Very basic TIP based default configuration YAML, to be expanded if needed. Implementation already handle all cases

templates/tip.yaml.j2

@@ -0,0 +1,55 @@
+tip:
+  fallback_issuer_unknown_token_issuer:
+    issuer_url: {{ proxy_introspection_issuer }}
+#    introspection_endpoint: https://issuer.example.com/introspect
+    client_id: {{ proxy_introspection_client_id }}
+    client_secret: {{ proxy_introspection_client_secret }}
+# this part is not configured but is supported in the custom introspection provider
+#    drop_claims:
+#      - todrop1
+#      - todrop2
+#    claim_renaming:
+#      weird_groups: groups
+#      bad_username: username
+#    claim_mapping:
+#      strings:
+#        sub:
+#          one-sub: other-sub
+#      string_arrays:
+#        super-entitlements:
+#          hpc:
+#            - compute
+#        weird_groups:
+#          all-users:
+#            - users
+#          special-users:
+#            - admins
+#            - dev
+  fallback_issuer_unsupported_token_issuer:
+# Not configured bu the synatx is the same of the 'fallback_issuer_unknown_token_issuer'
+  remote_issuers:
+    - issuer_url: {{ proxy_introspection_issuer }}
+ #     introspection_endpoint: https://issuer.example.com/introspect
+      client_id: {{ proxy_introspection_client_id }}
+      client_secret: {{ proxy_introspection_client_secret }}
+# this part is not configured but is supported in the custom introspection provider
+#      drop_claims:
+#        - todrop1
+#        - todrop2
+#      claim_renaming:
+#        weird_groups: groups
+#        user_id: username
+#      claim_mapping:
+#        strings:
+#          sub:
+#            one-sub: other-sub
+#        string_arrays:
+#          entitlements:
+#            hpc:
+#              - compute
+#          weird_groups:
+#            all-users:
+#              - users
+#            special-users:
+#              - admins
+#              - dev