Setting idp.oidc.encryptionOptional

[Cantor, Scott]

On 6/29/22, 10:39 AM, "users on behalf of Silke Meyer" <users-bounces at shibboleth.net on behalf of smeyer at dfn.de> wrote:

>    Could you please provide some guidance on how to use it?

Same way as the SAML equivalent, but it defaults to true because the older plugin was hardwired that way. I added the option so that it's possible to block issuing unencrypted ID or UserInfo tokens. There's a separate property for JWT access tokens.

-- Scott