External Auth Servers define an oAuth Server which is not managed by CYM-Identity - for example, the Salesforce Identity Authorizatin Servers, box.com, Google Identity, ....
You define an External Auth Server in order to federate Application identity across security domains. Similar to User Identity Federation, federating application identity allows you to have a centralized place for integration, control and monitoring. Instead of having each application integrating with Google Identity, you integrate the Google Identity Auth Server with CYM-Identity, and then you federate its application identity through CYM-Identity
You can read more here
External Auth Servers are just the first part, the second part is External Clients

General Settings

NameYesThe External Auth Server Name used in the UI
TokenEndpoint__cYesThe token_endpoint URL of the Authorization Server. The domain must be enabled in the Remote Site Settings of your org
Plugin__cYesThe plugin handler of to be used during the token requests
Audience__cNoThe audience value to be used in JWT Bearer token flows
AccessTokenExpirationTime__cNoIn case the External Auth Server does not return token expiration time, you can define a default value here

Plugin Handler

CYM-Identity provides two Plugin handlers for External Auth Servers


This Plugin handler is specifically created to manage the token requests with your Salesforce Community.


This Plugin handler is manages the token requests with standard auth servers which support client_crendetials and jwt_bearer_token flows.