This topic contains 3 replies, has 3 voices, and was last updated by Profile photo of Peter Major Peter Major 4 months ago.

  • Author
    Posts
  • #16358
    Profile photo of arathiforgerock arathiforgerock 
    Participant

    Hi,
    I have a requirement in which I am supposed to be developing an OIDC http module which serves as a relying party for OpenAM that acts as the OAuth2 provider.
    While researching a little on the same, I found that there is already an existing Ping’s OIDC http module which can be configured with OpenAM. If I am using this, I need to register the Ping module as OAuth2 agent in OAuth2 provider by creating an agent profile as mentioned in this link https://wikis.forgerock.org/confluence/display/openam/Configure+OpenAM+to+use+Ping's+OIDC+Apache+Module

    I would like to know if instead of having a Oauth2 client agent profile on OP, is it possible to write a wrapper for the same in Java without having to create the client in OP. If this is possible, could you please help me with some pointers to the same as I am new to development of plugins.

    Any help is appreciated.

    Thanks
    Arathi

    #16403
    Profile photo of Peter Major Peter Major 
    Moderator

    The client must be registered with OpenAM, otherwise OpenAM acting as an OAuth2 provider would not be able to determine the scopes associated with the client (or redirect_uri values for that matter). You can’t really get around that.

    #16409
    Profile photo of venugopalarathi venugopalarathi 
    Participant

    @peter-major

    Thanks a lot Peter. Thus in order to register the client with OpenAM action as OAuth2 provider, instead of doing the same from console wizard, I want to check if we can develop a custom java code for the same registration of the client.

    #16425
    Profile photo of Peter Major Peter Major 
    Moderator

    For OIDC you can register clients dynamically:
    https://backstage.forgerock.com/docs/openam/13.5/admin-guide#register-openid-connect-client-dynamic
    For plain OAuth2 there are other endpoints to similar effects. Those should be documented as well…

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.

©2017 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?