The is used to define OAuth2 authorization using an introspection (RFC7662) compliant authorization server. ds-cfg-http-oauth2-token-introspection-authorization-mechanism ds-cfg-http-oauth2-authorization-mechanism org.opends.server.protocols.http.authz.HttpOAuth2TokenIntrospectionAuthorizationMechanism Specifies the JSON pointer to the value to use as Authorization ID. The JSON pointer is applied to the resolved access token JSON document. (example: sub) Defines the token introspection endpoint URL where the access-token resolution request should be sent. (example: http://example.com/introspect) ds-cfg-oauth2-token-introspection-url Client's ID to use during the HTTP basic authentication against the authorization server. ds-cfg-oauth2-token-introspection-client-id Client's secret to use during the HTTP basic authentication against the authorization server. ds-cfg-oauth2-token-introspection-client-secret Specifies the name of the key manager that should be used with this . Changes to this property take effect immediately, but only for subsequent requests to the authorization server. The referenced key manager provider must be enabled. ds-cfg-key-manager-provider Specifies the name of the trust manager that should be used when negotiating SSL connections with the remote authorization server. Changes to this property take effect immediately, but only impact subsequent SSL connection negotiations. By default, no trust manager is specified indicating that only certificates signed by the authorities associated with this JVM will be accepted. The referenced trust manager provider must be enabled when SSL is enabled. ds-cfg-trust-manager-provider