grant_url = {{ getenv "GRANT_URL" }}
client_id = {{ getenv "CLIENT_ID" }}
client_secret = {{ getenv "CLIENT_SECRET" }}
tokeninfo_url = {{ getenv "TOKENINFO_URL" }}
introspection_url = {{ getenv "INTROSPECTION_URL" }}
introspection_mode = {{ getenv "INTROSPECTION_MODE" "post" }}
username_attribute = username
tls_ca_cert_file = /etc/ssl/certs/ca-certificates.crt
use_grant_password = no
pass_attrs = pass=%{oauth2:access_token}