B.7.4 Authorization Properties

MicroTx supports authorization across participant services and coordinator by propagating the JWT token in every request. Use the authTokenPropagationEnabled field to control this function. Configure your identity providers to auto-refresh the expired access tokens at the coordinator.

Property	Description
enabled	Set this to true to enable MicroTx check the subject in the incoming JWT token. MicroTx then tags the subject or user against the transaction ID, and further changes to the transaction is allowed only by the tagged subject or user. If you set this field to false, you don't have to provide values for the other properties under tmmConfiguration.authorization. Caution: You must set this field to true in production environments.
authTokenPropagationEnabled	Set this to true to enable token propagation to ensure secure communication between participant services and MicroTx. When you enable token propagation, you must provide the details for the encryption keys under the encryption property in the tcs-docker-swarm.yaml file.
IdentityProviderName	Specify the identity provider that you are using. Permitted values are: IDCS for Oracle IDCS and Oracle IAM, KEYCLOAK for Keycloak, AZURE_AD for Azure Active Directory, and MICROSOFT_AD for Microsoft Active Directory.
IdentityProviderUrl	Specify the URL of the identity provider. This information is required to create a new access token by using the refresh token. If you do not provide this information, expired access tokens are not auto-refreshed.
IdentityProviderClientId	Specify the client ID of the identity provider. This information is required to create a new access token by using the refresh token. If you do not provide this information, expired access tokens are not auto-refreshed.