Configure STS instances
You configure Security Token Service (STS) instances to perform one or more token transformations. Each instance provides configuration details about how SAML v2.0 and/or OIDC output tokens are encrypted or signed. Deployments that support multiple SAML v2.0 and/or OIDC service providers require multiple STS instances.
When you publish an STS instance, you create an STS instance with a given configuration. You can publish instances using the AM admin UI or the REST API.
When you publish an STS instance, AM exposes a REST endpoint for accessing the instance, and the instance is immediately available for use to callers.
Configure an STS instance in the UI
To configure an STS instance using the AM admin UI, go to Realms > Realm Name > STS, and click Add Rest STS.
Read STS configuration properties for detailed information about STS configuration properties.
Configure an STS instance over REST
To publish an STS instance programmatically, use the Publish service. This service is a collection of endpoints you can use to publish instances instead of accessing the AM admin UI.
Learn more in The Publish service.