X509 Certificate Matching Attribute
*Added In:** 2010242156
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: true - returned: default - type: string - uniqueness: none
Fallback on CRL Validation if OCSP fails.
*Added In:** 2010242156
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
Set to true to enable CRL Validation
*Added In:** 2010242156
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
CRL Location URL
*Added In:** 2010242156
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
Fetch the CRL contents every X minutes
*Added In:** 2010242156
*SCIM++ Properties:** - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: integer - uniqueness: none Note: Numbers greater than Number.MAX_SAFE_INTEGER will result in rounding issues.
Set to true to enable EKU Validation
*Added In:** 2304270343
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
List of EKU which needs to be validated
*Added In:** 2304270343
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: true - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
*Added In:** 2010242156
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
Describes if the OCSP response is signed
*Added In:** 2010242156
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
Set to true to enable OCSP Validation
*Added In:** 2010242156
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none
This property specifies OCSP Responder URL.
*Added In:** 2010242156
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
Revalidate OCSP status for user after X hours
*Added In:** 2010242156
*SCIM++ Properties:** - idcsMaxValue: 24 - idcsMinValue: 0 - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: integer - uniqueness: none Note: Numbers greater than Number.MAX_SAFE_INTEGER will result in rounding issues.
This property specifies the OCSP Server alias name
*Added In:** 2010242156
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
OCSP Trusted Certificate Chain
*Added In:** 2010242156
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: true - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
Check for specific conditions of other certificate attributes
*Added In:** 2010242156
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none
Certificate alias list to create a chain for the incoming client certificate
*Added In:** 2010242156
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: true - mutability: readWrite - required: true - returned: default - type: string - uniqueness: none
This property specifies the userstore attribute value that must match the incoming certificate attribute.
*Added In:** 2010242156
*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: true - returned: default - type: string - uniqueness: none
X509 Identity Provider Extension Schema