OpenIG deployment scenario…

Tagged: 

This topic has 1 reply, 2 voices, and was last updated 5 years, 6 months ago by Joachim Andres.

  • Author
    Posts
  • #15595
     ManjunaikHNS
    Participant

    HI,
    Can OpenIG be deployed independently? Does OpenIG require any data store (like OpenDJ.. etc)?
    We have a usecase where we have some systems deployed where user identities sitting in cloud in Salesforce.
    We want to create a mobile app where user logs in to salesforce and then App calls up our back end ESB…

    To achieve the above use case, what would be the minimum forgeRock component required. How this can be achieved? Can you please elaborate?
    Regards,
    Manjunath

    #15602
     Joachim Andres
    Participant

    Hi Manjunath,

    The upcoming Identity Gateway 5.0 release does have support for this scenario. You just configure Salesforce as the OpenID Connect provider within an OAuth2ClientFilter.

    Here’s a sample (note that it is with the upcoming release) :

    
    {
            "type" : "OAuth2ClientFilter",
            "name" : "OAuth2Client",
            "config" : {
              "clientEndpoint" : "/home",
              "failureHandler" : {
                "type" : "StaticResponseHandler",
                "config" : {
                  "status" : 500,
                  "reason" : "Error",
                  "entity" : "${attributes.openid}"
                }
              },
              "captureWithEntity" : [ "request", "response" ],
              "registrations" : [ {
                "name" : "oidc-user-info-client",
                "captureWithEntity" : [ "request", "response" ],
                "type" : "ClientRegistration",
                "config" : {
                  "clientId" : "<your_client_id>",
                  "clientSecret" : "<your_client_secret>",
                  "issuer" : {
                    "name" : "https://login.salesforce.com",
                    "captureWithEntity" : [ "request", "response" ],
                    "type" : "Issuer",
                    "config" : {
                      "captureWithEntity" : [ "request", "response" ],
                      "wellKnownEndpoint" : "https://login.salesforce.com/.well-known/openid-configuration"
                    }
                  },
                  "scopes" : [ "openid", "email", "profile" ],
                  "captureWithEntity" : [ "request", "response" ],
                  "tokenEndpointUseBasicAuth" : false
                }
              } ],
              "requireHttps" : false
            }
    }
    

    Cheers,
    Joachim

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?