Overview (Connect2id Server SDK 4.4 API)

Packages
Package	Description
com.nimbusds.openid.connect.provider.spi	Common SPI classes.
com.nimbusds.openid.connect.provider.spi.claims	OpenID Connect claims source SPIs.
com.nimbusds.openid.connect.provider.spi.config	Configuration related SPIs.
com.nimbusds.openid.connect.provider.spi.crypto	Cryptographic services exposed by the Connect2id server to selected SPIs.
com.nimbusds.openid.connect.provider.spi.events	Event listener SPIs.
com.nimbusds.openid.connect.provider.spi.grants	OAuth 2.0 authorisation grant handler SPIs.
com.nimbusds.openid.connect.provider.spi.reg	Client / relying party registration SPIs.
com.nimbusds.openid.connect.provider.spi.tokens	Token generation, encoding and decoding SPIs.
com.nimbusds.openid.connect.provider.spi.tokens.introspection	OAuth 2.0 token introspection related SPI.

Toolkit for developing Connect2id Server connectors and extensions

Java Service Provider Interface (SPI) for sourcing OpenID Connect claims about a subject (end-user), such as email, name, phone number and address. Used by the Connect2id Server in its OpenID Connect Provider (OP) role to aggregate claims from one or more sources (LDAP, RDMBS, etc).
SPI for handling resource owner password credential grants (see RFC 6749, section 4.3). Used by the Connect2id Server to delegate validation of the submitted username / password and authorisation for the requested token.
SPI for handling client credential grants (see RFC 6749, section 4.4). Used by the Connect2id Server to delegate authorisation for the requested token.
SPI for handling client-issued (self-issued) JWT bearer assertion grants (see RFC 7523, section 2.1). Used by the Connect2id server to delegate authorisation for the requested token.
SPI for handling third-party issued JWT bearer assertion grants (see RFC 7523, section 2.1). Used by the Connect2id server to delegate validation of the JWT and authorisation for the requested token.
SPI for handling client-issued (self-issued) SAML 2.0 bearer assertion grants (see RFC 7522, section 2.1). Used by the Connect2id server to delegate authorisation for the requested token.
SPI for handling third-party issued SAML 2.0 bearer assertion grants (see RFC 7522, section 2.1). Used by the Connect2id server to delegate validation of the SAML 2.0 assertion and authorisation for the requested token.
SPI for sourcing Java properties to be merged into the system properties at Connect2id server startup. Can be used to override selected or all Connect2id server configuration properties.
SPIs for listening to ID and access token issue events.
SPI for encoding and decoding authorisations for self-contained access tokens into JWT claims sets.
SPI for generating and decoding identifier-based access tokens.
SPI for shaping token introspection responses (RFC 7662, section 2.2). May be used to return only scopes specific to the requesting protected resource, in order to prevent leaking of authorisation information when issuing tokens for multiple resources.
SPI for performing additional validation of metadata of OAuth 2.0 clients and OpenID Connect relying parties during registration (initial and update).

Download

Official releases of the Connect2id Server toolkit are pushed to Maven Central under

GroupId: com.nimbusds

ArtifactId: c2id-server-sdk

These include the library’s source code, compiled JAR and JavaDocs.

To add the SDK to your Maven project use the following template:

<dependency>
    <groupId>com.nimbusds</groupId>
    <artifactId>c2id-server-sdk</artifactId>
    <version>[version]</version>
</dependency>

where [version] should match the expected by the particular Connect2id Server version you're running.

Questions or comments?

Email [email protected]