ~ 1024 chars | Client ID | ||
| clientSecret | string | {configurationPath} != “https://appleid.apple.com/.well-known/openid-configuration” | ✓* | ~ 1024 chars | Client Secret * clientSecret is required when the configurationPath is not “https://appleid.apple.com/.well-known/openid-configuration", i.e., for other IdP integrations. | |
| appleTeamId | string | {configurationPath} == “https://appleid.apple.com/.well-known/openid-configuration” | ✓* | ~ 1024 chars | Team ID of Apple Developer * Required if configurationPath is “https://appleid.apple.com/.well-known/openid-configuration” | |
| appleKeyId | string | {configurationPath} == “https://appleid.apple.com/.well-known/openid-configuration” | ✓* | ~ 1024 chars | Key ID registered with Apple * Required if configurationPath is “https://appleid.apple.com/.well-known/openid-configuration” | |
| applePrivateKeyPem | string | {configurationPath} == “https://appleid.apple.com/.well-known/openid-configuration” | ✓* | ~ 10240 chars | Private Key received from Apple * Required if configurationPath is “https://appleid.apple.com/.well-known/openid-configuration” | |
| doneEndpointUrl | string | ~ 1024 chars | URL to transition to when authentication is complete If not specified, it will transition to /authorization/done. id_token is attached to the Query String. | |||
| additionalScopeValues | List<ScopeValue> | [] | 0 ~ 10 items | Additional scopes obtained with OpenId Connect | ||
| additionalReturnValues | List<string> | [] | 0 ~ 10 items | Additional return values obtained with OpenId Connect |
ScopeValue
Scope value
| Type | Condition | Required | Default | Value Limits | Description | |
|---|---|---|---|---|---|---|
| key | string | ✓ | ~ 64 chars | Name | ||
| value | string | ~ 51200 chars | Value |