Setting idp.oidc.encryptionOptional

Cantor, Scott cantor.2 at
Wed Jun 29 14:50:17 UTC 2022

On 6/29/22, 10:39 AM, "users on behalf of Silke Meyer" <users-bounces at on behalf of smeyer at> wrote:

>    Could you please provide some guidance on how to use it?

Same way as the SAML equivalent, but it defaults to true because the older plugin was hardwired that way. I added the option so that it's possible to block issuing unencrypted ID or UserInfo tokens. There's a separate property for JWT access tokens.

-- Scott

More information about the users mailing list