{{#hasMultitenancy}}
sidecar:
  expose:
    gateway: {{#literal}}"{{ .Release.Namespace }}/kyma-mtls-gateway"{{/literal}}
    host: {{#literal}}"{{ .Release.Name }}-sidecar-{{ .Release.Namespace }}.cert"{{/literal}}
  bindings:
    auth:
      serviceInstanceName: identity
      parameters:
        credential-type: X509_GENERATED
        app-identifier: mtx
{{/hasMultitenancy}}
{{#hasApprouter}}
approuter:
  expose:
    gateway: {{#literal}}"{{ .Release.Namespace }}/kyma-mtls-gateway"{{/literal}}
    host: {{#literal}}"{{ .Release.Name }}-approuter-{{ .Release.Namespace }}.cert"{{/literal}}
  bindings:
    auth:
      serviceInstanceName: identity
      parameters:
        credential-type: X509_GENERATED
        app-identifier: approuter
{{/hasApprouter}}
srv:
  expose:
    gateway: {{#literal}}"{{ .Release.Namespace }}/kyma-mtls-gateway"{{/literal}}
    host: {{#literal}}"{{ .Release.Name }}-srv-{{ .Release.Namespace }}.cert"{{/literal}}
  bindings:
    auth:
      serviceInstanceName: identity
      parameters:
        credential-type: X509_GENERATED
        app-identifier: srv

identity:
  serviceOfferingName: identity
  servicePlanName: application
  parameters:
    display-name: {{appName}}
    {{#hasMultitenancy}}
    multi-tenant: true
    {{/hasMultitenancy}}
    {{#hasXsuaa}}
    xsuaa-cross-consumption: true
    {{/hasXsuaa}}
    provided-apis:
      - name: {{appName}}-ias-api
        description: API exposed by the application
    oauth2-configuration:
      token-policy:
        access-token-format: "jwt"
    {{#hasApprouter}}
      redirect-uris:
        {{=<% %>=}}
        - https://*.{{ tpl .Values.global.domain . }}/**
        <%={{ }}=%>
      post-logout-redirect-uris:
        {{=<% %>=}}
        - https://*.{{ tpl .Values.global.domain . }}/*/logout.html
        <%={{ }}=%>
    {{/hasApprouter}}