webMethods 10.2 | Integration Server Administrator's Guide | Configuring OAuth | Using an External Authorization Server | Creating an External Authorization Server Alias
 
Creating an External Authorization Server Alias
If you want an Integration Server functioning as a resource server to use a third party server as the authorization server, you must create an external authorization server alias.
* To create an external authorization server alias
1. Open the Integration Server Administrator if it is not already open.
2. In the Security menu of the Navigational Panel, click OAuth.
3. Click Add External Authorization Server.
4. Under External Authorization Server Settings, provide the following information.
In this field...
Specify...
Name
Alias for the external authorization server. The following characters are prohibited: ? [ ] / \ = + < > : ; " , * | ^ @
Introspection Endpoint
The URL of the introspection endpoint for the external authorization server. Integration Server uses the introspection endpoint to check that access tokens used in client requests are currently active.
Client Id
The ID of the user account that Integration Server uses when sending requests to the introspection endpoint of the external authorization server.
Client Secret
The password for the user account that Integration Server uses when sending requests to the introspection endpoint of the external authorization server.
User
The Integration Server user account that Integration Server uses to execute the client request. If the client is requesting a service, this is the user account that Integration Server uses to execute the service, which occurs after Integration Server calls the introspection endpoint. If the client is requesting a file, this is the user account that Integration Server uses to access the file.
The User value is used only if the introspection endpoint of the external authorization server indicates that the access token is currently active.
Click to search for and select your user. A user can be selected from the local or central directory.
Keystore Alias (optional)
The alias of the keystore on Integration Server  that holds the digital certificate that Integration Server sends to the external authorization server during the mutual (two-way) SSL handshake. You need to select a keystore alias only when the client account on the external authorization server is configured to use mutual (two-way) SSL.
Key Alias (Optional)
The alias of the Integration Server private key and associated digital certificate that Integration Server sends to the external authorization server during the mutual (two-way) SSL handshake. You need to select a key alias only when the client account on the external authorization server is configured to use mutual (two-way) SSL.
Truststore Alias (Optional)
The alias of the truststore on Integration Server that holds the Certificate Authority (CA) certificate of the external authorization server. You need to select a truststore alias only when the client account on the external authorization server is configured to use mutual (two-way) SSL.
5. Click Save Changes.
Integration Server Administrator displays the new external authorization server alias under External Authorization Servers on the Security > OAuth page.

Copyright © 2017-2018 | Software AG, Darmstadt, Germany and/or Software AG USA, Inc., Reston, VA, USA, and/or its subsidiaries and/or its affiliates and/or their licensors.
Innovation Release