grant_url = {{ getenv "GRANT_URL" }}
client_id = {{ getenv "CLIENT_ID" }}
client_secret = {{ getenv "CLIENT_SECRET" }}
introspection_url = {{ getenv "INTROSPECTION_URL" }}
introspection_mode = {{ getenv "INTROSPECTION_MODE" "post" }}
username_attribute = username
tls_ca_cert_file = /etc/ssl/certs/ca-certificates.crt
use_grant_password = yes
pass_attrs = host=127.0.0.1 proxy=y proxy_mech=xoauth2 pass=%{oauth2:access_token}