Skip to main content

oAuth2 Identity Provider

This section provides information about required Identity Provider configuration.

Overview

  • A Realm has to be available in the Identity Provider (IdP)

  • After authentication by the IdP a JWT token has to be provided

  • The jwt needs the following attributes:

    • "wallet_external_key": ["<the wallet uuid>"]
    • "given_name": "<given_name>"
    • "family_name": "<family name>"

  • An oAuth IdP client configuration for the frontend. The frontend container needs the following environment variables:

    IAM_URL: https://iam.credenco.com
    IAM_REALM: organization-wallet
    IAM_CLIENT_ID: organization-wallet-frontend

    OR

    When using the provided helm chart these setting can be configured in the values.yaml

    - configMap:
       environmentVars:
        IAM_URL: https://iam.credenco.com
        IAM_REALM: organization-wallet
        IAM_CLIENT_ID: organization-wallet-frontend

  • An oAuth client configuration for the backend The details must be provided as en environment variable or a ConfigMap setting.

  • Setting in configMap: spring.security.oauth2.resourceserver.jwt.issuer-uri: https://iam.credenco.com/realms/organization-wallet

    OR an evironment variable in the backend container: SPRING_SECURITY_OAUTH_2_RESOURCESERVER_JWT_ISSUERURI: https://iam.credenco.com/realms/organization-wallet

  • When using the provides helm charts:

    - configMap:
       spring.security.oauth2.resourceserver.jwt.issuer-uri: https://iam.acc.credenco.com/realms/organization-wallet