Interface DestinationFetchOptions

The verification keys are cached if set to true.

Option to enable/disable the IAS token to XSUAA token exchange.

The isolation strategy used for caching destinations. For the available options, see IsolationStrategy. By default, 'tenant-user' is set.

This property is only considered in case no jwt is provided. It is meant for situations where you do not have a token e.g. background processes. The value for iss is the issuer field of a JWT e.g. https://.localhost:8080/uaa/oauth/token.

ATTENTION: If this property is used, no validation of the provided subdomain value is done. This is differs from how the jwt is handled. So be careful that the used value is not manipulated and breaks the tenant isolation of your application.

The user token of the current request.

ATTENTION: The property is mandatory in the following cases:

• User-dependent authentication flow is used, e.g., OAuth2UserTokenExchange, OAuth2JWTBearer, OAuth2SAMLBearerAssertion, SAMLAssertion or PrincipalPropagation.
• Multi-tenant scenarios with destinations maintained in the subscriber account. This case is implied if the selectionStrategy is set to alwaysSubscriber.

The token is used to request an access token from an OAuth server. The value is mandatory for authentication type OAuth2RefreshToken and is ignored for other authentication types. The value must be provided in a refresh token format.

See

https://datatracker.ietf.org/doc/html/rfc6749#section-6.

The call to destination/{name} sometimes also performs a token exchange. Such calls can be flaky due to an unstable token exchange endpoint. This parameter enables 3 retries on the destination by name calls. By default, the retry is disabled.

Method that implements the selection strategy of the retrieved destination. Uses subscriberFirst per default. Use the selector helper DestinationSelectionStrategies to select the appropriate selection strategy.

A boolean value that indicates whether to read destinations from cache.