UMA Config for Custom Client - umaAatClientJksPassword

By: Theodore Sands user 25 Oct 2016 at 3:33 p.m. CDT

3 Responses
Theodore Sands gravatar
I am developing my own .NET client. There are several initial pieces of information needed in order to access the UMA endpoints. I think I've figured out what I need for the AAT Client ID and the JKS file path. But, I don't know where to get the AAT JKS password. In my oxtrust-config.json, I see the following lines: ``` "umaIssuer":"https://<domain>", "umaClientId":"@!2C4D.3018.E45E.862E!0001!AAE9.C5B1!0008!AF29.AB1B", "umaClientKeyId":"", "umaResourceId":"1447184268430", "umaScope":"https://<domain>/oxauth/seam/resource/restv1/uma/scopes/scim_access", ``` I have removed the actual domain. I don't have the umaClientKeyStoreFile or umaClientKeyStorePassword parameters included in that file. In the setup.properties.last file, I have scim_rs_client_base64_jwks and scim_rp_client_base64_jwks variables. Are one of these what what I want?
U1404
closed

Answers

By Michael Schwartz Account Admin 25 Oct 2016 at 4:30 p.m. CDT

Copy
Michael Schwartz gravatar
Take a look in `/install/community-edition-setup/setup.properties.last`

By Theodore Sands user 25 Oct 2016 at 4:52 p.m. CDT

Copy
Theodore Sands gravatar
I have looked in there. My question is which property should be the password in which I am interested? I see several candidates: - scim_rs_client_base64_jwks - scim_rp_client_base64_jwks - asimbaJksPass - shibJksPass If I don't have the umaClientKeyStoreFile or umaClientKeyStorePassword in my oxtrust_config file, does that mean I may not have set up UMA? Ted

By Theodore Sands user 25 Oct 2016 at 9:13 p.m. CDT

Copy
Theodore Sands gravatar
I may have answered my own question but if you could verify it, that would be great: In 2.4.4, the scim_rp.jkp file is encrypted/hashed with that password. In 2.4.3 (the version I am currently running), the scim-rp-openid-keys.json file with that information is plain text so a password isn't necessary.

Post an answer